Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Wie werde ich Incredibar los? (https://www.trojaner-board.de/118364-incredibar-los.html)

cosinus 12.07.2012 08:10
Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

mno7 12.07.2012 16:13
Code:
# AdwCleaner v1.701 - Logfile created 07/11/2012 at 16:48:42
# Updated 02/07/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Marius - MARIUS-PC
# Running from : C:\Users\Marius\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

Folder Deleted : C:\Users\Marius\AppData\LocalLow\Incredibar.com
Folder Deleted : C:\Program Files\Incredibar.com
Folder Deleted : C:\Program Files\Web Assistant
File Deleted : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\MyStart Search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb155?a=6R8x8XDHrF&i=26 --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\prefs.js

C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\user.js ... Deleted !

Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb155?a=6R8x8XDHrF&loc=FF_NT");
Deleted : user_pref("extensions.incredibar.admin", false);
Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar.cntry", "DE");
Deleted : user_pref("extensions.incredibar.dfltLng", "");
Deleted : user_pref("extensions.incredibar.dfltSrch", false);
Deleted : user_pref("extensions.incredibar.did", "10657");
Deleted : user_pref("extensions.incredibar.envrmnt", "production");
Deleted : user_pref("extensions.incredibar.excTlbr", false);
Deleted : user_pref("extensions.incredibar.hdrMd5", "D8240CD10457DF4A0EF8216C0CFA99BE");
Deleted : user_pref("extensions.incredibar.hmpg", false);
Deleted : user_pref("extensions.incredibar.id", "4a7b16bf000000000000001c26f1e699");
Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Deleted : user_pref("extensions.incredibar.instlDay", "15517");
Deleted : user_pref("extensions.incredibar.instlRef", "");
Deleted : user_pref("extensions.incredibar.isDcmntCmplt", true);
Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.148:20:35");
Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Deleted : user_pref("extensions.incredibar.newTab", false);
Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Deleted : user_pref("extensions.incredibar.ppd", "");
Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar.productid", "26");
Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar.sg", "none");
Deleted : user_pref("extensions.incredibar.smplGrp", "none");
Deleted : user_pref("extensions.incredibar.tlbrId", "base");
Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8x8XDHrF&loc=IB_T[...]
Deleted : user_pref("extensions.incredibar.upn2", "6R8x8XDHrF");
Deleted : user_pref("extensions.incredibar.upn2n", "92824600408533015");
Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.148:20:35");
Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Deleted : user_pref("extensions.incredibar_i.did", "10657");
Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Deleted : user_pref("extensions.incredibar_i.id", "4a7b16bf000000000000001c26f1e699");
Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Deleted : user_pref("extensions.incredibar_i.instlDay", "15517");
Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Deleted : user_pref("extensions.incredibar_i.newTab", false);
Deleted : user_pref("extensions.incredibar_i.ppd", "");
Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Deleted : user_pref("extensions.incredibar_i.productid", "26");
Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8x8XDHrF&loc=IB[...]
Deleted : user_pref("extensions.incredibar_i.upn2", "6R8x8XDHrF");
Deleted : user_pref("extensions.incredibar_i.upn2n", "92824600408533015");
Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.148:20:35");
Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Deleted : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb155/?loc=IB_DS&a=6R8x8XDHrF&&i=26&search="[...]
Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

*************************

AdwCleaner[R1].txt - [10736 octets] - [10/07/2012 17:56:01]
AdwCleaner[S1].txt - [11078 octets] - [11/07/2012 16:48:42]

########## EOF - C:\AdwCleaner[S1].txt - [11207 octets] ##########

cosinus 12.07.2012 18:48
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

mno7 12.07.2012 19:26
OTL Logfile:
Code:
OTL logfile created on: 12.07.2012 19:54:31 - Run 2
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\Marius\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 65,82% Memory free
4,00 Gb Paging File | 3,12 Gb Available in Paging File | 77,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220,28 Gb Total Space | 154,90 Gb Free Space | 70,32% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,14 Gb Free Space | 61,41% Space Free | Partition Type: NTFS
 
Computer Name: MARIUS-PC | User Name: Marius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.02 21:03:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Marius\Desktop\OTL.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.16 16:21:06 | 001,500,160 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2011.06.08 15:49:48 | 000,159,744 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2011.06.08 14:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.03.31 15:38:26 | 000,140,288 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.03.28 21:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.03.21 14:19:36 | 000,120,832 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.26 19:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2007.06.07 12:27:56 | 000,020,480 | ---- | M] (Creative Technology Ltd.) -- C:\Programme\Creative Live! Cam\VideoFX\StartFX.exe
PRC - [2007.06.07 12:14:36 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Programme\DELL\DELL Webcam Manager\DellWMgr.exe
PRC - [2007.05.10 02:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.04.07 17:43:24 | 008,191,488 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2011.04.07 17:43:22 | 002,296,320 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2011.02.22 21:13:22 | 000,022,016 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2011.02.22 21:12:54 | 000,196,608 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2011.02.22 18:39:06 | 000,276,480 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2011.02.22 18:07:20 | 000,339,968 | ---- | M] () -- C:\Programme\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2007.06.07 12:31:00 | 000,425,984 | ---- | M] () -- C:\Programme\Creative Live! Cam\VideoFX\EyeCatcherEx.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.12 19:34:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 18:20:34 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.06.29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011.06.08 14:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.02.26 19:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.05.18 11:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.05.18 11:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.18 11:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.05.18 11:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.12.07 13:24:56 | 000,401,016 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psabusbu.sys -- (PRESONUS_AUDIOBOX_USB)
DRV - [2009.12.07 13:24:56 | 000,040,568 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psabusba.sys -- (PRESONUS_AUDIOBOX_WDM)
DRV - [2009.12.07 13:24:56 | 000,031,864 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psabusbm.sys -- (PRESONUS_AUDIOBOX_MIDI)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.07.14 00:02:49 | 000,046,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.09 08:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.10.24 10:47:26 | 000,023,288 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2007.10.11 02:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007.03.05 19:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 5E B5 D0 D5 E0 CC 01  [binary data]
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "t-onlien.de"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.03 18:20:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.18 17:39:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.03 18:20:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.18 17:39:32 | 000,000,000 | ---D | M]
 
[2011.09.09 20:35:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marius\AppData\Roaming\mozilla\Extensions
[2012.07.01 23:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marius\AppData\Roaming\mozilla\Firefox\Profiles\j56hwbrk.default\extensions
[2011.12.19 13:23:40 | 000,000,933 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\11-suche.xml
[2011.12.19 13:23:41 | 000,002,419 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\englische-ergebnisse.xml
[2011.12.19 13:23:40 | 000,010,525 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\gmx-suche.xml
[2011.12.19 13:23:40 | 000,002,457 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\lastminute.xml
[2011.12.19 13:23:40 | 000,005,508 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\searchplugins\webde-suche.xml
[2012.02.18 18:27:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.03 18:20:35 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.18 17:39:18 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.07.03 18:20:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.03 18:20:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.03 18:20:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.03 18:20:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.03 18:20:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.03 18:20:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001..\Run: [DELL Webcam Manager] C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001..\Run: [ICQ] C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1809670155-1155344293-3116291423-1001..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F8934C1-6E99-4326-A4E0-E22641463D17}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\Shell - "" = AutoRun
O33 - MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\Shell - "" = AutoRun
O33 - MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.12 18:19:22 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{8F0287FD-051A-48DF-B37C-20E1899C7CAA}
[2012.07.12 18:19:07 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{82C297AF-B096-4153-886B-19448E2919D1}
[2012.07.08 20:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.07.08 20:50:38 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Marius\Desktop\esetsmartinstaller_enu.exe
[2012.07.03 18:09:42 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{E1EB5775-3BA1-4A79-B477-7299A4D9F7A9}
[2012.07.03 18:09:29 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{00CA68C4-FC8A-4F2D-88BD-2CF1152F6EB2}
[2012.07.02 21:03:35 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Marius\Desktop\OTL.exe
[2012.07.02 19:13:09 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.01 23:13:21 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Malwarebytes
[2012.07.01 23:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.01 23:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.01 23:13:01 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.01 23:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.01 20:33:41 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{64D2CDDD-2B02-4E42-98C2-E11F17E3D141}
[2012.07.01 20:33:28 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{687F836A-9CF4-48BD-998A-2C59383D06DC}
[2012.07.01 20:26:56 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{5431F8F3-0BA7-4A24-9931-035D2F5C9BFE}
[2012.07.01 20:26:44 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{CD021801-0199-4D0B-8ADC-5A259B2435BB}
[2012.06.25 12:28:01 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Macromedia
[2012.06.19 19:27:13 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{97882CF1-6145-43F6-A715-434A0C826EBC}
[2012.06.19 19:26:54 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{22EF44FC-ED8D-4749-80AF-ED222E7CB0CF}
[2012.06.18 21:39:18 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{B968EE3A-E51A-47AB-8B26-F49786DF5EF1}
[2012.06.17 20:23:40 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\{059A1A01-7076-45B3-B0BC-F2187DBC9322}
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.12 19:34:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.12 18:25:45 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.12 18:25:45 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.12 18:24:12 | 000,645,966 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.12 18:24:12 | 000,609,290 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.12 18:24:12 | 000,127,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.12 18:24:12 | 000,104,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.12 18:18:04 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.07.12 18:18:04 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.07.12 18:17:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.12 18:16:55 | 1609,187,328 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.12 17:08:45 | 000,410,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.10 17:55:48 | 000,618,655 | ---- | M] () -- C:\Users\Marius\Desktop\adwcleaner.exe
[2012.07.08 20:50:41 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Marius\Desktop\esetsmartinstaller_enu.exe
[2012.07.02 21:03:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Marius\Desktop\OTL.exe
[2012.07.02 21:02:28 | 000,000,000 | ---- | M] () -- C:\Users\Marius\defogger_reenable
[2012.07.02 19:12:57 | 247,640,923 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.01 23:16:00 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.26 08:20:35 | 000,000,447 | ---- | M] () -- C:\user.js
 
========== Files Created - No Company Name ==========
 
[2012.07.10 17:55:41 | 000,618,655 | ---- | C] () -- C:\Users\Marius\Desktop\adwcleaner.exe
[2012.07.02 21:02:28 | 000,000,000 | ---- | C] () -- C:\Users\Marius\defogger_reenable
[2012.07.02 19:12:57 | 247,640,923 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.01 23:13:10 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.26 08:20:35 | 000,000,447 | ---- | C] () -- C:\user.js
[2012.03.22 21:48:41 | 000,027,934 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012.03.22 21:48:32 | 000,027,934 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.12.06 19:58:55 | 000,014,336 | ---- | C] () -- C:\Users\Marius\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.06 19:55:25 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2011.09.12 22:12:28 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
 
========== LOP Check ==========
 
[2012.07.01 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ
[2012.05.22 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ Search
[2011.12.17 01:44:49 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Nokia
[2011.12.17 01:21:25 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\PC Suite
[2012.03.19 22:10:07 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\PreSonus
[2011.12.17 14:50:16 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Sony
[2011.09.11 22:13:23 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Steinberg
[2012.03.22 21:28:52 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\tmp
[2012.07.04 22:57:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.09.13 01:54:44 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Adobe
[2012.06.03 23:45:19 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Apple Computer
[2011.12.06 19:57:51 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Creative
[2012.07.01 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ
[2012.05.22 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ Search
[2011.09.09 19:27:43 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Identities
[2011.12.06 19:54:23 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\InstallShield
[2011.09.11 20:54:49 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Macromedia
[2012.07.01 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:56 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Media Center Programs
[2012.03.20 22:39:27 | 000,000,000 | --SD | M] -- C:\Users\Marius\AppData\Roaming\Microsoft
[2011.09.09 20:35:44 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Mozilla
[2011.12.17 01:44:49 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Nokia
[2011.12.17 01:21:25 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\PC Suite
[2012.03.19 22:10:07 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\PreSonus
[2012.03.22 21:28:52 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Reallusion
[2011.12.17 14:50:16 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Sony
[2011.09.11 22:13:23 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Steinberg
[2012.03.22 21:28:52 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\tmp
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
--- --- ---

cosinus 12.07.2012 19:51
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "t-onlien.de"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\Shell - "" = AutoRun
O33 - MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\Shell - "" = AutoRun
O33 - MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\Shell\AutoRun\command - "" = F:\Startme.exe
[2012.06.26 08:20:35 | 000,000,447 | ---- | M] () -- C:\user.js
[2012.05.22 18:22:21 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ICQ Search
:Files
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

mno7 14.07.2012 09:07
Code:
All processes killed
========== OTL ==========
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "t-onlien.de" removed from browser.startup.homepage
Prefs.js: 0 removed from network.proxy.type
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07bf5ab8-28a7-11e1-b38f-001c26f1e699}\ not found.
File F:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{767b29ca-5a50-11e1-88d1-001c26f1e699}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{767b29ca-5a50-11e1-88d1-001c26f1e699}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{767b29ca-5a50-11e1-88d1-001c26f1e699}\ not found.
File F:\Startme.exe not found.
C:\user.js moved successfully.
C:\Users\Marius\AppData\Roaming\ICQ Search folder moved successfully.
========== FILES ==========
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Marius\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Marius
->Temp folder emptied: 237184509 bytes
->Temporary Internet Files folder emptied: 65010040 bytes
->FireFox cache emptied: 699553836 bytes
->Flash cache emptied: 46983 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11397586 bytes
RecycleBin emptied: 9085121660 bytes
 
Total Files Cleaned = 9.631,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Marius
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.53.1 log created on 07142012_095958

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Ok,

müssen jetzt noch weitere Schritte durchgeführt werden?

cosinus 14.07.2012 14:50
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

mno7 15.07.2012 21:14
Code:
22:02:29.0926 2676        TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
22:02:30.0516 2676        ============================================================
22:02:30.0516 2676        Current date / time: 2012/07/15 22:02:30.0516
22:02:30.0516 2676        SystemInfo:
22:02:30.0516 2676       
22:02:30.0516 2676        OS Version: 6.1.7601 ServicePack: 1.0
22:02:30.0516 2676        Product type: Workstation
22:02:30.0516 2676        ComputerName: MARIUS-PC
22:02:30.0516 2676        UserName: Marius
22:02:30.0516 2676        Windows directory: C:\Windows
22:02:30.0516 2676        System windows directory: C:\Windows
22:02:30.0516 2676        Processor architecture: Intel x86
22:02:30.0516 2676        Number of processors: 2
22:02:30.0516 2676        Page size: 0x1000
22:02:30.0516 2676        Boot type: Normal boot
22:02:30.0516 2676        ============================================================
22:02:32.0587 2676        Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:02:32.0587 2676        ============================================================
22:02:32.0587 2676        \Device\Harddisk0\DR0:
22:02:32.0587 2676        MBR partitions:
22:02:32.0587 2676        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x37000, BlocksNum 0x1400000
22:02:32.0587 2676        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1437000, BlocksNum 0x1B88E000
22:02:32.0617 2676        ============================================================
22:02:32.0677 2676        C: <-> \Device\Harddisk0\DR0\Partition1
22:02:32.0697 2676        D: <-> \Device\Harddisk0\DR0\Partition0
22:02:32.0697 2676        ============================================================
22:02:32.0697 2676        Initialize success
22:02:32.0697 2676        ============================================================
22:03:34.0758 0580        ============================================================
22:03:34.0758 0580        Scan started
22:03:34.0758 0580        Mode: Manual; SigCheck; TDLFS;
22:03:34.0758 0580        ============================================================
22:03:36.0599 0580        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:03:37.0052 0580        1394ohci - ok
22:03:37.0102 0580        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:03:37.0122 0580        ACPI - ok
22:03:37.0162 0580        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:03:37.0252 0580        AcpiPmi - ok
22:03:37.0382 0580        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:03:37.0412 0580        AdobeARMservice - ok
22:03:37.0512 0580        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:03:37.0552 0580        AdobeFlashPlayerUpdateSvc - ok
22:03:37.0642 0580        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:03:37.0692 0580        adp94xx - ok
22:03:37.0732 0580        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:03:37.0772 0580        adpahci - ok
22:03:37.0792 0580        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:03:37.0832 0580        adpu320 - ok
22:03:37.0872 0580        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:03:37.0932 0580        AeLookupSvc - ok
22:03:38.0072 0580        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:03:38.0142 0580        AFD - ok
22:03:38.0172 0580        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:03:38.0212 0580        agp440 - ok
22:03:38.0242 0580        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:03:38.0272 0580        aic78xx - ok
22:03:38.0332 0580        ALG            (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:03:38.0382 0580        ALG - ok
22:03:38.0412 0580        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:03:38.0432 0580        aliide - ok
22:03:38.0452 0580        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:03:38.0482 0580        amdagp - ok
22:03:38.0492 0580        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:03:38.0502 0580        amdide - ok
22:03:38.0532 0580        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:03:38.0572 0580        AmdK8 - ok
22:03:38.0592 0580        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:03:38.0642 0580        AmdPPM - ok
22:03:38.0672 0580        amdsata        (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:03:38.0702 0580        amdsata - ok
22:03:38.0722 0580        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:03:38.0752 0580        amdsbs - ok
22:03:38.0772 0580        amdxata        (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:03:38.0792 0580        amdxata - ok
22:03:38.0842 0580        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:03:39.0055 0580        AppID - ok
22:03:39.0102 0580        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:03:39.0180 0580        AppIDSvc - ok
22:03:39.0211 0580        Appinfo        (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:03:39.0242 0580        Appinfo - ok
22:03:39.0351 0580        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:03:39.0367 0580        Apple Mobile Device - ok
22:03:39.0429 0580        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:03:39.0507 0580        AppMgmt - ok
22:03:39.0538 0580        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:03:39.0585 0580        arc - ok
22:03:39.0616 0580        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:03:39.0648 0580        arcsas - ok
22:03:39.0679 0580        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:03:39.0772 0580        AsyncMac - ok
22:03:39.0804 0580        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:03:39.0804 0580        atapi - ok
22:03:39.0886 0580        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:03:39.0936 0580        AudioEndpointBuilder - ok
22:03:39.0946 0580        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:03:39.0976 0580        Audiosrv - ok
22:03:40.0026 0580        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:03:40.0106 0580        AxInstSV - ok
22:03:40.0176 0580        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:03:40.0236 0580        b06bdrv - ok
22:03:40.0276 0580        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:03:40.0316 0580        b57nd60x - ok
22:03:40.0386 0580        bcm4sbxp        (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
22:03:40.0436 0580        bcm4sbxp - ok
22:03:40.0466 0580        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:03:40.0536 0580        BDESVC - ok
22:03:40.0546 0580        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:03:40.0626 0580        Beep - ok
22:03:40.0706 0580        BFE            (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:03:40.0796 0580        BFE - ok
22:03:40.0876 0580        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:03:41.0006 0580        BITS - ok
22:03:41.0036 0580        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:03:41.0066 0580        blbdrive - ok
22:03:41.0186 0580        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:03:41.0226 0580        Bonjour Service - ok
22:03:41.0276 0580        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:03:41.0326 0580        bowser - ok
22:03:41.0356 0580        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:03:41.0436 0580        BrFiltLo - ok
22:03:41.0446 0580        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:03:41.0476 0580        BrFiltUp - ok
22:03:41.0516 0580        Browser        (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:03:41.0586 0580        Browser - ok
22:03:41.0626 0580        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:03:41.0716 0580        Brserid - ok
22:03:41.0756 0580        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:03:41.0816 0580        BrSerWdm - ok
22:03:41.0866 0580        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:03:41.0916 0580        BrUsbMdm - ok
22:03:41.0966 0580        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:03:42.0006 0580        BrUsbSer - ok
22:03:42.0066 0580        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:03:42.0146 0580        BthEnum - ok
22:03:42.0216 0580        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:03:42.0266 0580        BTHMODEM - ok
22:03:42.0326 0580        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:03:42.0366 0580        BthPan - ok
22:03:42.0406 0580        BTHPORT        (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:03:42.0456 0580        BTHPORT - ok
22:03:42.0496 0580        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:03:42.0556 0580        bthserv - ok
22:03:42.0576 0580        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:03:42.0596 0580        BTHUSB - ok
22:03:42.0626 0580        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:03:42.0696 0580        cdfs - ok
22:03:42.0766 0580        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:03:42.0816 0580        cdrom - ok
22:03:42.0856 0580        CertPropSvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:03:42.0886 0580        CertPropSvc - ok
22:03:42.0946 0580        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:03:42.0966 0580        circlass - ok
22:03:43.0026 0580        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:03:43.0046 0580        CLFS - ok
22:03:43.0306 0580        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:03:43.0436 0580        clr_optimization_v2.0.50727_32 - ok
22:03:43.0526 0580        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:03:43.0576 0580        CmBatt - ok
22:03:43.0616 0580        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:03:43.0666 0580        cmdide - ok
22:03:43.0816 0580        CNG            (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:03:43.0866 0580        CNG - ok
22:03:43.0936 0580        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:03:43.0966 0580        Compbatt - ok
22:03:44.0036 0580        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:03:44.0066 0580        CompositeBus - ok
22:03:44.0096 0580        COMSysApp - ok
22:03:44.0146 0580        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:03:44.0166 0580        crcdisk - ok
22:03:44.0246 0580        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:03:44.0336 0580        CryptSvc - ok
22:03:44.0506 0580        CSC            (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:03:44.0586 0580        CSC - ok
22:03:44.0687 0580        CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:03:44.0737 0580        CscService - ok
22:03:44.0797 0580        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:03:44.0877 0580        DcomLaunch - ok
22:03:44.0947 0580        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:03:44.0997 0580        defragsvc - ok
22:03:45.0067 0580        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:03:45.0107 0580        DfsC - ok
22:03:45.0257 0580        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:03:45.0357 0580        Dhcp - ok
22:03:45.0407 0580        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:03:45.0477 0580        discache - ok
22:03:45.0587 0580        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:03:45.0607 0580        Disk - ok
22:03:45.0647 0580        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:03:45.0717 0580        Dnscache - ok
22:03:45.0797 0580        dot3svc        (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:03:45.0857 0580        dot3svc - ok
22:03:45.0987 0580        DPS            (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:03:46.0077 0580        DPS - ok
22:03:46.0107 0580        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:03:46.0157 0580        drmkaud - ok
22:03:46.0227 0580        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:03:46.0267 0580        DXGKrnl - ok
22:03:46.0387 0580        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:03:46.0467 0580        EapHost - ok
22:03:46.0953 0580        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:03:47.0093 0580        ebdrv - ok
22:03:47.0202 0580        EFS            (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:03:47.0249 0580        EFS - ok
22:03:47.0436 0580        ehRecvr        (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:03:47.0514 0580        ehRecvr - ok
22:03:47.0546 0580        ehSched        (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:03:47.0608 0580        ehSched - ok
22:03:47.0795 0580        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:03:47.0826 0580        elxstor - ok
22:03:47.0858 0580        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:03:47.0904 0580        ErrDev - ok
22:03:48.0014 0580        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:03:48.0092 0580        EventSystem - ok
22:03:48.0185 0580        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:03:48.0232 0580        exfat - ok
22:03:48.0263 0580        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:03:48.0310 0580        fastfat - ok
22:03:48.0388 0580        Fax            (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:03:48.0466 0580        Fax - ok
22:03:48.0497 0580        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:03:48.0528 0580        fdc - ok
22:03:48.0544 0580        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:03:48.0606 0580        fdPHost - ok
22:03:48.0622 0580        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:03:48.0669 0580        FDResPub - ok
22:03:48.0700 0580        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:03:48.0716 0580        FileInfo - ok
22:03:48.0731 0580        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:03:48.0794 0580        Filetrace - ok
22:03:48.0809 0580        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:03:48.0840 0580        flpydisk - ok
22:03:48.0996 0580        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:03:49.0043 0580        FltMgr - ok
22:03:49.0262 0580        FontCache      (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
22:03:49.0414 0580        FontCache - ok
22:03:49.0564 0580        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:03:49.0594 0580        FontCache3.0.0.0 - ok
22:03:49.0644 0580        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:03:49.0654 0580        FsDepends - ok
22:03:49.0694 0580        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:03:49.0714 0580        Fs_Rec - ok
22:03:49.0814 0580        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:03:49.0854 0580        fvevol - ok
22:03:49.0894 0580        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:03:49.0934 0580        gagp30kx - ok
22:03:50.0024 0580        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:03:50.0044 0580        GEARAspiWDM - ok
22:03:50.0134 0580        gpsvc          (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:03:50.0204 0580        gpsvc - ok
22:03:50.0274 0580        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:03:50.0344 0580        hcw85cir - ok
22:03:50.0434 0580        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:03:50.0494 0580        HdAudAddService - ok
22:03:50.0554 0580        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:03:50.0604 0580        HDAudBus - ok
22:03:50.0644 0580        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:03:50.0664 0580        HidBatt - ok
22:03:50.0685 0580        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:03:50.0705 0580        HidBth - ok
22:03:50.0725 0580        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:03:50.0755 0580        HidIr - ok
22:03:50.0795 0580        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:03:50.0865 0580        hidserv - ok
22:03:50.0945 0580        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:03:50.0965 0580        HidUsb - ok
22:03:51.0025 0580        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:03:51.0105 0580        hkmsvc - ok
22:03:51.0135 0580        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:03:51.0195 0580        HomeGroupListener - ok
22:03:51.0305 0580        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:03:51.0365 0580        HomeGroupProvider - ok
22:03:51.0425 0580        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:03:51.0455 0580        HpSAMD - ok
22:03:51.0675 0580        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:03:51.0735 0580        HTTP - ok
22:03:51.0765 0580        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:03:51.0795 0580        hwpolicy - ok
22:03:51.0835 0580        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:03:51.0875 0580        i8042prt - ok
22:03:52.0055 0580        iaStorV        (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:03:52.0125 0580        iaStorV - ok
22:03:52.0335 0580        idsvc          (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:03:52.0375 0580        idsvc - ok
22:03:52.0435 0580        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:03:52.0465 0580        iirsp - ok
22:03:52.0645 0580        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:03:52.0745 0580        IKEEXT - ok
22:03:52.0785 0580        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:03:52.0805 0580        intelide - ok
22:03:52.0845 0580        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:03:52.0875 0580        intelppm - ok
22:03:52.0945 0580        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:03:53.0015 0580        IPBusEnum - ok
22:03:53.0045 0580        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:03:53.0095 0580        IpFilterDriver - ok
22:03:53.0175 0580        iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:03:53.0215 0580        iphlpsvc - ok
22:03:53.0265 0580        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:03:53.0335 0580        IPMIDRV - ok
22:03:53.0365 0580        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:03:53.0445 0580        IPNAT - ok
22:03:53.0595 0580        iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:03:53.0655 0580        iPod Service - ok
22:03:53.0715 0580        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:03:53.0845 0580        IRENUM - ok
22:03:53.0875 0580        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:03:53.0905 0580        isapnp - ok
22:03:53.0945 0580        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:03:54.0035 0580        iScsiPrt - ok
22:03:54.0085 0580        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:03:54.0105 0580        kbdclass - ok
22:03:54.0245 0580        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:03:54.0295 0580        kbdhid - ok
22:03:54.0315 0580        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:03:54.0335 0580        KeyIso - ok
22:03:54.0385 0580        KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:03:54.0415 0580        KSecDD - ok
22:03:54.0445 0580        KSecPkg        (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:03:54.0475 0580        KSecPkg - ok
22:03:54.0535 0580        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:03:54.0605 0580        KtmRm - ok
22:03:54.0665 0580        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:03:54.0725 0580        LanmanServer - ok
22:03:54.0765 0580        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:03:54.0805 0580        LanmanWorkstation - ok
22:03:54.0855 0580        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:03:54.0945 0580        lltdio - ok
22:03:55.0015 0580        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:03:55.0075 0580        lltdsvc - ok
22:03:55.0095 0580        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:03:55.0135 0580        lmhosts - ok
22:03:55.0175 0580        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:03:55.0195 0580        LSI_FC - ok
22:03:55.0215 0580        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:03:55.0225 0580        LSI_SAS - ok
22:03:55.0245 0580        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:03:55.0265 0580        LSI_SAS2 - ok
22:03:55.0275 0580        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:03:55.0295 0580        LSI_SCSI - ok
22:03:55.0315 0580        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:03:55.0355 0580        luafv - ok
22:03:55.0425 0580        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:03:56.0095 0580        MBAMProtector - ok
22:03:56.0265 0580        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:03:56.0335 0580        MBAMService - ok
22:03:56.0375 0580        Mcx2Svc        (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:03:56.0395 0580        Mcx2Svc - ok
22:03:56.0415 0580        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:03:56.0435 0580        megasas - ok
22:03:56.0461 0580        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:03:56.0492 0580        MegaSR - ok
22:03:56.0570 0580        Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:03:56.0585 0580        Microsoft Office Groove Audit Service - ok
22:03:56.0710 0580        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:03:56.0788 0580        MMCSS - ok
22:03:56.0839 0580        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:03:56.0919 0580        Modem - ok
22:03:57.0019 0580        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:03:57.0059 0580        monitor - ok
22:03:57.0109 0580        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:03:57.0139 0580        mouclass - ok
22:03:57.0169 0580        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:03:57.0219 0580        mouhid - ok
22:03:57.0259 0580        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:03:57.0279 0580        mountmgr - ok
22:03:57.0439 0580        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:03:57.0489 0580        MozillaMaintenance - ok
22:03:57.0599 0580        MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
22:03:57.0629 0580        MpFilter - ok
22:03:57.0679 0580        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:03:57.0699 0580        mpio - ok
22:03:57.0749 0580        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:03:57.0799 0580        mpsdrv - ok
22:03:57.0899 0580        MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:03:58.0009 0580        MpsSvc - ok
22:03:58.0089 0580        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:03:58.0159 0580        MRxDAV - ok
22:03:58.0209 0580        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:03:58.0259 0580        mrxsmb - ok
22:03:58.0289 0580        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:03:58.0319 0580        mrxsmb10 - ok
22:03:58.0339 0580        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
Code:

22:03:58.0369 0580        mrxsmb20 - ok
22:03:58.0439 0580        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:03:58.0459 0580        msahci - ok
22:03:58.0559 0580        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:03:58.0619 0580        msdsm - ok
22:03:58.0719 0580        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:03:58.0759 0580        MSDTC - ok
22:03:58.0885 0580        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:03:58.0947 0580        Msfs - ok
22:03:58.0994 0580        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:03:59.0025 0580        mshidkmdf - ok
22:03:59.0088 0580        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:03:59.0103 0580        msisadrv - ok
22:03:59.0181 0580        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:03:59.0275 0580        MSiSCSI - ok
22:03:59.0275 0580        msiserver - ok
22:03:59.0353 0580        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:03:59.0400 0580        MSKSSRV - ok
22:03:59.0556 0580        MsMpSvc        (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:03:59.0587 0580        MsMpSvc - ok
22:03:59.0649 0580        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:03:59.0727 0580        MSPCLOCK - ok
22:03:59.0774 0580        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:03:59.0971 0580        MSPQM - ok
22:04:00.0021 0580        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:04:00.0041 0580        MsRPC - ok
22:04:00.0091 0580        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:04:00.0121 0580        mssmbios - ok
22:04:00.0131 0580        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:04:00.0171 0580        MSTEE - ok
22:04:00.0181 0580        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:04:00.0221 0580        MTConfig - ok
22:04:00.0261 0580        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:04:00.0281 0580        Mup - ok
22:04:00.0381 0580        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:04:00.0461 0580        napagent - ok
22:04:00.0531 0580        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:04:00.0581 0580        NativeWifiP - ok
22:04:00.0711 0580        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:04:00.0751 0580        NDIS - ok
22:04:00.0791 0580        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:04:00.0861 0580        NdisCap - ok
22:04:00.0891 0580        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:04:00.0941 0580        NdisTapi - ok
22:04:01.0021 0580        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:04:01.0071 0580        Ndisuio - ok
22:04:01.0181 0580        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:04:01.0241 0580        NdisWan - ok
22:04:01.0301 0580        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:04:01.0351 0580        NDProxy - ok
22:04:01.0421 0580        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:04:01.0471 0580        NetBIOS - ok
22:04:01.0551 0580        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:04:01.0631 0580        NetBT - ok
22:04:01.0691 0580        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:04:01.0721 0580        Netlogon - ok
22:04:01.0811 0580        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:04:01.0901 0580        Netman - ok
22:04:02.0031 0580        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:04:02.0111 0580        netprofm - ok
22:04:02.0231 0580        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:04:02.0251 0580        NetTcpPortSharing - ok
22:04:03.0091 0580        netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:04:03.0261 0580        netw5v32 - ok
22:04:03.0551 0580        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:04:03.0581 0580        nfrd960 - ok
22:04:03.0651 0580        NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:04:03.0671 0580        NisDrv - ok
22:04:03.0811 0580        NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:04:03.0841 0580        NisSrv - ok
22:04:03.0901 0580        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:04:04.0021 0580        NlaSvc - ok
22:04:04.0061 0580        nmwcd          (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\Windows\system32\drivers\ccdcmb.sys
22:04:04.0161 0580        nmwcd - ok
22:04:04.0223 0580        nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\Windows\system32\drivers\ccdcmbo.sys
22:04:04.0270 0580        nmwcdc - ok
22:04:04.0286 0580        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:04:04.0348 0580        Npfs - ok
22:04:04.0395 0580        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:04:04.0426 0580        nsi - ok
22:04:04.0457 0580        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:04:04.0535 0580        nsiproxy - ok
22:04:04.0754 0580        Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:04:04.0816 0580        Ntfs - ok
22:04:04.0832 0580        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:04:04.0910 0580        Null - ok
22:04:06.0314 0580        nvlddmkm        (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:04:06.0688 0580        nvlddmkm - ok
22:04:07.0000 0580        nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:04:07.0016 0580        nvraid - ok
22:04:07.0265 0580        nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:04:07.0312 0580        nvstor - ok
22:04:07.0343 0580        nvsvc          (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
22:04:07.0385 0580        nvsvc - ok
22:04:07.0405 0580        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:04:07.0425 0580        nv_agp - ok
22:04:07.0795 0580        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:04:07.0835 0580        odserv - ok
22:04:08.0015 0580        OEM02Dev        (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:04:08.0075 0580        OEM02Dev - ok
22:04:08.0115 0580        OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:04:08.0145 0580        OEM02Vfx - ok
22:04:08.0205 0580        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:04:08.0255 0580        ohci1394 - ok
22:04:08.0295 0580        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:04:08.0335 0580        ose - ok
22:04:08.0635 0580        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:04:08.0715 0580        p2pimsvc - ok
22:04:08.0775 0580        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:04:08.0795 0580        p2psvc - ok
22:04:08.0955 0580        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:04:09.0005 0580        Parport - ok
22:04:09.0045 0580        partmgr        (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:04:09.0075 0580        partmgr - ok
22:04:09.0135 0580        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:04:09.0235 0580        Parvdm - ok
22:04:09.0345 0580        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:04:09.0425 0580        PcaSvc - ok
22:04:09.0505 0580        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:04:09.0545 0580        pccsmcfd - ok
22:04:09.0575 0580        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:04:09.0595 0580        pci - ok
22:04:09.0615 0580        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:04:09.0635 0580        pciide - ok
22:04:09.0725 0580        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:04:09.0755 0580        pcmcia - ok
22:04:09.0796 0580        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:04:09.0816 0580        pcw - ok
22:04:09.0906 0580        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:04:10.0056 0580        PEAUTH - ok
22:04:10.0306 0580        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:04:10.0376 0580        PeerDistSvc - ok
22:04:10.0766 0580        pla            (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:04:10.0896 0580        pla - ok
22:04:11.0286 0580        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:04:11.0376 0580        PlugPlay - ok
22:04:11.0406 0580        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:04:11.0446 0580        PNRPAutoReg - ok
22:04:11.0486 0580        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:04:11.0506 0580        PNRPsvc - ok
22:04:11.0566 0580        PolicyAgent    (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:04:11.0636 0580        PolicyAgent - ok
22:04:11.0666 0580        Power          (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:04:11.0716 0580        Power - ok
22:04:11.0877 0580        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:04:11.0939 0580        PptpMiniport - ok
22:04:12.0001 0580        PRESONUS_AUDIOBOX_MIDI (ed7f742b0eacf745afb5b2fe5baec618) C:\Windows\system32\drivers\psabusbm.sys
22:04:12.0048 0580        PRESONUS_AUDIOBOX_MIDI - ok
22:04:12.0189 0580        PRESONUS_AUDIOBOX_USB (dd02c038c7a24dd23aaa75595bec80ba) C:\Windows\system32\Drivers\psabusbu.sys
22:04:12.0235 0580        PRESONUS_AUDIOBOX_USB - ok
22:04:12.0267 0580        PRESONUS_AUDIOBOX_WDM (08ac58a2bc1084e6eb4800b98368ccaa) C:\Windows\system32\drivers\psabusba.sys
22:04:12.0267 0580        PRESONUS_AUDIOBOX_WDM - ok
22:04:12.0313 0580        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:04:12.0376 0580        Processor - ok
22:04:12.0438 0580        ProfSvc        (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:04:12.0485 0580        ProfSvc - ok
22:04:12.0516 0580        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:04:12.0547 0580        ProtectedStorage - ok
22:04:12.0610 0580        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:04:12.0672 0580        Psched - ok
22:04:12.0875 0580        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:04:12.0953 0580        ql2300 - ok
22:04:13.0218 0580        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:04:13.0234 0580        ql40xx - ok
22:04:13.0296 0580        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:04:13.0359 0580        QWAVE - ok
22:04:13.0421 0580        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:04:13.0437 0580        QWAVEdrv - ok
22:04:13.0452 0580        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:04:13.0483 0580        RasAcd - ok
22:04:13.0546 0580        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:04:13.0593 0580        RasAgileVpn - ok
22:04:13.0655 0580        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:04:13.0702 0580        RasAuto - ok
22:04:13.0733 0580        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:04:13.0795 0580        Rasl2tp - ok
22:04:13.0873 0580        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:04:13.0936 0580        RasMan - ok
22:04:13.0998 0580        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:04:14.0076 0580        RasPppoe - ok
22:04:14.0107 0580        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:04:14.0170 0580        RasSstp - ok
22:04:14.0263 0580        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:04:14.0341 0580        rdbss - ok
22:04:14.0388 0580        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:04:14.0419 0580        rdpbus - ok
22:04:14.0887 0580        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:04:14.0965 0580        RDPCDD - ok
22:04:15.0012 0580        RDPDR          (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:04:15.0028 0580        RDPDR - ok
22:04:15.0073 0580        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:04:15.0133 0580        RDPENCDD - ok
22:04:15.0143 0580        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:04:15.0173 0580        RDPREFMP - ok
22:04:15.0723 0580        RDPWD          (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:04:15.0793 0580        RDPWD - ok
22:04:15.0853 0580        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:04:15.0863 0580        rdyboost - ok
22:04:15.0893 0580        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:04:15.0923 0580        RemoteAccess - ok
22:04:15.0983 0580        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:04:16.0063 0580        RemoteRegistry - ok
22:04:16.0113 0580        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:04:16.0153 0580        RFCOMM - ok
22:04:16.0193 0580        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:04:16.0233 0580        RpcEptMapper - ok
22:04:16.0273 0580        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:04:16.0323 0580        RpcLocator - ok
22:04:16.0373 0580        RpcSs          (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:04:16.0423 0580        RpcSs - ok
22:04:16.0583 0580        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:04:16.0623 0580        rspndr - ok
22:04:16.0673 0580        s3cap          (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:04:16.0743 0580        s3cap - ok
22:04:16.0773 0580        SamSs          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:04:16.0803 0580        SamSs - ok
22:04:16.0843 0580        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:04:16.0863 0580        sbp2port - ok
22:04:16.0983 0580        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:04:17.0033 0580        SCardSvr - ok
22:04:17.0063 0580        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:04:17.0103 0580        scfilter - ok
22:04:17.0213 0580        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:04:17.0273 0580        Schedule - ok
22:04:17.0323 0580        SCPolicySvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:04:17.0373 0580        SCPolicySvc - ok
22:04:17.0413 0580        sdbus          (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:04:17.0453 0580        sdbus - ok
22:04:17.0493 0580        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:04:17.0553 0580        SDRSVC - ok
22:04:17.0583 0580        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:04:17.0643 0580        secdrv - ok
22:04:17.0693 0580        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:04:17.0753 0580        seclogon - ok
22:04:17.0843 0580        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:04:17.0903 0580        SENS - ok
22:04:18.0013 0580        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:04:18.0053 0580        SensrSvc - ok
22:04:18.0083 0580        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:04:18.0123 0580        Serenum - ok
22:04:18.0173 0580        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:04:18.0223 0580        Serial - ok
22:04:18.0283 0580        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:04:18.0303 0580        sermouse - ok
22:04:18.0493 0580        ServiceLayer    (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:04:18.0513 0580        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:04:18.0513 0580        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:04:18.0563 0580        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:04:18.0613 0580        SessionEnv - ok
22:04:18.0673 0580        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:04:18.0743 0580        sffdisk - ok
22:04:18.0773 0580        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:04:18.0793 0580        sffp_mmc - ok
22:04:18.0813 0580        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:04:18.0833 0580        sffp_sd - ok
22:04:18.0873 0580        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:04:18.0903 0580        sfloppy - ok
22:04:19.0113 0580        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:04:19.0193 0580        SharedAccess - ok
22:04:19.0263 0580        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:04:19.0323 0580        ShellHWDetection - ok
22:04:19.0353 0580        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:04:19.0363 0580        sisagp - ok
22:04:19.0413 0580        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:04:19.0423 0580        SiSRaid2 - ok
22:04:19.0463 0580        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:04:19.0483 0580        SiSRaid4 - ok
22:04:19.0523 0580        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:04:19.0553 0580        Smb - ok
22:04:19.0583 0580        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:04:19.0613 0580        SNMPTRAP - ok
22:04:19.0723 0580        Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
22:04:19.0733 0580        Sony Ericsson PCCompanion - ok
22:04:19.0763 0580        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:04:19.0773 0580        spldr - ok
22:04:19.0853 0580        Spooler        (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:04:19.0883 0580        Spooler - ok
22:04:20.0303 0580        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:04:20.0483 0580        sppsvc - ok
22:04:20.0653 0580        sppuinotify    (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:04:20.0703 0580        sppuinotify - ok
22:04:20.0843 0580        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:04:20.0873 0580        srv - ok
22:04:20.0953 0580        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:04:21.0013 0580        srv2 - ok
22:04:21.0053 0580        SrvHsfHDA      (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:04:21.0093 0580        SrvHsfHDA - ok
22:04:21.0223 0580        SrvHsfV92      (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:04:21.0263 0580        SrvHsfV92 - ok
22:04:21.0443 0580        SrvHsfWinac    (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:04:21.0483 0580        SrvHsfWinac - ok
22:04:21.0543 0580        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:04:21.0553 0580        srvnet - ok
22:04:21.0613 0580        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:04:21.0693 0580        SSDPSRV - ok
22:04:21.0763 0580        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:04:21.0793 0580        SstpSvc - ok
22:04:21.0874 0580        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:04:21.0884 0580        stexstor - ok
22:04:22.0024 0580        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:04:22.0064 0580        StiSvc - ok
22:04:22.0144 0580        storflt        (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:04:22.0174 0580        storflt - ok
22:04:22.0224 0580        StorSvc        (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
22:04:22.0284 0580        StorSvc - ok
22:04:22.0324 0580        storvsc        (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:04:22.0334 0580        storvsc - ok
22:04:22.0344 0580        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:04:22.0364 0580        swenum - ok
22:04:22.0424 0580        swprv          (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:04:22.0504 0580        swprv - ok
22:04:22.0554 0580        SynasUSB        (e46088b882e6315518630e249ddf958c) C:\Windows\system32\drivers\SynasUSB.sys
22:04:22.0584 0580        SynasUSB - ok
22:04:22.0814 0580        SysMain        (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:04:22.0874 0580        SysMain - ok
22:04:22.0954 0580        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:04:23.0004 0580        TabletInputService - ok
22:04:23.0154 0580        TapiSrv        (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:04:23.0214 0580        TapiSrv - ok
22:04:23.0264 0580        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:04:23.0304 0580        TBS - ok
22:04:23.0605 0580        Tcpip          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:04:23.0652 0580        Tcpip - ok
22:04:23.0683 0580        TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:04:23.0714 0580        TCPIP6 - ok
22:04:23.0746 0580        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:04:23.0807 0580        tcpipreg - ok
22:04:23.0937 0580        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:04:23.0997 0580        TDPIPE - ok
22:04:24.0097 0580        TDTCP          (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:04:24.0177 0580        TDTCP - ok
22:04:24.0247 0580        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:04:24.0317 0580        tdx - ok
22:04:24.0417 0580        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:04:24.0447 0580        TermDD - ok
22:04:24.0577 0580        TermService    (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:04:24.0667 0580        TermService - ok
22:04:24.0807 0580        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:04:24.0837 0580        Themes - ok
22:04:24.0877 0580        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:04:24.0907 0580        THREADORDER - ok
22:04:24.0997 0580        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:04:25.0087 0580        TrkWks - ok
22:04:25.0267 0580        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:04:25.0337 0580        TrustedInstaller - ok
22:04:25.0427 0580        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:04:25.0477 0580        tssecsrv - ok
22:04:25.0547 0580        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:04:25.0607 0580        TsUsbFlt - ok
22:04:25.0657 0580        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:04:25.0717 0580        tunnel - ok
22:04:25.0827 0580        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:04:25.0858 0580        uagp35 - ok
22:04:25.0967 0580        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:04:26.0045 0580        udfs - ok
22:04:26.0092 0580        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:04:26.0138 0580        UI0Detect - ok
22:04:26.0168 0580        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:04:26.0208 0580        uliagpkx - ok
22:04:26.0238 0580        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:04:26.0268 0580        umbus - ok
22:04:26.0308 0580        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:04:26.0358 0580        UmPass - ok
22:04:26.0458 0580        UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:04:26.0508 0580        UmRdpService - ok
22:04:26.0648 0580        upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:04:26.0728 0580        upnphost - ok
22:04:26.0808 0580        upperdev        (ec01da44b090d2651fc032c8b9257232) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:04:26.0848 0580        upperdev - ok
22:04:26.0938 0580        USBAAPL        (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:04:27.0008 0580        USBAAPL - ok
22:04:27.0058 0580        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:04:27.0108 0580        usbaudio - ok
22:04:27.0318 0580        usbccgp        (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
22:04:27.0378 0580        usbccgp - ok
22:04:27.0388 0580        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:04:27.0428 0580        usbcir - ok
22:04:27.0458 0580        usbehci        (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
22:04:27.0508 0580        usbehci - ok
22:04:27.0638 0580        usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
22:04:27.0668 0580        usbhub - ok
22:04:27.0728 0580        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
22:04:27.0758 0580        usbohci - ok
22:04:27.0798 0580        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:04:27.0838 0580        usbprint - ok
22:04:27.0898 0580        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:04:27.0988 0580        usbscan - ok
22:04:28.0058 0580        usbser          (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
22:04:28.0098 0580        usbser - ok
22:04:28.0118 0580        UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
22:04:28.0158 0580        UsbserFilt - ok
22:04:28.0248 0580        USBSTOR        (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:04:28.0278 0580        USBSTOR - ok
22:04:28.0298 0580        usbuhci        (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
22:04:28.0328 0580        usbuhci - ok
22:04:28.0398 0580        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:04:28.0458 0580        usbvideo - ok
22:04:28.0588 0580        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:04:28.0658 0580        UxSms - ok
22:04:28.0782 0580        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:04:28.0814 0580        VaultSvc - ok
22:04:28.0938 0580        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:04:28.0970 0580        vdrvroot - ok
22:04:29.0313 0580        vds            (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:04:29.0406 0580        vds - ok
22:04:29.0438 0580        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:04:29.0484 0580        vga - ok
22:04:29.0516 0580        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:04:29.0547 0580        VgaSave - ok
22:04:29.0594 0580        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:04:29.0625 0580        vhdmp - ok
22:04:29.0672 0580        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:04:29.0703 0580        viaagp - ok
22:04:29.0734 0580        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:04:29.0796 0580        ViaC7 - ok
22:04:29.0812 0580        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:04:29.0828 0580        viaide - ok
22:04:29.0859 0580        vmbus          (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:04:29.0890 0580        vmbus - ok
22:04:29.0937 0580        VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:04:29.0968 0580        VMBusHID - ok
22:04:29.0999 0580        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:04:30.0030 0580        volmgr - ok
22:04:30.0171 0580        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:04:30.0249 0580        volmgrx - ok
22:04:30.0311 0580        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:04:30.0347 0580        volsnap - ok
22:04:30.0407 0580        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:04:30.0447 0580        vsmraid - ok
22:04:30.0667 0580        VSS            (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:04:30.0767 0580        VSS - ok
22:04:30.0807 0580        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:04:30.0887 0580        vwifibus - ok
22:04:31.0027 0580        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:04:31.0097 0580        W32Time - ok
22:04:31.0137 0580        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:04:31.0157 0580        WacomPen - ok
22:04:31.0197 0580        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:04:31.0257 0580        WANARP - ok
22:04:31.0257 0580        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:04:31.0287 0580        Wanarpv6 - ok
22:04:31.0527 0580        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:04:31.0627 0580        wbengine - ok
22:04:31.0677 0580        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:04:31.0747 0580        WbioSrvc - ok
22:04:31.0857 0580        wcncsvc        (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:04:31.0928 0580        wcncsvc - ok
22:04:31.0998 0580        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:04:32.0068 0580        WcsPlugInService - ok
22:04:32.0128 0580        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:04:32.0158 0580        Wd - ok
22:04:32.0238 0580        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:04:32.0278 0580        Wdf01000 - ok
22:04:32.0378 0580        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:04:32.0503 0580        WdiServiceHost - ok
22:04:32.0518 0580        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:04:32.0534 0580        WdiSystemHost - ok
22:04:32.0632 0580        WebClient      (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:04:32.0722 0580        WebClient - ok
22:04:32.0822 0580        Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:04:32.0872 0580        Wecsvc - ok
22:04:32.0912 0580        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:04:32.0962 0580        wercplsupport - ok
22:04:33.0022 0580        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:04:33.0052 0580        WerSvc - ok
22:04:33.0072 0580        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:04:33.0102 0580        WfpLwf - ok
22:04:33.0132 0580        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:04:33.0142 0580        WIMMount - ok
22:04:33.0292 0580        WinDefend      (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:04:33.0362 0580        WinDefend - ok
22:04:33.0382 0580        WinHttpAutoProxySvc - ok
22:04:33.0672 0580        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:04:33.0732 0580        Winmgmt - ok
22:04:34.0132 0580        WinRM          (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:04:34.0232 0580        WinRM - ok
22:04:34.0352 0580        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:04:34.0382 0580        WinUsb - ok
22:04:34.0592 0580        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:04:34.0702 0580        Wlansvc - ok
22:04:35.0082 0580        wlidsvc        (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:04:35.0162 0580        wlidsvc - ok
22:04:35.0392 0580        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:04:35.0412 0580        WmiAcpi - ok
22:04:35.0592 0580        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:04:35.0632 0580        wmiApSrv - ok
22:04:35.0892 0580        WMPNetworkSvc  (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:04:36.0012 0580        WMPNetworkSvc - ok
22:04:36.0042 0580        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:04:36.0102 0580        WPCSvc - ok
22:04:36.0312 0580        WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:04:36.0372 0580        WPDBusEnum - ok
22:04:36.0617 0580        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:04:36.0695 0580        ws2ifsl - ok
22:04:36.0726 0580        wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
22:04:36.0757 0580        wscsvc - ok
22:04:36.0773 0580        WSearch - ok
22:04:37.0662 0580        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:04:37.0740 0580        wuauserv - ok
22:04:38.0067 0580        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:04:38.0130 0580        WudfPf - ok
22:04:38.0161 0580        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:04:38.0192 0580        WUDFRd - ok
22:04:38.0338 0580        wudfsvc        (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:04:38.0408 0580        wudfsvc - ok
22:04:38.0468 0580        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:04:38.0578 0580        WwanSvc - ok
22:04:38.0648 0580        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:04:39.0328 0580        \Device\Harddisk0\DR0 - ok
22:04:39.0348 0580        Boot (0x1200)  (8f63152a4e600ecbbede0492bf0fd973) \Device\Harddisk0\DR0\Partition0
22:04:39.0368 0580        \Device\Harddisk0\DR0\Partition0 - ok
22:04:39.0378 0580        Boot (0x1200)  (3829071368c6e1d6a483a6df00d43cac) \Device\Harddisk0\DR0\Partition1
22:04:39.0388 0580        \Device\Harddisk0\DR0\Partition1 - ok
22:04:39.0388 0580        ============================================================
22:04:39.0388 0580        Scan finished
22:04:39.0388 0580        ============================================================
22:04:39.0418 3456        Detected object count: 1
22:04:39.0418 3456        Actual detected object count: 1
22:04:48.0005 3456        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:48.0005 3456        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:56.0164 1500        ============================================================
22:04:56.0164 1500        Scan started
22:04:56.0164 1500        Mode: Manual; SigCheck; TDLFS;
22:04:56.0164 1500        ============================================================
22:04:57.0334 1500        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:04:57.0381 1500        1394ohci - ok
22:04:57.0677 1500        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:04:57.0724 1500        ACPI - ok
22:04:57.0755 1500        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:04:57.0787 1500        AcpiPmi - ok
22:04:57.0974 1500        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:04:58.0005 1500        AdobeARMservice - ok
22:04:58.0364 1500        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:04:58.0395 1500        AdobeFlashPlayerUpdateSvc - ok
22:04:58.0879 1500        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:04:58.0925 1500        adp94xx - ok
22:04:59.0003 1500        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:04:59.0050 1500        adpahci - ok
22:04:59.0066 1500        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:04:59.0113 1500        adpu320 - ok
22:04:59.0191 1500        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:04:59.0222 1500        AeLookupSvc - ok
22:04:59.0534 1500        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:04:59.0565 1500        AFD - ok
22:04:59.0612 1500        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:04:59.0627 1500        agp440 - ok
22:04:59.0749 1500        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:04:59.0779 1500        aic78xx - ok
22:04:59.0879 1500        ALG            (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:04:59.0919 1500        ALG - ok
22:04:59.0979 1500        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:05:00.0009 1500        aliide - ok
22:05:00.0039 1500        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:05:00.0069 1500        amdagp - ok
22:05:00.0119 1500        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:05:00.0129 1500        amdide - ok
22:05:00.0149 1500        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:05:00.0169 1500        AmdK8 - ok
22:05:00.0249 1500        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:05:00.0279 1500        AmdPPM - ok
22:05:00.0399 1500        amdsata        (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:05:00.0429 1500        amdsata - ok
22:05:00.0619 1500        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:05:00.0649 1500        amdsbs - ok
22:05:00.0719 1500        amdxata        (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:05:00.0749 1500        amdxata - ok
22:05:00.0799 1500        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:05:00.0869 1500        AppID - ok
22:05:00.0989 1500        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:05:01.0039 1500        AppIDSvc - ok
22:05:01.0069 1500        Appinfo        (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:05:01.0099 1500        Appinfo - ok
22:05:01.0269 1500        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:05:01.0299 1500        Apple Mobile Device - ok
22:05:01.0389 1500        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:05:01.0419 1500        AppMgmt - ok
22:05:01.0499 1500        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:05:01.0529 1500        arc - ok
22:05:01.0609 1500        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:05:01.0639 1500        arcsas - ok
22:05:01.0659 1500        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:01.0689 1500        AsyncMac - ok
22:05:01.0769 1500        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:05:01.0799 1500        atapi - ok
22:05:01.0909 1500        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:05:01.0949 1500        AudioEndpointBuilder - ok
22:05:01.0959 1500        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:05:01.0989 1500        Audiosrv - ok
22:05:02.0029 1500        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:05:02.0049 1500        AxInstSV - ok
22:05:02.0129 1500        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:05:02.0159 1500        b06bdrv - ok
22:05:02.0189 1500        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:05:02.0199 1500        b57nd60x - ok
22:05:02.0279 1500        bcm4sbxp        (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
22:05:02.0309 1500        bcm4sbxp - ok
22:05:02.0349 1500        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:05:02.0369 1500        BDESVC - ok
22:05:02.0389 1500        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:05:02.0429 1500        Beep - ok
22:05:02.0559 1500        BFE            (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:05:02.0619 1500        BFE - ok
22:05:02.0769 1500        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:05:02.0819 1500        BITS - ok
22:05:02.0889 1500        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:05:02.0919 1500        blbdrive - ok
22:05:03.0079 1500        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:05:03.0129 1500        Bonjour Service - ok
22:05:03.0189 1500        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:05:03.0219 1500        bowser - ok
22:05:03.0249 1500        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:05:03.0269 1500        BrFiltLo - ok
22:05:03.0309 1500        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:05:03.0329 1500        BrFiltUp - ok
22:05:03.0359 1500        Browser        (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:05:03.0399 1500        Browser - ok
22:05:03.0469 1500        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:05:03.0489 1500        Brserid - ok
22:05:03.0509 1500        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:05:03.0539 1500        BrSerWdm - ok
22:05:03.0549 1500        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:05:03.0569 1500        BrUsbMdm - ok
22:05:03.0579 1500        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:05:03.0589 1500        BrUsbSer - ok
22:05:03.0639 1500        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:05:03.0669 1500        BthEnum - ok
22:05:03.0679 1500        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:05:03.0699 1500        BTHMODEM - ok
22:05:03.0759 1500        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:05:03.0789 1500        BthPan - ok
22:05:03.0879 1500        BTHPORT        (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:05:03.0909 1500        BTHPORT - ok
22:05:04.0009 1500        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:05:04.0049 1500        bthserv - ok
22:05:04.0069 1500        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:05:04.0079 1500        BTHUSB - ok
22:05:04.0169 1500        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:05:04.0209 1500        cdfs - ok
22:05:04.0309 1500        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:05:04.0329 1500        cdrom - ok
22:05:04.0359 1500        CertPropSvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:05:04.0389 1500        CertPropSvc - ok
22:05:04.0449 1500        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:05:04.0469 1500        circlass - ok
22:05:04.0519 1500        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:05:04.0529 1500        CLFS - ok
22:05:04.0679 1500        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:05:04.0709 1500        clr_optimization_v2.0.50727_32 - ok
22:05:04.0789 1500        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:05:04.0819 1500        CmBatt - ok
22:05:04.0879 1500        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:05:04.0909 1500        cmdide - ok
22:05:05.0039 1500        CNG            (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:05:05.0089 1500        CNG - ok
22:05:05.0139 1500        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:05:05.0169 1500        Compbatt - ok
22:05:05.0209 1500        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:05:05.0239 1500        CompositeBus - ok
22:05:05.0249 1500        COMSysApp - ok
22:05:05.0299 1500        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:05:05.0329 1500        crcdisk - ok
22:05:05.0449 1500        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:05:05.0479 1500        CryptSvc - ok
22:05:05.0639 1500        CSC            (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:05:05.0659 1500        CSC - ok
22:05:05.0779 1500        CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:05:05.0809 1500        CscService - ok
22:05:06.0129 1500        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:05:06.0169 1500        DcomLaunch - ok
22:05:06.0209 1500        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:05:06.0249 1500        defragsvc - ok
22:05:06.0429 1500        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:05:06.0479 1500        DfsC - ok
22:05:06.0609 1500        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:05:06.0671 1500        Dhcp - ok
22:05:06.0687 1500        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:05:06.0718 1500        discache - ok
22:05:06.0733 1500        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:05:06.0749 1500        Disk - ok
22:05:06.0796 1500        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:05:06.0837 1500        Dnscache - ok
22:05:06.0967 1500        dot3svc        (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:05:07.0027 1500        dot3svc - ok
22:05:07.0177 1500        DPS            (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:05:07.0237 1500        DPS - ok
22:05:07.0267 1500        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:05:07.0297 1500        drmkaud - ok
22:05:07.0407 1500        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:05:07.0447 1500        DXGKrnl - ok
22:05:07.0467 1500        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:05:07.0497 1500        EapHost - ok
22:05:08.0047 1500        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:05:08.0187 1500        ebdrv - ok
22:05:08.0487 1500        EFS            (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:05:08.0527 1500        EFS - ok
22:05:08.0727 1500        ehRecvr        (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:05:08.0767 1500        ehRecvr - ok
22:05:08.0827 1500        ehSched        (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:05:08.0877 1500        ehSched - ok
22:05:09.0258 1500        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:05:09.0298 1500        elxstor - ok
22:05:09.0328 1500        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:05:09.0338 1500        ErrDev - ok
22:05:09.0398 1500        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:05:09.0438 1500        EventSystem - ok
22:05:09.0468 1500        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:05:09.0498 1500        exfat - ok
22:05:09.0608 1500        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:05:09.0668 1500        fastfat - ok
22:05:09.0808 1500        Fax            (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:05:09.0838 1500        Fax - ok
22:05:09.0888 1500        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:05:09.0908 1500        fdc - ok
22:05:09.0968 1500        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:05:10.0018 1500        fdPHost - ok
22:05:10.0048 1500        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:05:10.0078 1500        FDResPub - ok
22:05:10.0108 1500        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:05:10.0118 1500        FileInfo - ok
22:05:10.0128 1500        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:05:10.0158 1500        Filetrace - ok
22:05:10.0168 1500        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:05:10.0178 1500        flpydisk - ok
22:05:10.0258 1500        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:05:10.0288 1500        FltMgr - ok
22:05:10.0443 1500        FontCache      (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
22:05:10.0521 1500        FontCache - ok
22:05:10.0778 1500        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:05:10.0798 1500        FontCache3.0.0.0 - ok
22:05:10.0828 1500        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:05:10.0838 1500        FsDepends - ok
22:05:10.0868 1500        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:05:10.0878 1500        Fs_Rec - ok
22:05:10.0958 1500        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:05:10.0988 1500        fvevol - ok
22:05:11.0028 1500        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:05:11.0048 1500        gagp30kx - ok
22:05:11.0068 1500        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:05:11.0078 1500        GEARAspiWDM - ok
22:05:11.0158 1500        gpsvc          (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:05:11.0218 1500        gpsvc - ok
22:05:11.0238 1500        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:05:11.0258 1500        hcw85cir - ok
22:05:11.0298 1500        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:05:11.0348 1500        HdAudAddService - ok
22:05:11.0368 1500        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:05:11.0388 1500        HDAudBus - ok
22:05:11.0398 1500        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:05:11.0408 1500        HidBatt - ok
22:05:11.0428 1500        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:05:11.0448 1500        HidBth - ok
22:05:11.0458 1500        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:05:11.0478 1500        HidIr - ok
22:05:11.0508 1500        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:05:11.0528 1500        hidserv - ok
22:05:11.0558 1500        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:05:11.0568 1500        HidUsb - ok
22:05:11.0608 1500        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:05:11.0648 1500        hkmsvc - ok
22:05:11.0678 1500        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:05:11.0728 1500        HomeGroupListener - ok
22:05:11.0778 1500        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:05:11.0798 1500        HomeGroupProvider - ok
22:05:11.0818 1500        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:05:11.0838 1500        HpSAMD - ok
22:05:11.0958 1500        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:05:12.0028 1500        HTTP - ok
22:05:12.0058 1500        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:05:12.0068 1500        hwpolicy - ok
22:05:12.0088 1500        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:05:12.0108 1500        i8042prt - ok
22:05:12.0138 1500        iaStorV        (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:05:12.0158 1500        iaStorV - ok
22:05:12.0318 1500        idsvc          (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:05:12.0358 1500        idsvc - ok
22:05:12.0398 1500        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:05:12.0418 1500        iirsp - ok
22:05:12.0518 1500        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:05:12.0568 1500        IKEEXT - ok
22:05:12.0608 1500        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:05:12.0628 1500        intelide - ok
22:05:12.0648 1500        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:05:12.0668 1500        intelppm - ok
22:05:12.0688 1500        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:05:12.0738 1500        IPBusEnum - ok
22:05:12.0748 1500        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:12.0778 1500        IpFilterDriver - ok
22:05:12.0825 1500        iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:05:12.0856 1500        iphlpsvc - ok
22:05:12.0887 1500        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:05:12.0903 1500        IPMIDRV - ok
22:05:12.0950 1500        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:05:13.0012 1500        IPNAT - ok
22:05:13.0152 1500        iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:05:13.0215 1500        iPod Service - ok
22:05:13.0230 1500        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:05:13.0262 1500        IRENUM - ok
22:05:13.0293 1500        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:05:13.0324 1500        isapnp - ok
22:05:13.0355 1500        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:05:13.0402 1500        iScsiPrt - ok
22:05:13.0418 1500        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:05:13.0433 1500        kbdclass - ok
22:05:13.0449 1500        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:05:13.0464 1500        kbdhid - ok
22:05:13.0496 1500        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:13.0511 1500        KeyIso - ok
22:05:13.0542 1500        KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:05:13.0558 1500        KSecDD - ok
22:05:13.0574 1500        KSecPkg        (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:05:13.0589 1500        KSecPkg - ok
22:05:13.0636 1500        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:05:13.0698 1500        KtmRm - ok
22:05:13.0730 1500        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:05:13.0776 1500        LanmanServer - ok
22:05:13.0823 1500        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:05:13.0854 1500        LanmanWorkstation - ok
22:05:13.0870 1500        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:05:13.0917 1500        lltdio - ok
22:05:13.0995 1500        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:05:14.0042 1500        lltdsvc - ok
22:05:14.0042 1500        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:05:14.0073 1500        lmhosts - ok
22:05:14.0104 1500        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:05:14.0120 1500        LSI_FC - ok
22:05:14.0135 1500        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:05:14.0151 1500        LSI_SAS - ok
22:05:14.0166 1500        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:05:14.0182 1500        LSI_SAS2 - ok
22:05:14.0198 1500        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:05:14.0213 1500        LSI_SCSI - ok
22:05:14.0229 1500        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:05:14.0260 1500        luafv - ok
22:05:14.0291 1500        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:05:14.0307 1500        MBAMProtector - ok
22:05:14.0400 1500        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:05:14.0447 1500        MBAMService - ok
22:05:14.0478 1500        Mcx2Svc        (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:05:14.0510 1500        Mcx2Svc - ok
22:05:14.0525 1500        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:05:14.0541 1500        megasas - ok
22:05:14.0572 1500        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:05:14.0588 1500        MegaSR - ok
22:05:14.0650 1500        Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:05:14.0681 1500        Microsoft Office Groove Audit Service - ok
22:05:14.0712 1500        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:05:14.0775 1500        MMCSS - ok
22:05:14.0775 1500        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:05:14.0806 1500        Modem - ok
22:05:14.0822 1500        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:05:14.0837 1500        monitor - ok
22:05:14.0853 1500        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:05:14.0868 1500        mouclass - ok
22:05:14.0884 1500        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:05:14.0900 1500        mouhid - ok
22:05:14.0993 1500        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:05:15.0024 1500        mountmgr - ok
22:05:15.0071 1500        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:05:15.0102 1500        MozillaMaintenance - ok
22:05:15.0149 1500        MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
22:05:15.0180 1500        MpFilter - ok
22:05:15.0212 1500        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:05:15.0243 1500        mpio - ok
22:05:15.0274 1500        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:05:15.0321 1500        mpsdrv - ok
22:05:15.0399 1500        MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:05:15.0461 1500        MpsSvc - ok
22:05:15.0493 1500        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:05:15.0508 1500        MRxDAV - ok
22:05:15.0539 1500        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:15.0571 1500        mrxsmb - ok
22:05:15.0586 1500        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:15.0602 1500        mrxsmb10 - ok
22:05:15.0617 1500        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

mno7 15.07.2012 21:16
Code:
22:05:15.0633 1500        mrxsmb20 - ok
22:05:15.0664 1500        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:05:15.0680 1500        msahci - ok
22:05:15.0711 1500        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:05:15.0727 1500        msdsm - ok
22:05:15.0758 1500        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:05:15.0773 1500        MSDTC - ok
22:05:15.0805 1500        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:05:15.0820 1500        Msfs - ok
22:05:15.0851 1500        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:05:15.0867 1500        mshidkmdf - ok
22:05:15.0883 1500        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:05:15.0898 1500        msisadrv - ok
22:05:15.0961 1500        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:05:16.0023 1500        MSiSCSI - ok
22:05:16.0023 1500        msiserver - ok
22:05:16.0054 1500        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:05:16.0085 1500        MSKSSRV - ok
22:05:16.0148 1500        MsMpSvc        (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:05:16.0179 1500        MsMpSvc - ok
22:05:16.0195 1500        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:16.0241 1500        MSPCLOCK - ok
22:05:16.0241 1500        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:05:16.0273 1500        MSPQM - ok
22:05:16.0288 1500        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:05:16.0319 1500        MsRPC - ok
22:05:16.0351 1500        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:05:16.0366 1500        mssmbios - ok
22:05:16.0382 1500        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:05:16.0397 1500        MSTEE - ok
22:05:16.0413 1500        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:05:16.0429 1500        MTConfig - ok
22:05:16.0444 1500        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:05:16.0460 1500        Mup - ok
22:05:16.0507 1500        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:05:16.0569 1500        napagent - ok
22:05:16.0585 1500        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:05:16.0616 1500        NativeWifiP - ok
22:05:16.0678 1500        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:05:16.0709 1500        NDIS - ok
22:05:16.0725 1500        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:16.0756 1500        NdisCap - ok
22:05:16.0772 1500        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:16.0803 1500        NdisTapi - ok
22:05:16.0834 1500        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:16.0865 1500        Ndisuio - ok
22:05:16.0897 1500        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:16.0928 1500        NdisWan - ok
22:05:16.0990 1500        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:05:17.0037 1500        NDProxy - ok
22:05:17.0053 1500        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:05:17.0099 1500        NetBIOS - ok
22:05:17.0131 1500        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:05:17.0162 1500        NetBT - ok
22:05:17.0193 1500        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:17.0209 1500        Netlogon - ok
22:05:17.0240 1500        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:05:17.0287 1500        Netman - ok
22:05:17.0318 1500        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:05:17.0349 1500        netprofm - ok
22:05:17.0427 1500        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:05:17.0458 1500        NetTcpPortSharing - ok
22:05:17.0895 1500        netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:05:18.0113 1500        netw5v32 - ok
22:05:18.0254 1500        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:05:18.0285 1500        nfrd960 - ok
22:05:18.0316 1500        NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:05:18.0332 1500        NisDrv - ok
22:05:18.0425 1500        NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:05:18.0472 1500        NisSrv - ok
22:05:18.0550 1500        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:05:18.0613 1500        NlaSvc - ok
22:05:18.0628 1500        nmwcd          (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\Windows\system32\drivers\ccdcmb.sys
22:05:18.0675 1500        nmwcd - ok
22:05:18.0691 1500        nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\Windows\system32\drivers\ccdcmbo.sys
22:05:18.0722 1500        nmwcdc - ok
22:05:18.0753 1500        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:05:18.0784 1500        Npfs - ok
22:05:18.0815 1500        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:05:18.0847 1500        nsi - ok
22:05:18.0862 1500        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:05:18.0893 1500        nsiproxy - ok
22:05:19.0049 1500        Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:05:19.0127 1500        Ntfs - ok
22:05:19.0143 1500        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:05:19.0174 1500        Null - ok
22:05:19.0939 1500        nvlddmkm        (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:05:20.0219 1500        nvlddmkm - ok
22:05:20.0391 1500        nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:05:20.0422 1500        nvraid - ok
22:05:20.0438 1500        nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:05:20.0469 1500        nvstor - ok
22:05:20.0500 1500        nvsvc          (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
22:05:20.0547 1500        nvsvc - ok
22:05:20.0547 1500        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:05:20.0563 1500        nv_agp - ok
22:05:20.0703 1500        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:05:20.0765 1500        odserv - ok
22:05:20.0797 1500        OEM02Dev        (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:05:20.0828 1500        OEM02Dev - ok
22:05:20.0843 1500        OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:05:20.0859 1500        OEM02Vfx - ok
22:05:20.0875 1500        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:05:20.0890 1500        ohci1394 - ok
22:05:20.0984 1500        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:21.0015 1500        ose - ok
22:05:21.0077 1500        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:05:21.0124 1500        p2pimsvc - ok
22:05:21.0171 1500        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:05:21.0218 1500        p2psvc - ok
22:05:21.0249 1500        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:05:21.0280 1500        Parport - ok
22:05:21.0311 1500        partmgr        (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:05:21.0327 1500        partmgr - ok
22:05:21.0343 1500        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:05:21.0358 1500        Parvdm - ok
22:05:21.0389 1500        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:05:21.0436 1500        PcaSvc - ok
22:05:21.0452 1500        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:05:21.0467 1500        pccsmcfd - ok
22:05:21.0530 1500        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:05:21.0555 1500        pci - ok
22:05:21.0565 1500        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:05:21.0585 1500        pciide - ok
22:05:21.0605 1500        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:05:21.0625 1500        pcmcia - ok
22:05:21.0645 1500        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:05:21.0655 1500        pcw - ok
22:05:21.0695 1500        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:05:21.0755 1500        PEAUTH - ok
22:05:21.0875 1500        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:05:21.0985 1500        PeerDistSvc - ok
22:05:22.0175 1500        pla            (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:05:22.0235 1500        pla - ok
22:05:22.0365 1500        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:05:22.0395 1500        PlugPlay - ok
22:05:22.0425 1500        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:05:22.0435 1500        PNRPAutoReg - ok
22:05:22.0465 1500        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:05:22.0485 1500        PNRPsvc - ok
22:05:22.0515 1500        PolicyAgent    (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:05:22.0555 1500        PolicyAgent - ok
22:05:22.0585 1500        Power          (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:05:22.0635 1500        Power - ok
22:05:22.0685 1500        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:05:22.0735 1500        PptpMiniport - ok
22:05:22.0765 1500        PRESONUS_AUDIOBOX_MIDI (ed7f742b0eacf745afb5b2fe5baec618) C:\Windows\system32\drivers\psabusbm.sys
22:05:22.0785 1500        PRESONUS_AUDIOBOX_MIDI - ok
22:05:22.0855 1500        PRESONUS_AUDIOBOX_USB (dd02c038c7a24dd23aaa75595bec80ba) C:\Windows\system32\Drivers\psabusbu.sys
22:05:22.0895 1500        PRESONUS_AUDIOBOX_USB - ok
22:05:22.0965 1500        PRESONUS_AUDIOBOX_WDM (08ac58a2bc1084e6eb4800b98368ccaa) C:\Windows\system32\drivers\psabusba.sys
22:05:22.0975 1500        PRESONUS_AUDIOBOX_WDM - ok
22:05:22.0995 1500        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:05:23.0015 1500        Processor - ok
22:05:23.0065 1500        ProfSvc        (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:05:23.0115 1500        ProfSvc - ok
22:05:23.0145 1500        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:23.0155 1500        ProtectedStorage - ok
22:05:23.0175 1500        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:05:23.0205 1500        Psched - ok
22:05:23.0345 1500        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:05:23.0425 1500        ql2300 - ok
22:05:23.0585 1500        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:05:23.0635 1500        ql40xx - ok
22:05:23.0685 1500        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:05:23.0715 1500        QWAVE - ok
22:05:23.0735 1500        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:05:23.0755 1500        QWAVEdrv - ok
22:05:23.0765 1500        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:05:23.0795 1500        RasAcd - ok
22:05:23.0825 1500        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:23.0855 1500        RasAgileVpn - ok
22:05:23.0875 1500        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:05:23.0905 1500        RasAuto - ok
22:05:23.0975 1500        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:24.0045 1500        Rasl2tp - ok
22:05:24.0105 1500        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:05:24.0145 1500        RasMan - ok
22:05:24.0175 1500        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:24.0195 1500        RasPppoe - ok
22:05:24.0235 1500        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:05:24.0285 1500        RasSstp - ok
22:05:24.0345 1500        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:05:24.0405 1500        rdbss - ok
22:05:24.0425 1500        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:05:24.0435 1500        rdpbus - ok
22:05:24.0545 1500        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:05:24.0591 1500        RDPCDD - ok
22:05:24.0638 1500        RDPDR          (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:05:24.0685 1500        RDPDR - ok
22:05:24.0685 1500        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:05:24.0716 1500        RDPENCDD - ok
22:05:24.0732 1500        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:05:24.0747 1500        RDPREFMP - ok
22:05:24.0794 1500        RDPWD          (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:05:24.0841 1500        RDPWD - ok
22:05:24.0888 1500        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:05:24.0919 1500        rdyboost - ok
22:05:24.0981 1500        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:05:25.0028 1500        RemoteAccess - ok
22:05:25.0059 1500        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:05:25.0091 1500        RemoteRegistry - ok
22:05:25.0106 1500        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:05:25.0137 1500        RFCOMM - ok
22:05:25.0153 1500        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:05:25.0184 1500        RpcEptMapper - ok
22:05:25.0200 1500        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:05:25.0215 1500        RpcLocator - ok
22:05:25.0262 1500        RpcSs          (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:05:25.0325 1500        RpcSs - ok
22:05:25.0356 1500        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:05:25.0403 1500        rspndr - ok
22:05:25.0434 1500        s3cap          (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:05:25.0465 1500        s3cap - ok
22:05:25.0481 1500        SamSs          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:25.0512 1500        SamSs - ok
22:05:25.0527 1500        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:05:25.0559 1500        sbp2port - ok
22:05:25.0574 1500        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:05:25.0621 1500        SCardSvr - ok
22:05:25.0652 1500        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:05:25.0699 1500        scfilter - ok
22:05:25.0839 1500        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:05:25.0886 1500        Schedule - ok
22:05:26.0011 1500        SCPolicySvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:05:26.0073 1500        SCPolicySvc - ok
22:05:26.0105 1500        sdbus          (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:05:26.0136 1500        sdbus - ok
22:05:26.0167 1500        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:05:26.0198 1500        SDRSVC - ok
22:05:26.0214 1500        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:05:26.0245 1500        secdrv - ok
22:05:26.0276 1500        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:05:26.0307 1500        seclogon - ok
22:05:26.0323 1500        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:05:26.0354 1500        SENS - ok
22:05:26.0385 1500        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:05:26.0401 1500        SensrSvc - ok
22:05:26.0417 1500        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:05:26.0432 1500        Serenum - ok
22:05:26.0448 1500        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:05:26.0463 1500        Serial - ok
22:05:26.0479 1500        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:05:26.0479 1500        sermouse - ok
22:05:26.0604 1500        ServiceLayer    (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:05:26.0651 1500        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:05:26.0651 1500        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:05:26.0697 1500        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:05:26.0744 1500        SessionEnv - ok
22:05:26.0760 1500        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:05:26.0775 1500        sffdisk - ok
22:05:26.0791 1500        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:05:26.0807 1500        sffp_mmc - ok
22:05:26.0822 1500        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:05:26.0838 1500        sffp_sd - ok
22:05:26.0853 1500        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:05:26.0869 1500        sfloppy - ok
22:05:26.0963 1500        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:05:27.0041 1500        SharedAccess - ok
22:05:27.0087 1500        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:05:27.0150 1500        ShellHWDetection - ok
22:05:27.0150 1500        Scan interrupted by user!
22:05:27.0150 1500        Scan interrupted by user!
22:05:27.0150 1500        Scan interrupted by user!
22:05:27.0150 1500        ============================================================
22:05:27.0150 1500        Scan finished
22:05:27.0150 1500        ============================================================
22:05:27.0150 2844        Detected object count: 1
22:05:27.0150 2844        Actual detected object count: 1
22:05:30.0535 2844        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:05:30.0535 2844        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:05:35.0745 0776        ============================================================
22:05:35.0745 0776        Scan started
22:05:35.0745 0776        Mode: Manual; SigCheck; TDLFS;
22:05:35.0745 0776        ============================================================
22:05:36.0525 0776        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:05:36.0572 0776        1394ohci - ok
22:05:36.0619 0776        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:05:36.0666 0776        ACPI - ok
22:05:36.0697 0776        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:05:36.0728 0776        AcpiPmi - ok
22:05:36.0822 0776        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:05:36.0853 0776        AdobeARMservice - ok
22:05:36.0993 0776        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:05:37.0040 0776        AdobeFlashPlayerUpdateSvc - ok
22:05:37.0103 0776        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:05:37.0149 0776        adp94xx - ok
22:05:37.0181 0776        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:05:37.0212 0776        adpahci - ok
22:05:37.0227 0776        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:05:37.0243 0776        adpu320 - ok
22:05:37.0274 0776        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:05:37.0337 0776        AeLookupSvc - ok
22:05:37.0399 0776        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:05:37.0446 0776        AFD - ok
22:05:37.0477 0776        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:05:37.0493 0776        agp440 - ok
22:05:37.0508 0776        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:05:37.0539 0776        aic78xx - ok
22:05:37.0539 0776        ALG            (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:05:37.0571 0776        ALG - ok
22:05:37.0586 0776        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:05:37.0602 0776        aliide - ok
22:05:37.0633 0776        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:05:37.0649 0776        amdagp - ok
22:05:37.0649 0776        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:05:37.0664 0776        amdide - ok
22:05:37.0680 0776        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:05:37.0695 0776        AmdK8 - ok
22:05:37.0711 0776        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:05:37.0727 0776        AmdPPM - ok
22:05:37.0758 0776        amdsata        (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:05:37.0773 0776        amdsata - ok
22:05:37.0789 0776        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:05:37.0805 0776        amdsbs - ok
22:05:37.0820 0776        amdxata        (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:05:37.0836 0776        amdxata - ok
22:05:37.0867 0776        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:05:37.0898 0776        AppID - ok
22:05:37.0976 0776        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:05:38.0023 0776        AppIDSvc - ok
22:05:38.0054 0776        Appinfo        (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:05:38.0085 0776        Appinfo - ok
22:05:38.0163 0776        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:05:38.0195 0776        Apple Mobile Device - ok
22:05:38.0226 0776        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:05:38.0273 0776        AppMgmt - ok
22:05:38.0319 0776        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:05:38.0335 0776        arc - ok
22:05:38.0351 0776        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:05:38.0366 0776        arcsas - ok
22:05:38.0382 0776        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:38.0429 0776        AsyncMac - ok
22:05:38.0460 0776        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:05:38.0491 0776        atapi - ok
22:05:38.0569 0776        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:05:38.0631 0776        AudioEndpointBuilder - ok
22:05:38.0631 0776        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:05:38.0663 0776        Audiosrv - ok
22:05:38.0709 0776        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:05:38.0741 0776        AxInstSV - ok
22:05:38.0772 0776        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:05:38.0803 0776        b06bdrv - ok
22:05:38.0819 0776        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:05:38.0834 0776        b57nd60x - ok
22:05:38.0881 0776        bcm4sbxp        (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
22:05:38.0912 0776        bcm4sbxp - ok
22:05:38.0990 0776        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:05:39.0006 0776        BDESVC - ok
22:05:39.0021 0776        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:05:39.0068 0776        Beep - ok
22:05:39.0115 0776        BFE            (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:05:39.0162 0776        BFE - ok
22:05:39.0224 0776        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:05:39.0271 0776        BITS - ok
22:05:39.0287 0776        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:05:39.0302 0776        blbdrive - ok
22:05:39.0396 0776        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:05:39.0427 0776        Bonjour Service - ok
22:05:39.0458 0776        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:05:39.0489 0776        bowser - ok
22:05:39.0505 0776        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:05:39.0521 0776        BrFiltLo - ok
22:05:39.0536 0776        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:05:39.0552 0776        BrFiltUp - ok
22:05:39.0583 0776        Browser        (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:05:39.0614 0776        Browser - ok
22:05:39.0645 0776        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:05:39.0661 0776        Brserid - ok
22:05:39.0677 0776        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:05:39.0692 0776        BrSerWdm - ok
22:05:39.0708 0776        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:05:39.0723 0776        BrUsbMdm - ok
22:05:39.0723 0776        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:05:39.0739 0776        BrUsbSer - ok
22:05:39.0770 0776        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:05:39.0786 0776        BthEnum - ok
22:05:39.0801 0776        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:05:39.0817 0776        BTHMODEM - ok
22:05:39.0848 0776        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:05:39.0864 0776        BthPan - ok
22:05:39.0911 0776        BTHPORT        (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:05:39.0926 0776        BTHPORT - ok
22:05:39.0973 0776        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:05:39.0989 0776        bthserv - ok
22:05:40.0020 0776        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:05:40.0035 0776        BTHUSB - ok
22:05:40.0051 0776        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:05:40.0082 0776        cdfs - ok
22:05:40.0098 0776        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:05:40.0113 0776        cdrom - ok
22:05:40.0129 0776        CertPropSvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:05:40.0160 0776        CertPropSvc - ok
22:05:40.0160 0776        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:05:40.0176 0776        circlass - ok
22:05:40.0207 0776        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:05:40.0223 0776        CLFS - ok
22:05:40.0285 0776        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:05:40.0301 0776        clr_optimization_v2.0.50727_32 - ok
22:05:40.0332 0776        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:05:40.0347 0776        CmBatt - ok
22:05:40.0379 0776        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:05:40.0394 0776        cmdide - ok
22:05:40.0472 0776        CNG            (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:05:40.0503 0776        CNG - ok
22:05:40.0519 0776        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:05:40.0535 0776        Compbatt - ok
22:05:40.0550 0776        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:05:40.0566 0776        CompositeBus - ok
22:05:40.0566 0776        COMSysApp - ok
22:05:40.0581 0776        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:05:40.0597 0776        crcdisk - ok
22:05:40.0628 0776        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:05:40.0644 0776        CryptSvc - ok
22:05:40.0691 0776        CSC            (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:05:40.0706 0776        CSC - ok
22:05:40.0769 0776        CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:05:40.0784 0776        CscService - ok
22:05:40.0831 0776        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:05:40.0862 0776        DcomLaunch - ok
22:05:40.0909 0776        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:05:40.0940 0776        defragsvc - ok
22:05:41.0003 0776        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:05:41.0049 0776        DfsC - ok
22:05:41.0081 0776        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:05:41.0127 0776        Dhcp - ok
22:05:41.0159 0776        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:05:41.0190 0776        discache - ok
22:05:41.0205 0776        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:05:41.0205 0776        Disk - ok
22:05:41.0237 0776        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:05:41.0252 0776        Dnscache - ok
22:05:41.0299 0776        dot3svc        (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:05:41.0330 0776        dot3svc - ok
22:05:41.0361 0776        DPS            (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:05:41.0393 0776        DPS - ok
22:05:41.0424 0776        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:05:41.0439 0776        drmkaud - ok
22:05:41.0502 0776        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:05:41.0533 0776        DXGKrnl - ok
22:05:41.0564 0776        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:05:41.0595 0776        EapHost - ok
22:05:41.0907 0776        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:05:41.0970 0776        ebdrv - ok
22:05:42.0173 0776        EFS            (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:05:42.0204 0776        EFS - ok
22:05:42.0297 0776        ehRecvr        (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:05:42.0344 0776        ehRecvr - ok
22:05:42.0375 0776        ehSched        (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:05:42.0422 0776        ehSched - ok
22:05:42.0516 0776        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:05:42.0547 0776        elxstor - ok
22:05:42.0563 0776        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:05:42.0578 0776        ErrDev - ok
22:05:42.0625 0776        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:05:42.0687 0776        EventSystem - ok
22:05:42.0703 0776        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:05:42.0734 0776        exfat - ok
22:05:42.0765 0776        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:05:42.0797 0776        fastfat - ok
22:05:42.0843 0776        Fax            (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:05:42.0875 0776        Fax - ok
22:05:42.0890 0776        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:05:42.0906 0776        fdc - ok
22:05:42.0921 0776        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:05:42.0937 0776        fdPHost - ok
22:05:42.0953 0776        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:05:42.0968 0776        FDResPub - ok
22:05:42.0999 0776        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:05:42.0999 0776        FileInfo - ok
22:05:43.0015 0776        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:05:43.0046 0776        Filetrace - ok
22:05:43.0062 0776        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:05:43.0077 0776        flpydisk - ok
22:05:43.0093 0776        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:05:43.0109 0776        FltMgr - ok
22:05:43.0187 0776        FontCache      (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
22:05:43.0218 0776        FontCache - ok
22:05:43.0296 0776        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:05:43.0311 0776        FontCache3.0.0.0 - ok
22:05:43.0343 0776        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:05:43.0374 0776        FsDepends - ok
22:05:43.0405 0776        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:05:43.0436 0776        Fs_Rec - ok
22:05:43.0467 0776        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:05:43.0483 0776        fvevol - ok
22:05:43.0514 0776        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:05:43.0545 0776        gagp30kx - ok
22:05:43.0577 0776        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:05:43.0592 0776        GEARAspiWDM - ok
22:05:43.0655 0776        gpsvc          (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:05:43.0686 0776        gpsvc - ok
22:05:43.0701 0776        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:05:43.0717 0776        hcw85cir - ok
22:05:43.0779 0776        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:05:43.0795 0776        HdAudAddService - ok
22:05:43.0826 0776        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:05:43.0842 0776        HDAudBus - ok
22:05:43.0857 0776        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:05:43.0873 0776        HidBatt - ok
22:05:43.0889 0776        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:05:43.0904 0776        HidBth - ok
22:05:43.0920 0776        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:05:43.0935 0776        HidIr - ok
22:05:43.0967 0776        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:05:43.0998 0776        hidserv - ok
22:05:44.0029 0776        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:05:44.0045 0776        HidUsb - ok
22:05:44.0076 0776        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:05:44.0107 0776        hkmsvc - ok
22:05:44.0123 0776        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:05:44.0138 0776        HomeGroupListener - ok
22:05:44.0185 0776        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:05:44.0216 0776        HomeGroupProvider - ok
22:05:44.0232 0776        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:05:44.0247 0776        HpSAMD - ok
22:05:44.0310 0776        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:05:44.0341 0776        HTTP - ok
22:05:44.0372 0776        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:05:44.0372 0776        hwpolicy - ok
22:05:44.0419 0776        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:05:44.0419 0776        i8042prt - ok
22:05:44.0466 0776        iaStorV        (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:05:44.0481 0776        iaStorV - ok
22:05:44.0637 0776        idsvc          (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:05:44.0684 0776        idsvc - ok
22:05:44.0715 0776        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:05:44.0731 0776        iirsp - ok
22:05:44.0825 0776        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:05:44.0856 0776        IKEEXT - ok
22:05:44.0903 0776        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:05:44.0903 0776        intelide - ok
22:05:44.0918 0776        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:05:44.0934 0776        intelppm - ok
22:05:44.0965 0776        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:05:45.0012 0776        IPBusEnum - ok
22:05:45.0027 0776        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:45.0059 0776        IpFilterDriver - ok
22:05:45.0121 0776        iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:05:45.0183 0776        iphlpsvc - ok
22:05:45.0199 0776        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:05:45.0215 0776        IPMIDRV - ok
22:05:45.0230 0776        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:05:45.0261 0776        IPNAT - ok
22:05:45.0402 0776        iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:05:45.0433 0776        iPod Service - ok
22:05:45.0449 0776        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:05:45.0464 0776        IRENUM - ok
22:05:45.0495 0776        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:05:45.0511 0776        isapnp - ok
22:05:45.0558 0776        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:05:45.0573 0776        iScsiPrt - ok
22:05:45.0589 0776        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:05:45.0589 0776        kbdclass - ok
22:05:45.0620 0776        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:05:45.0636 0776        kbdhid - ok
22:05:45.0651 0776        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:45.0667 0776        KeyIso - ok
22:05:45.0698 0776        KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:05:45.0714 0776        KSecDD - ok
22:05:45.0761 0776        KSecPkg        (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:05:45.0792 0776        KSecPkg - ok
22:05:45.0839 0776        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:05:45.0885 0776        KtmRm - ok
22:05:45.0932 0776        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:05:45.0979 0776        LanmanServer - ok
22:05:46.0010 0776        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:05:46.0073 0776        LanmanWorkstation - ok
22:05:46.0104 0776        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:05:46.0135 0776        lltdio - ok
22:05:46.0166 0776        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:05:46.0197 0776        lltdsvc - ok
22:05:46.0197 0776        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:05:46.0229 0776        lmhosts - ok
22:05:46.0244 0776        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:05:46.0260 0776        LSI_FC - ok
22:05:46.0275 0776        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:05:46.0291 0776        LSI_SAS - ok
22:05:46.0307 0776        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:05:46.0322 0776        LSI_SAS2 - ok
22:05:46.0338 0776        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:05:46.0353 0776        LSI_SCSI - ok
22:05:46.0369 0776        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:05:46.0400 0776        luafv - ok
22:05:46.0431 0776        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:05:46.0431 0776        MBAMProtector - ok
22:05:46.0541 0776        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:05:46.0556 0776        MBAMService - ok
22:05:46.0587 0776        Mcx2Svc        (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:05:46.0619 0776        Mcx2Svc - ok
22:05:46.0634 0776        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:05:46.0650 0776        megasas - ok
22:05:46.0697 0776        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:05:46.0722 0776        MegaSR - ok
22:05:46.0792 0776        Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:05:46.0822 0776        Microsoft Office Groove Audit Service - ok
22:05:46.0852 0776        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:05:46.0912 0776        MMCSS - ok
22:05:46.0912 0776        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:05:46.0942 0776        Modem - ok
22:05:46.0952 0776        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:05:46.0962 0776        monitor - ok
22:05:46.0982 0776        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:05:46.0992 0776        mouclass - ok
22:05:47.0002 0776        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:05:47.0022 0776        mouhid - ok
22:05:47.0072 0776        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:05:47.0102 0776        mountmgr - ok
22:05:47.0152 0776        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:05:47.0182 0776        MozillaMaintenance - ok
22:05:47.0222 0776        MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
22:05:47.0252 0776        MpFilter - ok
22:05:47.0292 0776        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:05:47.0302 0776        mpio - ok
22:05:47.0332 0776        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:05:47.0362 0776        mpsdrv - ok
22:05:47.0452 0776        MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:05:47.0502 0776        MpsSvc - ok
22:05:47.0542 0776        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:05:47.0562 0776        MRxDAV - ok
22:05:47.0592 0776        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:47.0602 0776        mrxsmb - ok
22:05:47.0622 0776        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:47.0632 0776        mrxsmb10 - ok
22:05:47.0653 0776        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:05:47.0663 0776        mrxsmb20 - ok
22:05:47.0693 0776        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:05:47.0703 0776        msahci - ok
22:05:47.0723 0776        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:05:47.0743 0776        msdsm - ok
22:05:47.0783 0776        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:05:47.0823 0776        MSDTC - ok
22:05:47.0843 0776        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:05:47.0883 0776        Msfs - ok
22:05:47.0893 0776        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:05:47.0923 0776        mshidkmdf - ok
22:05:47.0943 0776        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:05:47.0953 0776        msisadrv - ok
22:05:47.0983 0776        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:05:48.0013 0776        MSiSCSI - ok
22:05:48.0013 0776        msiserver - ok
22:05:48.0033 0776        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:05:48.0063 0776        MSKSSRV - ok
22:05:48.0123 0776        MsMpSvc        (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:05:48.0143 0776        MsMpSvc - ok
22:05:48.0163 0776        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:48.0203 0776        MSPCLOCK - ok
22:05:48.0213 0776        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:05:48.0243 0776        MSPQM - ok
22:05:48.0273 0776        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:05:48.0283 0776        MsRPC - ok
22:05:48.0303 0776        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:05:48.0313 0776        mssmbios - ok
22:05:48.0323 0776        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:05:48.0353 0776        MSTEE - ok
22:05:48.0373 0776        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:05:48.0383 0776        MTConfig - ok
22:05:48.0403 0776        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:05:48.0413 0776        Mup - ok
22:05:48.0463 0776        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:05:48.0513 0776        napagent - ok
22:05:48.0553 0776        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:05:48.0563 0776        NativeWifiP - ok
22:05:48.0633 0776        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:05:48.0664 0776        NDIS - ok
22:05:48.0674 0776        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:48.0704 0776        NdisCap - ok
22:05:48.0714 0776        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:48.0734 0776        NdisTapi - ok
22:05:48.0754 0776        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:48.0774 0776        Ndisuio - ok
22:05:48.0805 0776        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:48.0868 0776        NdisWan - ok
22:05:48.0899 0776        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:05:48.0946 0776        NDProxy - ok
22:05:48.0946 0776        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:05:48.0977 0776        NetBIOS - ok
22:05:49.0008 0776        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:05:49.0039 0776        NetBT - ok
22:05:49.0071 0776        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:49.0071 0776        Netlogon - ok
22:05:49.0117 0776        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:05:49.0149 0776        Netman - ok
22:05:49.0180 0776        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:05:49.0211 0776        netprofm - ok
22:05:49.0305 0776        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:05:49.0320 0776        NetTcpPortSharing - ok
22:05:49.0788 0776        netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:05:49.0882 0776        netw5v32 - ok
22:05:50.0022 0776        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:05:50.0053 0776        nfrd960 - ok
22:05:50.0085 0776        NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:05:50.0100 0776        NisDrv - ok
22:05:50.0194 0776        NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:05:50.0241 0776        NisSrv - ok
22:05:50.0303 0776        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:05:50.0350 0776        NlaSvc - ok
22:05:50.0381 0776        nmwcd          (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\Windows\system32\drivers\ccdcmb.sys
22:05:50.0412 0776        nmwcd - ok
22:05:50.0412 0776        nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\Windows\system32\drivers\ccdcmbo.sys
22:05:50.0443 0776        nmwcdc - ok
22:05:50.0459 0776        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:05:50.0490 0776        Npfs - ok
22:05:50.0521 0776        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:05:50.0537 0776        nsi - ok
22:05:50.0553 0776        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:05:50.0584 0776        nsiproxy - ok
22:05:50.0709 0776        Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:05:50.0802 0776        Ntfs - ok
22:05:50.0818 0776        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:05:50.0849 0776        Null - ok
22:05:51.0598 0776        nvlddmkm        (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:05:51.0863 0776        nvlddmkm - ok
22:05:52.0050 0776        nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:05:52.0097 0776        nvraid - ok
22:05:52.0128 0776        nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:05:52.0175 0776        nvstor - ok
22:05:52.0222 0776        nvsvc          (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
22:05:52.0269 0776        nvsvc - ok
22:05:52.0284 0776        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:05:52.0315 0776        nv_agp - ok
22:05:52.0438 0776        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:05:52.0478 0776        odserv - ok
22:05:52.0518 0776        OEM02Dev        (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:05:52.0558 0776        OEM02Dev - ok
22:05:52.0568 0776        OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:05:52.0588 0776        OEM02Vfx - ok
22:05:52.0608 0776        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:05:52.0638 0776        ohci1394 - ok
22:05:52.0678 0776        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:52.0708 0776        ose - ok
22:05:52.0768 0776        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:05:52.0808 0776        p2pimsvc - ok
22:05:52.0838 0776        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:05:52.0878 0776        p2psvc - ok
22:05:52.0908 0776        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:05:52.0948 0776        Parport - ok
22:05:52.0978 0776        partmgr        (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:05:52.0988 0776        partmgr - ok
22:05:52.0998 0776        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:05:53.0018 0776        Parvdm - ok
22:05:53.0048 0776        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:05:53.0078 0776        PcaSvc - ok
22:05:53.0108 0776        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:05:53.0128 0776        pccsmcfd - ok
22:05:53.0158 0776        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:05:53.0178 0776        pci - ok
22:05:53.0188 0776        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:05:53.0208 0776        pciide - ok
22:05:53.0228 0776        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:05:53.0248 0776        pcmcia - ok
22:05:53.0268 0776        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:05:53.0278 0776        pcw - ok
22:05:53.0338 0776        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:05:53.0388 0776        PEAUTH - ok
22:05:53.0528 0776        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:05:53.0608 0776        PeerDistSvc - ok
22:05:53.0798 0776        pla            (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:05:53.0898 0776        pla - ok
22:05:54.0058 0776        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:05:54.0118 0776        PlugPlay - ok
22:05:54.0148 0776        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:05:54.0178 0776        PNRPAutoReg - ok
22:05:54.0218 0776        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:05:54.0258 0776        PNRPsvc - ok
22:05:54.0328 0776        PolicyAgent    (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:05:54.0388 0776        PolicyAgent - ok
22:05:54.0418 0776        Power          (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:05:54.0453 0776        Power - ok
22:05:54.0500 0776        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:05:54.0547 0776        PptpMiniport - ok
22:05:54.0563 0776        PRESONUS_AUDIOBOX_MIDI (ed7f742b0eacf745afb5b2fe5baec618) C:\Windows\system32\drivers\psabusbm.sys
22:05:54.0578 0776        PRESONUS_AUDIOBOX_MIDI - ok
22:05:54.0625 0776        PRESONUS_AUDIOBOX_USB (dd02c038c7a24dd23aaa75595bec80ba) C:\Windows\system32\Drivers\psabusbu.sys
22:05:54.0656 0776        PRESONUS_AUDIOBOX_USB - ok
22:05:54.0672 0776        PRESONUS_AUDIOBOX_WDM (08ac58a2bc1084e6eb4800b98368ccaa) C:\Windows\system32\drivers\psabusba.sys
22:05:54.0687 0776        PRESONUS_AUDIOBOX_WDM - ok
22:05:54.0687 0776        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:05:54.0703 0776        Processor - ok
22:05:54.0734 0776        ProfSvc        (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:05:54.0781 0776        ProfSvc - ok
22:05:54.0812 0776        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:54.0828 0776        ProtectedStorage - ok
22:05:54.0843 0776        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:05:54.0875 0776        Psched - ok
22:05:54.0999 0776        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:05:55.0077 0776        ql2300 - ok
22:05:55.0218 0776        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:05:55.0265 0776        ql40xx - ok
22:05:55.0311 0776        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:05:55.0358 0776        QWAVE - ok
22:05:55.0374 0776        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:05:55.0405 0776        QWAVEdrv - ok
22:05:55.0405 0776        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:05:55.0436 0776        RasAcd - ok
22:05:55.0467 0776        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:55.0499 0776        RasAgileVpn - ok
22:05:55.0514 0776        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:05:55.0545 0776        RasAuto - ok
22:05:55.0561 0776        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:55.0592 0776        Rasl2tp - ok
22:05:55.0623 0776        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:05:55.0670 0776        RasMan - ok
22:05:55.0686 0776        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:55.0717 0776        RasPppoe - ok
22:05:55.0733 0776        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:05:55.0764 0776        RasSstp - ok
22:05:55.0795 0776        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:05:55.0857 0776        rdbss - ok
22:05:55.0857 0776        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:05:55.0873 0776        rdpbus - ok
22:05:55.0967 0776        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:05:56.0013 0776        RDPCDD - ok
22:05:56.0060 0776        RDPDR          (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:05:56.0076 0776        RDPDR - ok
22:05:56.0076 0776        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:05:56.0107 0776        RDPENCDD - ok
22:05:56.0123 0776        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:05:56.0154 0776        RDPREFMP - ok
22:05:56.0201 0776        RDPWD          (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:05:56.0247 0776        RDPWD - ok
22:05:56.0294 0776        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:05:56.0325 0776        rdyboost - ok
22:05:56.0357 0776        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:05:56.0419 0776        RemoteAccess - ok
22:05:56.0450 0776        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:05:56.0497 0776        RemoteRegistry - ok
22:05:56.0528 0776        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:05:56.0544 0776        RFCOMM - ok
22:05:56.0559 0776        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:05:56.0591 0776        RpcEptMapper - ok
22:05:56.0622 0776        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:05:56.0622 0776        RpcLocator - ok
22:05:56.0669 0776        RpcSs          (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:05:56.0700 0776        RpcSs - ok
22:05:56.0731 0776        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:05:56.0762 0776        rspndr - ok
22:05:56.0793 0776        s3cap          (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:05:56.0793 0776        s3cap - ok
22:05:56.0825 0776        SamSs          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:05:56.0840 0776        SamSs - ok
22:05:56.0871 0776        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:05:56.0887 0776        sbp2port - ok
22:05:56.0903 0776        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:05:56.0934 0776        SCardSvr - ok
22:05:56.0949 0776        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:05:56.0981 0776        scfilter - ok
22:05:57.0074 0776        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:05:57.0121 0776        Schedule - ok
22:05:57.0152 0776        SCPolicySvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:05:57.0183 0776        SCPolicySvc - ok
22:05:57.0215 0776        sdbus          (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:05:57.0230 0776        sdbus - ok
22:05:57.0261 0776        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:05:57.0293 0776        SDRSVC - ok
22:05:57.0324 0776        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:05:57.0371 0776        secdrv - ok
22:05:57.0402 0776        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:05:57.0433 0776        seclogon - ok
22:05:57.0449 0776        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:05:57.0480 0776        SENS - ok
22:05:57.0511 0776        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:05:57.0527 0776        SensrSvc - ok
22:05:57.0542 0776        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:05:57.0558 0776        Serenum - ok
22:05:57.0573 0776        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:05:57.0573 0776        Serial - ok
22:05:57.0620 0776        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:05:57.0636 0776        sermouse - ok
22:05:57.0745 0776        ServiceLayer    (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:05:57.0792 0776        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:05:57.0792 0776        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:05:57.0854 0776        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:05:57.0901 0776        SessionEnv - ok
22:05:57.0948 0776        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:05:57.0995 0776        sffdisk - ok
22:05:57.0995 0776        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:05:58.0026 0776        sffp_mmc - ok
22:05:58.0041 0776        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:05:58.0057 0776        sffp_sd - ok
22:05:58.0073 0776        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:05:58.0104 0776        sfloppy - ok
22:05:58.0151 0776        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:05:58.0213 0776        SharedAccess - ok
22:05:58.0260 0776        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:05:58.0322 0776        ShellHWDetection - ok
22:05:58.0353 0776        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:05:58.0385 0776        sisagp - ok
22:05:58.0400 0776        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:05:58.0416 0776        SiSRaid2 - ok
22:05:58.0431 0776        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:05:58.0447 0776        SiSRaid4 - ok
22:05:58.0463 0776        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:05:58.0494 0776        Smb - ok
22:05:58.0525 0776        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:05:58.0541 0776        SNMPTRAP - ok
22:05:58.0619 0776        Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
22:05:58.0650 0776        Sony Ericsson PCCompanion - ok
22:05:58.0665 0776        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:05:58.0697 0776        spldr - ok
22:05:58.0762 0776        Spooler        (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:05:58.0852 0776        Spooler - ok
22:05:59.0192 0776        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:05:59.0342 0776        sppsvc - ok
22:05:59.0462 0776        sppuinotify    (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:05:59.0512 0776        sppuinotify - ok
22:05:59.0592 0776        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:05:59.0642 0776        srv - ok
22:05:59.0682 0776        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:05:59.0722 0776        srv2 - ok
22:05:59.0772 0776        SrvHsfHDA      (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:05:59.0822 0776        SrvHsfHDA - ok
22:05:59.0942 0776        SrvHsfV92      (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:06:00.0002 0776        SrvHsfV92 - ok
22:06:00.0052 0776        SrvHsfWinac    (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:06:00.0092 0776        SrvHsfWinac - ok
22:06:00.0122 0776        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:06:00.0142 0776        srvnet - ok
22:06:00.0172 0776        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:06:00.0222 0776        SSDPSRV - ok
22:06:00.0242 0776        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:06:00.0282 0776        SstpSvc - ok
22:06:00.0312 0776        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:06:00.0322 0776        stexstor - ok
22:06:00.0402 0776        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:06:00.0452 0776        StiSvc - ok
22:06:00.0472 0776        storflt        (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:06:00.0492 0776        storflt - ok
22:06:00.0522 0776        StorSvc        (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
22:06:00.0552 0776        StorSvc - ok
22:06:00.0572 0776        storvsc        (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:06:00.0582 0776        storvsc - ok
22:06:00.0602 0776        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:06:00.0612 0776        swenum - ok
22:06:00.0662 0776        swprv          (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:06:00.0692 0776        swprv - ok
22:06:00.0722 0776        SynasUSB        (e46088b882e6315518630e249ddf958c) C:\Windows\system32\drivers\SynasUSB.sys
22:06:00.0732 0776        SynasUSB - ok
22:06:00.0850 0776        SysMain        (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:06:00.0881 0776        SysMain - ok
22:06:00.0913 0776        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:06:00.0928 0776        TabletInputService - ok
22:06:00.0959 0776        TapiSrv        (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:06:01.0006 0776        TapiSrv - ok
22:06:01.0022 0776        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:06:01.0053 0776        TBS - ok
22:06:01.0252 0776        Tcpip          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:06:01.0332 0776        Tcpip - ok
22:06:01.0352 0776        TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:06:01.0382 0776        TCPIP6 - ok
22:06:01.0412 0776        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:06:01.0442 0776        tcpipreg - ok
22:06:01.0472 0776        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:06:01.0492 0776        TDPIPE - ok
22:06:01.0522 0776        TDTCP          (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:06:01.0552 0776        TDTCP - ok
22:06:01.0582 0776        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:06:01.0632 0776        tdx - ok
22:06:01.0662 0776        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:06:01.0682 0776        TermDD - ok
22:06:01.0742 0776        TermService    (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:06:01.0793 0776        TermService - ok
22:06:01.0823 0776        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:06:01.0843 0776        Themes - ok
22:06:01.0873 0776        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:06:01.0903 0776        THREADORDER - ok
22:06:01.0923 0776        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:06:01.0953 0776        TrkWks - ok
22:06:02.0003 0776        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:06:02.0063 0776        TrustedInstaller - ok
22:06:02.0083 0776        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:06:02.0103 0776        tssecsrv - ok
22:06:02.0143 0776        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:06:02.0163 0776        TsUsbFlt - ok
22:06:02.0203 0776        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:06:02.0233 0776        tunnel - ok
22:06:02.0253 0776        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:06:02.0273 0776        uagp35 - ok
22:06:02.0313 0776        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:06:02.0383 0776        udfs - ok
22:06:02.0413 0776        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:06:02.0443 0776        UI0Detect - ok
22:06:02.0473 0776        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:06:02.0493 0776        uliagpkx - ok
22:06:02.0533 0776        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:06:02.0553 0776        umbus - ok
22:06:02.0573 0776        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:06:02.0593 0776        UmPass - ok
22:06:02.0643 0776        UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:06:02.0673 0776        UmRdpService - ok
22:06:02.0713 0776        upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:06:02.0763 0776        upnphost - ok
22:06:02.0803 0776        upperdev        (ec01da44b090d2651fc032c8b9257232) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:06:02.0823 0776        upperdev - ok
22:06:02.0853 0776        USBAAPL        (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:06:02.0863 0776        USBAAPL - ok
22:06:02.0903 0776        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:06:02.0913 0776        usbaudio - ok
22:06:02.0943 0776        usbccgp        (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
22:06:02.0953 0776        usbccgp - ok
22:06:02.0983 0776        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:06:02.0993 0776        usbcir - ok
22:06:03.0013 0776        usbehci        (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
22:06:03.0023 0776        usbehci - ok
22:06:03.0053 0776        usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
22:06:03.0083 0776        usbhub - ok
22:06:03.0103 0776        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
22:06:03.0113 0776        usbohci - ok
22:06:03.0143 0776        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:06:03.0183 0776        usbprint - ok
22:06:03.0203 0776        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:06:03.0223 0776        usbscan - ok
22:06:03.0253 0776        usbser          (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
22:06:03.0273 0776        usbser - ok
22:06:03.0293 0776        UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
22:06:03.0323 0776        UsbserFilt - ok
22:06:03.0343 0776        USBSTOR        (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:06:03.0363 0776        USBSTOR - ok
22:06:03.0373 0776        usbuhci        (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
22:06:03.0383 0776        usbuhci - ok
22:06:03.0413 0776        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:06:03.0433 0776        usbvideo - ok
22:06:03.0463 0776        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:06:03.0493 0776        UxSms - ok
22:06:03.0523 0776        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:03.0533 0776        VaultSvc - ok
22:06:03.0543 0776        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:06:03.0563 0776        vdrvroot - ok
22:06:03.0613 0776        vds            (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:06:03.0663 0776        vds - ok
22:06:03.0703 0776        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:06:03.0723 0776        vga - ok
22:06:03.0733 0776        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:06:03.0763 0776        VgaSave - ok
22:06:03.0783 0776        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:06:03.0813 0776        vhdmp - ok
22:06:03.0853 0776        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:06:03.0863 0776        viaagp - ok
22:06:03.0883 0776        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:06:03.0893 0776        ViaC7 - ok
22:06:03.0903 0776        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:06:03.0923 0776        viaide - ok
22:06:03.0943 0776        vmbus          (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:06:03.0963 0776        vmbus - ok
22:06:03.0973 0776        VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:06:03.0993 0776        VMBusHID - ok
22:06:04.0003 0776        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:06:04.0023 0776        volmgr - ok
22:06:04.0053 0776        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:06:04.0083 0776        volmgrx - ok
22:06:04.0123 0776        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:06:04.0143 0776        volsnap - ok
22:06:04.0163 0776        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:06:04.0183 0776        vsmraid - ok
22:06:04.0293 0776        VSS            (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:06:04.0343 0776        VSS - ok
22:06:04.0363 0776        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:06:04.0373 0776        vwifibus - ok
22:06:04.0443 0776        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:06:04.0503 0776        W32Time - ok
22:06:04.0523 0776        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:06:04.0533 0776        WacomPen - ok
22:06:04.0563 0776        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:04.0593 0776        WANARP - ok
22:06:04.0593 0776        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:04.0623 0776        Wanarpv6 - ok
22:06:04.0743 0776        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:06:04.0823 0776        wbengine - ok
22:06:04.0853 0776        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:06:04.0883 0776        WbioSrvc - ok
22:06:04.0923 0776        wcncsvc        (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:06:04.0973 0776        wcncsvc - ok
22:06:04.0993 0776        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:06:05.0013 0776        WcsPlugInService - ok
22:06:05.0074 0776        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:06:05.0106 0776        Wd - ok
22:06:05.0137 0776        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:06:05.0168 0776        Wdf01000 - ok
22:06:05.0184 0776        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:06:05.0199 0776        WdiServiceHost - ok
22:06:05.0215 0776        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:06:05.0230 0776        WdiSystemHost - ok
22:06:05.0262 0776        WebClient      (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:06:05.0277 0776        WebClient - ok
22:06:05.0293 0776        Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:06:05.0324 0776        Wecsvc - ok
22:06:05.0355 0776        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:06:05.0386 0776        wercplsupport - ok
22:06:05.0386 0776        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:06:05.0418 0776        WerSvc - ok
22:06:05.0433 0776        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:06:05.0464 0776        WfpLwf - ok
22:06:05.0480 0776        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:06:05.0496 0776        WIMMount - ok
22:06:05.0636 0776        WinDefend      (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:06:05.0698 0776        WinDefend - ok
22:06:05.0698 0776        WinHttpAutoProxySvc - ok
22:06:05.0792 0776        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:06:05.0839 0776        Winmgmt - ok
22:06:05.0979 0776        WinRM          (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:06:06.0057 0776        WinRM - ok
22:06:06.0135 0776        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:06:06.0151 0776        WinUsb - ok
22:06:06.0260 0776        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:06:06.0322 0776        Wlansvc - ok
22:06:06.0588 0776        wlidsvc        (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:06:06.0681 0776        wlidsvc - ok
22:06:06.0837 0776        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:06:06.0868 0776        WmiAcpi - ok
22:06:06.0946 0776        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:06:06.0993 0776        wmiApSrv - ok
22:06:07.0196 0776        WMPNetworkSvc  (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:06:07.0274 0776        WMPNetworkSvc - ok
22:06:07.0321 0776        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:06:07.0336 0776        WPCSvc - ok
22:06:07.0399 0776        WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:06:07.0446 0776        WPDBusEnum - ok
22:06:07.0492 0776        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:06:07.0539 0776        ws2ifsl - ok
22:06:07.0555 0776        wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
22:06:07.0570 0776        wscsvc - ok
22:06:07.0570 0776        WSearch - ok
22:06:07.0773 0776        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:06:07.0820 0776        wuauserv - ok
22:06:07.0992 0776        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:06:08.0054 0776        WudfPf - ok
22:06:08.0085 0776        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:08.0116 0776        WUDFRd - ok
22:06:08.0132 0776        wudfsvc        (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:06:08.0179 0776        wudfsvc - ok
22:06:08.0226 0776        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:06:08.0272 0776        WwanSvc - ok
22:06:08.0304 0776        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:06:08.0740 0776        \Device\Harddisk0\DR0 - ok
22:06:08.0787 0776        Boot (0x1200)  (8f63152a4e600ecbbede0492bf0fd973) \Device\Harddisk0\DR0\Partition0
22:06:08.0787 0776        \Device\Harddisk0\DR0\Partition0 - ok
22:06:08.0787 0776        Boot (0x1200)  (3829071368c6e1d6a483a6df00d43cac) \Device\Harddisk0\DR0\Partition1
22:06:08.0803 0776        \Device\Harddisk0\DR0\Partition1 - ok
22:06:08.0803 0776        ============================================================
22:06:08.0803 0776        Scan finished
22:06:08.0803 0776        ============================================================
22:06:08.0818 1076        Detected object count: 1
22:06:08.0818 1076        Actual detected object count: 1
22:06:21.0720 1076        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:21.0720 1076        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:24.0866 3812        ============================================================
22:06:24.0866 3812        Scan started
22:06:24.0866 3812        Mode: Manual; SigCheck; TDLFS;
22:06:24.0866 3812        ============================================================
22:06:25.0381 3812        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:06:25.0428 3812        1394ohci - ok
22:06:25.0474 3812        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:06:25.0521 3812        ACPI - ok
22:06:25.0537 3812        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:06:25.0584 3812        AcpiPmi - ok
22:06:25.0677 3812        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:06:25.0693 3812        AdobeARMservice - ok
22:06:25.0771 3812        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:06:25.0802 3812        AdobeFlashPlayerUpdateSvc - ok
22:06:25.0864 3812        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:06:25.0911 3812        adp94xx - ok
22:06:25.0942 3812        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:06:25.0974 3812        adpahci - ok
22:06:25.0989 3812        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:06:26.0005 3812        adpu320 - ok
22:06:26.0052 3812        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:06:26.0067 3812        AeLookupSvc - ok
22:06:26.0114 3812        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:06:26.0161 3812        AFD - ok
22:06:26.0192 3812        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:06:26.0208 3812        agp440 - ok
22:06:26.0223 3812        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:06:26.0239 3812        aic78xx - ok
22:06:26.0254 3812        ALG            (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:06:26.0286 3812        ALG - ok
22:06:26.0301 3812        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:06:26.0317 3812        aliide - ok
22:06:26.0348 3812        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:06:26.0364 3812        amdagp - ok
22:06:26.0379 3812        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:06:26.0395 3812        amdide - ok
22:06:26.0410 3812        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:06:26.0442 3812        AmdK8 - ok
22:06:26.0457 3812        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:06:26.0473 3812        AmdPPM - ok
22:06:26.0488 3812        amdsata        (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:06:26.0520 3812        amdsata - ok
22:06:26.0551 3812        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:06:26.0582 3812        amdsbs - ok
22:06:26.0598 3812        amdxata        (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:06:26.0613 3812        amdxata - ok
22:06:26.0644 3812        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:06:26.0691 3812        AppID - ok
22:06:26.0722 3812        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:06:26.0769 3812        AppIDSvc - ok
22:06:26.0816 3812        Appinfo        (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:06:26.0863 3812        Appinfo - ok
22:06:26.0956 3812        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:06:26.0972 3812        Apple Mobile Device - ok
22:06:27.0019 3812        AppMgmt        (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
22:06:27.0050 3812        AppMgmt - ok
22:06:27.0081 3812        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:06:27.0097 3812        arc - ok
22:06:27.0112 3812        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:06:27.0132 3812        arcsas - ok
22:06:27.0152 3812        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:06:27.0182 3812        AsyncMac - ok
22:06:27.0212 3812        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:06:27.0242 3812        atapi - ok
22:06:27.0312 3812        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:06:27.0382 3812        AudioEndpointBuilder - ok
22:06:27.0392 3812        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:06:27.0422 3812        Audiosrv - ok
22:06:27.0452 3812        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:06:27.0492 3812        AxInstSV - ok
22:06:27.0522 3812        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:06:27.0562 3812        b06bdrv - ok
22:06:27.0602 3812        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:06:27.0642 3812        b57nd60x - ok
22:06:27.0682 3812        bcm4sbxp        (82dd21bfa8bbe0a3a3833a1bd8e86158) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
22:06:27.0712 3812        bcm4sbxp - ok
22:06:27.0742 3812        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:06:27.0762 3812        BDESVC - ok
22:06:27.0772 3812        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:06:27.0812 3812        Beep - ok
22:06:27.0872 3812        BFE            (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:06:27.0932 3812        BFE - ok
22:06:27.0992 3812        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:06:28.0042 3812        BITS - ok
22:06:28.0052 3812        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:06:28.0072 3812        blbdrive - ok
22:06:28.0172 3812        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:06:28.0212 3812        Bonjour Service - ok
22:06:28.0282 3812        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:06:28.0312 3812        bowser - ok
22:06:28.0342 3812        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:06:28.0372 3812        BrFiltLo - ok
22:06:28.0392 3812        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:06:28.0412 3812        BrFiltUp - ok
22:06:28.0452 3812        Browser        (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:06:28.0482 3812        Browser - ok
22:06:28.0512 3812        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:06:28.0532 3812        Brserid - ok
22:06:28.0552 3812        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:06:28.0572 3812        BrSerWdm - ok
22:06:28.0582 3812        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:06:28.0602 3812        BrUsbMdm - ok
22:06:28.0602 3812        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:06:28.0622 3812        BrUsbSer - ok
22:06:28.0652 3812        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
22:06:28.0672 3812        BthEnum - ok
22:06:28.0692 3812        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:06:28.0702 3812        BTHMODEM - ok
22:06:28.0722 3812        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
22:06:28.0742 3812        BthPan - ok
22:06:28.0782 3812        BTHPORT        (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
22:06:28.0832 3812        BTHPORT - ok
22:06:28.0862 3812        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:06:28.0892 3812        bthserv - ok
22:06:28.0912 3812        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
22:06:28.0922 3812        BTHUSB - ok
22:06:28.0942 3812        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:06:28.0982 3812        cdfs - ok
22:06:29.0002 3812        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:06:29.0012 3812        cdrom - ok
22:06:29.0032 3812        CertPropSvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:06:29.0062 3812        CertPropSvc - ok
22:06:29.0072 3812        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:06:29.0082 3812        circlass - ok
22:06:29.0112 3812        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:06:29.0132 3812        CLFS - ok
22:06:29.0202 3812        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:06:29.0222 3812        clr_optimization_v2.0.50727_32 - ok
22:06:29.0242 3812        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:06:29.0262 3812        CmBatt - ok
22:06:29.0292 3812        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:06:29.0312 3812        cmdide - ok
22:06:29.0382 3812        CNG            (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
22:06:29.0422 3812        CNG - ok
22:06:29.0442 3812        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:06:29.0462 3812        Compbatt - ok
22:06:29.0502 3812        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:06:29.0532 3812        CompositeBus - ok
22:06:29.0532 3812        COMSysApp - ok
22:06:29.0552 3812        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:06:29.0562 3812        crcdisk - ok
22:06:29.0582 3812        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
22:06:29.0632 3812        CryptSvc - ok
22:06:29.0692 3812        CSC            (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:06:29.0742 3812        CSC - ok
22:06:29.0822 3812        CscService      (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
22:06:29.0872 3812        CscService - ok
22:06:29.0922 3812        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:06:29.0972 3812        DcomLaunch - ok
22:06:30.0012 3812        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:06:30.0042 3812        defragsvc - ok
22:06:30.0112 3812        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:06:30.0152 3812        DfsC - ok
22:06:30.0192 3812        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:06:30.0252 3812        Dhcp - ok
22:06:30.0272 3812        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:06:30.0312 3812        discache - ok
22:06:30.0332 3812        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:06:30.0352 3812        Disk - ok
22:06:30.0382 3812        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:06:30.0422 3812        Dnscache - ok
22:06:30.0482 3812        dot3svc        (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:06:30.0522 3812        dot3svc - ok
22:06:30.0572 3812        DPS            (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:06:30.0622 3812        DPS - ok
22:06:30.0652 3812        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:06:30.0662 3812        drmkaud - ok
22:06:30.0732 3812        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:06:30.0762 3812        DXGKrnl - ok
22:06:30.0792 3812        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:06:30.0822 3812        EapHost - ok
22:06:31.0149 3812        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:06:31.0196 3812        ebdrv - ok
22:06:31.0321 3812        EFS            (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:06:31.0352 3812        EFS - ok
22:06:31.0446 3812        ehRecvr        (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:06:31.0477 3812        ehRecvr - ok
22:06:31.0508 3812        ehSched        (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:06:31.0539 3812        ehSched - ok
22:06:31.0633 3812        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:06:31.0664 3812        elxstor - ok
22:06:31.0695 3812        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:06:31.0711 3812        ErrDev - ok
22:06:31.0758 3812        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:06:31.0804 3812        EventSystem - ok
22:06:31.0836 3812        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:06:31.0867 3812        exfat - ok
22:06:31.0882 3812        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:06:31.0914 3812        fastfat - ok
22:06:31.0976 3812        Fax            (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:06:32.0023 3812        Fax - ok
22:06:32.0038 3812        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:06:32.0054 3812        fdc - ok
22:06:32.0070 3812        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:06:32.0116 3812        fdPHost - ok
22:06:32.0132 3812        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:06:32.0163 3812        FDResPub - ok
22:06:32.0179 3812        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:06:32.0194 3812        FileInfo - ok
22:06:32.0210 3812        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:06:32.0241 3812        Filetrace - ok
22:06:32.0257 3812        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:06:32.0257 3812        flpydisk - ok
22:06:32.0288 3812        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:06:32.0304 3812        FltMgr - ok
22:06:32.0382 3812        FontCache      (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
22:06:32.0428 3812        FontCache - ok
22:06:32.0491 3812        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:06:32.0522 3812        FontCache3.0.0.0 - ok
22:06:32.0538 3812        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:06:32.0569 3812        FsDepends - ok
22:06:32.0584 3812        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:06:32.0616 3812        Fs_Rec - ok
22:06:32.0647 3812        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:06:32.0678 3812        fvevol - ok
22:06:32.0709 3812        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:06:32.0740 3812        gagp30kx - ok
22:06:32.0756 3812        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:06:32.0772 3812        GEARAspiWDM - ok
22:06:32.0850 3812        gpsvc          (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:06:32.0881 3812        gpsvc - ok
22:06:32.0896 3812        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:06:32.0912 3812        hcw85cir - ok
22:06:32.0959 3812        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:06:32.0974 3812        HdAudAddService - ok
22:06:32.0990 3812        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:06:33.0006 3812        HDAudBus - ok
22:06:33.0021 3812        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:06:33.0037 3812        HidBatt - ok
22:06:33.0052 3812        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:06:33.0068 3812        HidBth - ok
22:06:33.0084 3812        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:06:33.0099 3812        HidIr - ok
22:06:33.0130 3812        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:06:33.0162 3812        hidserv - ok
22:06:33.0177 3812        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:06:33.0177 3812        HidUsb - ok
22:06:33.0208 3812        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:06:33.0240 3812        hkmsvc - ok
22:06:33.0271 3812        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:06:33.0286 3812        HomeGroupListener - ok
22:06:33.0333 3812        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:06:33.0364 3812        HomeGroupProvider - ok
22:06:33.0380 3812        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:06:33.0411 3812        HpSAMD - ok
22:06:33.0489 3812        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:06:33.0520 3812        HTTP - ok
22:06:33.0552 3812        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:06:33.0552 3812        hwpolicy - ok
22:06:33.0567 3812        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:06:33.0583 3812        i8042prt - ok
22:06:33.0614 3812        iaStorV        (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:06:33.0630 3812        iaStorV - ok
22:06:33.0817 3812        idsvc          (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:06:33.0848 3812        idsvc - ok
22:06:33.0879 3812        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:06:33.0895 3812        iirsp - ok
22:06:33.0973 3812        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:06:34.0051 3812        IKEEXT - ok
22:06:34.0082 3812        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:06:34.0082 3812        intelide - ok
22:06:34.0098 3812        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:06:34.0113 3812        intelppm - ok
22:06:34.0144 3812        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:06:34.0160 3812        IPBusEnum - ok
22:06:34.0191 3812        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:06:34.0207 3812        IpFilterDriver - ok
22:06:34.0269 3812        iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:06:34.0332 3812        iphlpsvc - ok
22:06:34.0363 3812        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:06:34.0378 3812        IPMIDRV - ok
22:06:34.0394 3812        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:06:34.0425 3812        IPNAT - ok
22:06:34.0550 3812        iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
22:06:34.0581 3812        iPod Service - ok
22:06:34.0597 3812        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:06:34.0612 3812        IRENUM - ok
22:06:34.0644 3812        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:06:34.0675 3812        isapnp - ok
22:06:34.0706 3812        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:06:34.0722 3812        iScsiPrt - ok
22:06:34.0737 3812        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
22:06:34.0753 3812        kbdclass - ok
22:06:34.0784 3812        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
22:06:34.0800 3812        kbdhid - ok
22:06:34.0831 3812        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:34.0846 3812        KeyIso - ok
22:06:34.0878 3812        KSecDD          (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
22:06:34.0893 3812        KSecDD - ok
22:06:34.0909 3812        KSecPkg        (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
22:06:34.0924 3812        KSecPkg - ok
22:06:34.0987 3812        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:06:35.0018 3812        KtmRm - ok
22:06:35.0065 3812        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:06:35.0112 3812        LanmanServer - ok
22:06:35.0143 3812        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:06:35.0174 3812        LanmanWorkstation - ok
22:06:35.0205 3812        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:06:35.0221 3812        lltdio - ok
22:06:35.0268 3812        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:06:35.0299 3812        lltdsvc - ok
22:06:35.0299 3812        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:06:35.0330 3812        lmhosts - ok
22:06:35.0346 3812        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:06:35.0361 3812        LSI_FC - ok
22:06:35.0377 3812        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:06:35.0392 3812        LSI_SAS - ok
22:06:35.0408 3812        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:06:35.0424 3812        LSI_SAS2 - ok
22:06:35.0439 3812        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:06:35.0455 3812        LSI_SCSI - ok
22:06:35.0470 3812        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:06:35.0502 3812        luafv - ok
22:06:35.0533 3812        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:06:35.0533 3812        MBAMProtector - ok
22:06:35.0642 3812        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:06:35.0673 3812        MBAMService - ok
22:06:35.0689 3812        Mcx2Svc        (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:06:35.0704 3812        Mcx2Svc - ok
22:06:35.0720 3812        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:06:35.0736 3812        megasas - ok
22:06:35.0767 3812        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:06:35.0798 3812        MegaSR - ok
22:06:35.0860 3812        Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:06:35.0876 3812        Microsoft Office Groove Audit Service - ok
22:06:35.0907 3812        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:06:35.0954 3812        MMCSS - ok
22:06:35.0970 3812        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:06:36.0001 3812        Modem - ok
22:06:36.0001 3812        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:06:36.0016 3812        monitor - ok
22:06:36.0032 3812        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:06:36.0048 3812        mouclass - ok
22:06:36.0063 3812        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:06:36.0079 3812        mouhid - ok
22:06:36.0110 3812        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:06:36.0126 3812        mountmgr - ok
22:06:36.0172 3812        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:06:36.0188 3812        MozillaMaintenance - ok
22:06:36.0235 3812        MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
22:06:36.0266 3812        MpFilter - ok
22:06:36.0313 3812        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:06:36.0360 3812        mpio - ok
22:06:36.0375 3812        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:06:36.0422 3812        mpsdrv - ok
22:06:36.0516 3812        MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:06:36.0578 3812        MpsSvc - ok
22:06:36.0609 3812        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:06:36.0629 3812        MRxDAV - ok
22:06:36.0659 3812        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:06:36.0699 3812        mrxsmb - ok
22:06:36.0719 3812        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:06:36.0749 3812        mrxsmb10 - ok
22:06:36.0769 3812        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:06:36.0789 3812        mrxsmb20 - ok
22:06:36.0819 3812        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:06:36.0839 3812        msahci - ok
22:06:36.0879 3812        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:06:36.0909 3812        msdsm - ok
22:06:36.0949 3812        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:06:36.0989 3812        MSDTC - ok
22:06:37.0019 3812        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:06:37.0059 3812        Msfs - ok
22:06:37.0069 3812        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:06:37.0099 3812        mshidkmdf - ok
22:06:37.0109 3812        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:06:37.0119 3812        msisadrv - ok
22:06:37.0159 3812        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:06:37.0179 3812        MSiSCSI - ok
22:06:37.0189 3812        msiserver - ok
22:06:37.0199 3812        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:06:37.0229 3812        MSKSSRV - ok
22:06:37.0319 3812        MsMpSvc        (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:06:37.0339 3812        MsMpSvc - ok
22:06:37.0349 3812        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:06:37.0399 3812        MSPCLOCK - ok
22:06:37.0409 3812        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:06:37.0439 3812        MSPQM - ok
22:06:37.0449 3812        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:06:37.0499 3812        MsRPC - ok
22:06:37.0529 3812        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:06:37.0539 3812        mssmbios - ok
22:06:37.0549 3812        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:06:37.0579 3812        MSTEE - ok
22:06:37.0589 3812        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:06:37.0599 3812        MTConfig - ok
22:06:37.0619 3812        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:06:37.0629 3812        Mup - ok
22:06:37.0679 3812        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:06:37.0749 3812        napagent - ok
22:06:37.0779 3812        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:06:37.0829 3812        NativeWifiP - ok
22:06:37.0889 3812        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:06:37.0929 3812        NDIS - ok
22:06:37.0949 3812        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:06:37.0989 3812        NdisCap - ok
22:06:37.0999 3812        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:06:38.0039 3812        NdisTapi - ok
22:06:38.0059 3812        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:06:38.0089 3812        Ndisuio - ok
22:06:38.0119 3812        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:06:38.0170 3812        NdisWan - ok
22:06:38.0210 3812        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:06:38.0260 3812        NDProxy - ok
22:06:38.0280 3812        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:06:38.0310 3812        NetBIOS - ok
22:06:38.0350 3812        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:06:38.0400 3812        NetBT - ok
22:06:38.0420 3812        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:38.0440 3812        Netlogon - ok
22:06:38.0480 3812        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:06:38.0520 3812        Netman - ok
22:06:38.0560 3812        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:06:38.0600 3812        netprofm - ok
22:06:38.0676 3812        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:06:38.0723 3812        NetTcpPortSharing - ok
22:06:39.0175 3812        netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
22:06:39.0237 3812        netw5v32 - ok
22:06:39.0393 3812        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:06:39.0425 3812        nfrd960 - ok
22:06:39.0456 3812        NisDrv          (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:06:39.0471 3812        NisDrv - ok
22:06:39.0565 3812        NisSrv          (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
22:06:39.0612 3812        NisSrv - ok
22:06:39.0669 3812        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:06:39.0719 3812        NlaSvc - ok
22:06:39.0749 3812        nmwcd          (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\Windows\system32\drivers\ccdcmb.sys
22:06:39.0799 3812        nmwcd - ok
22:06:39.0819 3812        nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\Windows\system32\drivers\ccdcmbo.sys
22:06:39.0839 3812        nmwcdc - ok
22:06:39.0859 3812        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:06:39.0889 3812        Npfs - ok
22:06:39.0909 3812        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:06:39.0939 3812        nsi - ok
22:06:39.0959 3812        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:06:39.0979 3812        nsiproxy - ok
22:06:40.0109 3812        Ntfs            (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:06:40.0159 3812        Ntfs - ok
22:06:40.0179 3812        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:06:40.0209 3812        Null - ok
22:06:40.0959 3812        nvlddmkm        (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:06:41.0059 3812        nvlddmkm - ok
22:06:41.0209 3812        nvraid          (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:06:41.0239 3812        nvraid - ok
22:06:41.0259 3812        nvstor          (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:06:41.0279 3812        nvstor - ok
22:06:41.0319 3812        nvsvc          (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
22:06:41.0349 3812        nvsvc - ok
22:06:41.0359 3812        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:06:41.0379 3812        nv_agp - ok
22:06:41.0499 3812        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:06:41.0539 3812        odserv - ok
22:06:41.0589 3812        OEM02Dev        (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
22:06:41.0599 3812        OEM02Dev - ok
22:06:41.0619 3812        OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
22:06:41.0629 3812        OEM02Vfx - ok
22:06:41.0649 3812        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:06:41.0659 3812        ohci1394 - ok
22:06:41.0699 3812        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:06:41.0724 3812        ose - ok
22:06:41.0787 3812        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:06:41.0818 3812        p2pimsvc - ok
22:06:41.0865 3812        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:06:41.0896 3812        p2psvc - ok
22:06:41.0927 3812        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:06:41.0958 3812        Parport - ok
22:06:42.0005 3812        partmgr        (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:06:42.0021 3812        partmgr - ok
22:06:42.0052 3812        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:06:42.0067 3812        Parvdm - ok
22:06:42.0083 3812        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:06:42.0114 3812        PcaSvc - ok
22:06:42.0145 3812        pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:06:42.0161 3812        pccsmcfd - ok
22:06:42.0208 3812        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:06:42.0239 3812        pci - ok
22:06:42.0255 3812        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:06:42.0286 3812        pciide - ok
22:06:42.0317 3812        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:06:42.0333 3812        pcmcia - ok
22:06:42.0348 3812        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:06:42.0379 3812        pcw - ok
22:06:42.0426 3812        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:06:42.0457 3812        PEAUTH - ok
22:06:42.0567 3812        PeerDistSvc    (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
22:06:42.0629 3812        PeerDistSvc - ok
22:06:42.0832 3812        pla            (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:06:42.0925 3812        pla - ok
22:06:43.0066 3812        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:06:43.0113 3812        PlugPlay - ok
22:06:43.0128 3812        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:06:43.0144 3812        PNRPAutoReg - ok
22:06:43.0191 3812        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:06:43.0206 3812        PNRPsvc - ok
22:06:43.0237 3812        PolicyAgent    (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:06:43.0269 3812        PolicyAgent - ok
22:06:43.0315 3812        Power          (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:06:43.0362 3812        Power - ok
22:06:43.0425 3812        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:06:43.0471 3812        PptpMiniport - ok
22:06:43.0487 3812        PRESONUS_AUDIOBOX_MIDI (ed7f742b0eacf745afb5b2fe5baec618) C:\Windows\system32\drivers\psabusbm.sys
22:06:43.0503 3812        PRESONUS_AUDIOBOX_MIDI - ok
22:06:43.0549 3812        PRESONUS_AUDIOBOX_USB (dd02c038c7a24dd23aaa75595bec80ba) C:\Windows\system32\Drivers\psabusbu.sys
22:06:43.0565 3812        PRESONUS_AUDIOBOX_USB - ok
22:06:43.0565 3812        PRESONUS_AUDIOBOX_WDM (08ac58a2bc1084e6eb4800b98368ccaa) C:\Windows\system32\drivers\psabusba.sys
22:06:43.0581 3812        PRESONUS_AUDIOBOX_WDM - ok
22:06:43.0596 3812        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:06:43.0612 3812        Processor - ok
22:06:43.0643 3812        ProfSvc        (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:06:43.0659 3812        ProfSvc - ok
22:06:43.0690 3812        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:43.0705 3812        ProtectedStorage - ok
22:06:43.0721 3812        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:06:43.0752 3812        Psched - ok
22:06:43.0893 3812        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:06:43.0939 3812        ql2300 - ok
22:06:44.0095 3812        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:06:44.0142 3812        ql40xx - ok
22:06:44.0189 3812        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:06:44.0220 3812        QWAVE - ok
22:06:44.0236 3812        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:06:44.0251 3812        QWAVEdrv - ok
22:06:44.0267 3812        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:06:44.0298 3812        RasAcd - ok
22:06:44.0329 3812        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:06:44.0361 3812        RasAgileVpn - ok
22:06:44.0376 3812        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:06:44.0423 3812        RasAuto - ok
22:06:44.0439 3812        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:06:44.0470 3812        Rasl2tp - ok
22:06:44.0563 3812        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:06:44.0626 3812        RasMan - ok
22:06:44.0641 3812        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:06:44.0673 3812        RasPppoe - ok
22:06:44.0688 3812        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:06:44.0719 3812        RasSstp - ok
22:06:44.0766 3812        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:06:44.0813 3812        rdbss - ok
22:06:44.0813 3812        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:06:44.0844 3812        rdpbus - ok
22:06:44.0938 3812        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:06:45.0000 3812        RDPCDD - ok
22:06:45.0031 3812        RDPDR          (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:06:45.0047 3812        RDPDR - ok
22:06:45.0047 3812        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:06:45.0094 3812        RDPENCDD - ok
22:06:45.0094 3812        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:06:45.0125 3812        RDPREFMP - ok
22:06:45.0172 3812        RDPWD          (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
22:06:45.0172 3812        RDPWD - ok
22:06:45.0219 3812        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:06:45.0250 3812        rdyboost - ok
22:06:45.0281 3812        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:06:45.0328 3812        RemoteAccess - ok
22:06:45.0359 3812        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:06:45.0421 3812        RemoteRegistry - ok
22:06:45.0453 3812        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
22:06:45.0484 3812        RFCOMM - ok
22:06:45.0515 3812        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:06:45.0562 3812        RpcEptMapper - ok
22:06:45.0577 3812        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:06:45.0609 3812        RpcLocator - ok
22:06:45.0655 3812        RpcSs          (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:06:45.0718 3812        RpcSs - ok
22:06:45.0749 3812        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:06:45.0780 3812        rspndr - ok
22:06:45.0827 3812        s3cap          (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:06:45.0858 3812        s3cap - ok
22:06:45.0889 3812        SamSs          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:45.0905 3812        SamSs - ok
22:06:45.0983 3812        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:06:45.0999 3812        sbp2port - ok
22:06:46.0030 3812        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:06:46.0077 3812        SCardSvr - ok
22:06:46.0092 3812        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:06:46.0123 3812        scfilter - ok
22:06:46.0217 3812        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:06:46.0248 3812        Schedule - ok
22:06:46.0279 3812        SCPolicySvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:06:46.0295 3812        SCPolicySvc - ok
22:06:46.0342 3812        sdbus          (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:06:46.0357 3812        sdbus - ok
22:06:46.0373 3812        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:06:46.0389 3812        SDRSVC - ok
22:06:46.0420 3812        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:06:46.0451 3812        secdrv - ok
22:06:46.0467 3812        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:06:46.0498 3812        seclogon - ok
22:06:46.0513 3812        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:06:46.0545 3812        SENS - ok
22:06:46.0576 3812        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:06:46.0607 3812        SensrSvc - ok
22:06:46.0623 3812        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:06:46.0638 3812        Serenum - ok
22:06:46.0654 3812        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:06:46.0685 3812        Serial - ok
22:06:46.0701 3812        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:06:46.0716 3812        sermouse - ok
22:06:46.0841 3812        ServiceLayer    (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
22:06:46.0857 3812        ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
22:06:46.0857 3812        ServiceLayer - detected UnsignedFile.Multi.Generic (1)
22:06:46.0903 3812        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:06:46.0950 3812        SessionEnv - ok
22:06:46.0950 3812        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:06:46.0966 3812        sffdisk - ok
22:06:46.0981 3812        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:06:46.0997 3812        sffp_mmc - ok
22:06:47.0013 3812        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:06:47.0028 3812        sffp_sd - ok
22:06:47.0028 3812        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:06:47.0044 3812        sfloppy - ok
22:06:47.0091 3812        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:06:47.0122 3812        SharedAccess - ok
22:06:47.0169 3812        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:06:47.0215 3812        ShellHWDetection - ok
22:06:47.0231 3812        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:06:47.0247 3812        sisagp - ok
22:06:47.0262 3812        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:06:47.0278 3812        SiSRaid2 - ok
22:06:47.0293 3812        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:06:47.0293 3812        SiSRaid4 - ok
22:06:47.0325 3812        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:06:47.0340 3812        Smb - ok
22:06:47.0371 3812        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:06:47.0387 3812        SNMPTRAP - ok
22:06:47.0465 3812        Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
22:06:47.0481 3812        Sony Ericsson PCCompanion - ok
22:06:47.0512 3812        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:06:47.0527 3812        spldr - ok
22:06:47.0590 3812        Spooler        (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:06:47.0621 3812        Spooler - ok
22:06:47.0949 3812        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:06:48.0042 3812        sppsvc - ok
22:06:48.0167 3812        sppuinotify    (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:06:48.0229 3812        sppuinotify - ok
22:06:48.0306 3812        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:06:48.0346 3812        srv - ok
22:06:48.0376 3812        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:06:48.0396 3812        srv2 - ok
22:06:48.0446 3812        SrvHsfHDA      (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:06:48.0476 3812        SrvHsfHDA - ok
22:06:48.0566 3812        SrvHsfV92      (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:06:48.0606 3812        SrvHsfV92 - ok
22:06:48.0676 3812        SrvHsfWinac    (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:06:48.0706 3812        SrvHsfWinac - ok
22:06:48.0746 3812        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:06:48.0766 3812        srvnet - ok
22:06:48.0816 3812        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:06:48.0866 3812        SSDPSRV - ok
22:06:48.0886 3812        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:06:48.0926 3812        SstpSvc - ok
22:06:48.0956 3812        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:06:48.0976 3812        stexstor - ok
22:06:49.0056 3812        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:06:49.0096 3812        StiSvc - ok
22:06:49.0136 3812        storflt        (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:06:49.0166 3812        storflt - ok
22:06:49.0196 3812        StorSvc        (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
22:06:49.0226 3812        StorSvc - ok
22:06:49.0247 3812        storvsc        (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:06:49.0267 3812        storvsc - ok
22:06:49.0277 3812        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:06:49.0297 3812        swenum - ok
22:06:49.0337 3812        swprv          (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:06:49.0387 3812        swprv - ok
22:06:49.0407 3812        SynasUSB        (e46088b882e6315518630e249ddf958c) C:\Windows\system32\drivers\SynasUSB.sys
22:06:49.0417 3812        SynasUSB - ok
22:06:49.0537 3812        SysMain        (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:06:49.0587 3812        SysMain - ok
22:06:49.0617 3812        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:06:49.0637 3812        TabletInputService - ok
22:06:49.0667 3812        TapiSrv        (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:06:49.0697 3812        TapiSrv - ok
22:06:49.0717 3812        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:06:49.0747 3812        TBS - ok
22:06:49.0917 3812        Tcpip          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:06:49.0957 3812        Tcpip - ok
22:06:49.0977 3812        TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:06:50.0007 3812        TCPIP6 - ok
22:06:50.0037 3812        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:06:50.0057 3812        tcpipreg - ok
22:06:50.0097 3812        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:06:50.0127 3812        TDPIPE - ok
22:06:50.0157 3812        TDTCP          (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:06:50.0177 3812        TDTCP - ok
22:06:50.0197 3812        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:06:50.0227 3812        tdx - ok
22:06:50.0257 3812        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:06:50.0267 3812        TermDD - ok
22:06:50.0347 3812        TermService    (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:06:50.0397 3812        TermService - ok
22:06:50.0427 3812        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:06:50.0447 3812        Themes - ok
22:06:50.0477 3812        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:06:50.0527 3812        THREADORDER - ok
22:06:50.0547 3812        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:06:50.0587 3812        TrkWks - ok
22:06:50.0637 3812        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:06:50.0677 3812        TrustedInstaller - ok
22:06:50.0697 3812        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:06:50.0717 3812        tssecsrv - ok
22:06:50.0747 3812        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:06:50.0767 3812        TsUsbFlt - ok
22:06:50.0807 3812        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:06:50.0847 3812        tunnel - ok
22:06:50.0877 3812        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:06:50.0897 3812        uagp35 - ok
22:06:50.0937 3812        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:06:50.0997 3812        udfs - ok
22:06:51.0017 3812        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:06:51.0047 3812        UI0Detect - ok
22:06:51.0077 3812        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:06:51.0097 3812        uliagpkx - ok
22:06:51.0127 3812        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:06:51.0147 3812        umbus - ok
22:06:51.0157 3812        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:06:51.0177 3812        UmPass - ok
22:06:51.0217 3812        UmRdpService    (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
22:06:51.0247 3812        UmRdpService - ok
22:06:51.0277 3812        upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:06:51.0327 3812        upnphost - ok
22:06:51.0357 3812        upperdev        (ec01da44b090d2651fc032c8b9257232) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
22:06:51.0387 3812        upperdev - ok
22:06:51.0407 3812        USBAAPL        (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
22:06:51.0437 3812        USBAAPL - ok
22:06:51.0467 3812        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:06:51.0487 3812        usbaudio - ok
22:06:51.0507 3812        usbccgp        (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
22:06:51.0527 3812        usbccgp - ok
22:06:51.0577 3812        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:06:51.0607 3812        usbcir - ok
22:06:51.0627 3812        usbehci        (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
22:06:51.0647 3812        usbehci - ok
22:06:51.0687 3812        usbhub          (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
22:06:51.0717 3812        usbhub - ok
22:06:51.0737 3812        usbohci        (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
22:06:51.0757 3812        usbohci - ok
22:06:51.0777 3812        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:06:51.0807 3812        usbprint - ok
22:06:51.0847 3812        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
22:06:51.0867 3812        usbscan - ok
22:06:51.0907 3812        usbser          (31181de6190b39fc8007dffd1a48ffd6) C:\Windows\system32\drivers\usbser.sys
22:06:51.0927 3812        usbser - ok
22:06:51.0937 3812        UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
22:06:51.0987 3812        UsbserFilt - ok
22:06:52.0017 3812        USBSTOR        (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:06:52.0037 3812        USBSTOR - ok
22:06:52.0047 3812        usbuhci        (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
22:06:52.0067 3812        usbuhci - ok
22:06:52.0097 3812        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:06:52.0107 3812        usbvideo - ok
22:06:52.0137 3812        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:06:52.0167 3812        UxSms - ok
22:06:52.0187 3812        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:06:52.0217 3812        VaultSvc - ok
22:06:52.0247 3812        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:06:52.0277 3812        vdrvroot - ok
22:06:52.0337 3812        vds            (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:06:52.0377 3812        vds - ok
22:06:52.0407 3812        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:06:52.0437 3812        vga - ok
22:06:52.0457 3812        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:06:52.0507 3812        VgaSave - ok
22:06:52.0557 3812        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:06:52.0587 3812        vhdmp - ok
22:06:52.0607 3812        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:06:52.0627 3812        viaagp - ok
22:06:52.0637 3812        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:06:52.0657 3812        ViaC7 - ok
22:06:52.0667 3812        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:06:52.0677 3812        viaide - ok
22:06:52.0707 3812        vmbus          (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:06:52.0727 3812        vmbus - ok
22:06:52.0737 3812        VMBusHID        (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:06:52.0747 3812        VMBusHID - ok
22:06:52.0767 3812        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:06:52.0777 3812        volmgr - ok
22:06:52.0807 3812        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:06:52.0827 3812        volmgrx - ok
22:06:52.0877 3812        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:06:52.0897 3812        volsnap - ok
22:06:52.0917 3812        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:06:52.0937 3812        vsmraid - ok
22:06:53.0087 3812        VSS            (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:06:53.0137 3812        VSS - ok
22:06:53.0147 3812        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:06:53.0167 3812        vwifibus - ok
22:06:53.0217 3812        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:06:53.0277 3812        W32Time - ok
22:06:53.0287 3812        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:06:53.0307 3812        WacomPen - ok
22:06:53.0327 3812        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:53.0357 3812        WANARP - ok
22:06:53.0357 3812        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:06:53.0387 3812        Wanarpv6 - ok
22:06:53.0517 3812        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:06:53.0557 3812        wbengine - ok
22:06:53.0587 3812        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:06:53.0607 3812        WbioSrvc - ok
22:06:53.0637 3812        wcncsvc        (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:06:53.0657 3812        wcncsvc - ok
22:06:53.0677 3812        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:06:53.0687 3812        WcsPlugInService - ok
22:06:53.0727 3812        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:06:53.0737 3812        Wd - ok
22:06:53.0777 3812        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:06:53.0807 3812        Wdf01000 - ok
22:06:53.0827 3812        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:06:53.0857 3812        WdiServiceHost - ok
22:06:53.0857 3812        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:06:53.0877 3812        WdiSystemHost - ok
22:06:53.0907 3812        WebClient      (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:06:53.0937 3812        WebClient - ok
22:06:53.0957 3812        Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:06:53.0997 3812        Wecsvc - ok
22:06:54.0017 3812        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:06:54.0037 3812        wercplsupport - ok
22:06:54.0057 3812        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:06:54.0077 3812        WerSvc - ok
22:06:54.0097 3812        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:06:54.0127 3812        WfpLwf - ok
22:06:54.0137 3812        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:06:54.0147 3812        WIMMount - ok
22:06:54.0307 3812        WinDefend      (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:06:54.0347 3812        WinDefend - ok
22:06:54.0357 3812        WinHttpAutoProxySvc - ok
22:06:54.0437 3812        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:06:54.0487 3812        Winmgmt - ok
22:06:54.0617 3812        WinRM          (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:06:54.0667 3812        WinRM - ok
22:06:54.0737 3812        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:06:54.0757 3812        WinUsb - ok
22:06:54.0877 3812        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:06:54.0927 3812        Wlansvc - ok
22:06:55.0197 3812        wlidsvc        (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:06:55.0258 3812        wlidsvc - ok
22:06:55.0408 3812        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:06:55.0438 3812        WmiAcpi - ok
22:06:55.0508 3812        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:06:55.0538 3812        wmiApSrv - ok
22:06:55.0708 3812        WMPNetworkSvc  (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:06:55.0748 3812        WMPNetworkSvc - ok
22:06:55.0778 3812        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:06:55.0798 3812        WPCSvc - ok
22:06:55.0848 3812        WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:06:55.0868 3812        WPDBusEnum - ok
22:06:55.0918 3812        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:06:55.0969 3812        ws2ifsl - ok
22:06:55.0985 3812        wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
22:06:56.0016 3812        wscsvc - ok
22:06:56.0016 3812        WSearch - ok
22:06:56.0235 3812        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
22:06:56.0297 3812        wuauserv - ok
22:06:56.0448 3812        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:06:56.0488 3812        WudfPf - ok
22:06:56.0508 3812        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:56.0538 3812        WUDFRd - ok
22:06:56.0568 3812        wudfsvc        (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:06:56.0598 3812        wudfsvc - ok
22:06:56.0638 3812        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:06:56.0678 3812        WwanSvc - ok
22:06:56.0708 3812        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:06:57.0138 3812        \Device\Harddisk0\DR0 - ok
22:06:57.0178 3812        Boot (0x1200)  (8f63152a4e600ecbbede0492bf0fd973) \Device\Harddisk0\DR0\Partition0
22:06:57.0178 3812        \Device\Harddisk0\DR0\Partition0 - ok
22:06:57.0188 3812        Boot (0x1200)  (3829071368c6e1d6a483a6df00d43cac) \Device\Harddisk0\DR0\Partition1
22:06:57.0188 3812        \Device\Harddisk0\DR0\Partition1 - ok
22:06:57.0188 3812        ============================================================
22:06:57.0188 3812        Scan finished
22:06:57.0188 3812        ============================================================
22:06:57.0208 1476        Detected object count: 1
22:06:57.0208 1476        Actual detected object count: 1
22:07:00.0990 1476        ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
22:07:00.0990 1476        ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich habe den Text in verschieden Teilen hintereinander gepostet weil er sonst zu groß wäre.

Gruß

cosinus 16.07.2012 13:55
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

mno7 16.07.2012 21:27
[code]
Combofix Logfile:
Code:
ComboFix 12-07-16.01 - Marius 16.07.2012  22:13:18.1.2 - x86
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.2046.1078 [GMT 2:00]
ausgeführt von:: c:\users\Marius\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marius\4.0
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-16 bis 2012-07-16  ))))))))))))))))))))))))))))))
.
.
2012-07-16 20:18 . 2012-07-16 20:18        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-07-16 15:54 . 2012-05-31 03:41        6762896        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{050CC739-BB33-4A1C-AECD-778F9943D200}\mpengine.dll
2012-07-14 08:44 . 2012-05-31 03:41        6762896        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-14 07:59 . 2012-07-14 07:59        --------        d-----w-        C:\_OTL
2012-07-12 10:34 . 2012-06-12 02:40        2345984        ----a-w-        c:\windows\system32\win32k.sys
2012-07-08 18:51 . 2012-07-08 18:51        --------        d-----w-        c:\program files\ESET
2012-07-03 19:21 . 2012-02-11 01:18        713784        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E469E9C-35C2-41E7-A2F3-77F947ADC5AE}\gapaengine.dll
2012-07-03 16:20 . 2012-07-03 16:20        421200        ----a-w-        c:\program files\Mozilla Firefox\msvcp100.dll
2012-07-03 16:20 . 2012-07-03 16:20        770384        ----a-w-        c:\program files\Mozilla Firefox\msvcr100.dll
2012-07-01 21:13 . 2012-07-01 21:13        --------        d-----w-        c:\users\Marius\AppData\Roaming\Malwarebytes
2012-07-01 21:13 . 2012-07-01 21:13        --------        d-----w-        c:\programdata\Malwarebytes
2012-07-01 21:13 . 2012-07-01 21:16        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-07-01 21:13 . 2012-04-04 13:56        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-06-25 10:28 . 2012-06-25 10:28        --------        d-----w-        c:\users\Marius\AppData\Local\Macromedia
2012-06-19 10:22 . 2012-06-02 22:19        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-19 10:22 . 2012-06-02 22:19        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-19 10:22 . 2012-06-02 22:12        2422272        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-19 10:22 . 2012-06-02 22:19        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-19 10:21 . 2012-06-02 22:19        35864        ----a-w-        c:\windows\system32\wups.dll
2012-06-19 10:21 . 2012-06-02 22:19        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-19 10:21 . 2012-06-02 22:12        88576        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-19 10:21 . 2012-06-02 13:19        171904        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-19 10:21 . 2012-06-02 13:12        33792        ----a-w-        c:\windows\system32\wuapp.exe
2012-06-17 18:30 . 2012-04-26 04:45        58880        ----a-w-        c:\windows\system32\rdpwsx.dll
2012-06-17 18:30 . 2012-04-26 04:45        129536        ----a-w-        c:\windows\system32\rdpcorekmts.dll
2012-06-17 18:30 . 2012-04-26 04:41        8192        ----a-w-        c:\windows\system32\rdrmemptylst.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 17:34 . 2012-04-12 10:31        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-07-12 17:34 . 2011-09-11 18:54        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2006-06-15 19:33 . 2011-12-06 17:55        233472        ----a-w-        c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2006-05-25 17:43 . 2011-12-06 17:55        204895        ----a-w-        c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2005-09-29 13:41 . 2011-12-06 17:55        77824        ----a-w-        c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2006-06-19 12:10 . 2011-12-06 17:55        426081        ----a-w-        c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2005-02-02 11:19 . 2011-12-06 17:55        458752        ----a-w-        c:\program files\mozilla firefox\plugins\imagickrt.dll
2006-04-10 17:35 . 2011-12-06 17:55        139264        ----a-w-        c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2005-11-09 10:10 . 2011-12-06 17:55        204800        ----a-w-        c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 10:42 . 2011-12-06 17:55        106496        ----a-w-        c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2006-01-04 10:22 . 2011-12-06 17:55        212992        ----a-w-        c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2006-01-04 10:21 . 2011-12-06 17:55        167936        ----a-w-        c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2012-07-03 16:20 . 2011-09-09 18:35        85472        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DELL Webcam Manager"="c:\program files\DELL\DELL Webcam Manager\DellWMgr.exe" [2007-06-07 118784]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
"ICQ"="c:\program files\ICQ7M\ICQ.exe" [2012-05-22 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-09 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-09 92704]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2008-06-09 96800]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PRESONUS_AUDIOBOX_MIDI;Presonus AudioBox WDM MIDI Device;c:\windows\system32\drivers\psabusbm.sys [x]
R3 PRESONUS_AUDIOBOX_USB;Presonus AudioBox USB driver;c:\windows\system32\Drivers\psabusbu.sys [x]
R3 PRESONUS_AUDIOBOX_WDM;Presonus AudioBox USB WDM;c:\windows\system32\drivers\psabusba.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [x]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 17:34]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\j56hwbrk.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-16  22:20:12
ComboFix-quarantined-files.txt  2012-07-16 20:20
.
Vor Suchlauf: 7 Verzeichnis(se), 175.039.643.648 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 174.711.906.304 Bytes frei
.
- - End Of File - - B1EB8DC1169B0EEA2F308D9A642AA94B
--- --- ---

cosinus 17.07.2012 11:11
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

mno7 18.07.2012 17:45
[code]
GMER Logfile:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-18 18:44:21
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD2500BEVS-75UST0 rev.01.01A01
Running: 1xk8r7pj.exe; Driver: C:\Users\Marius\AppData\Local\Temp\pwdiypod.sys


---- Kernel code sections - GMER 1.0.15 ----

.text          ntkrnlpa.exe!ZwRollbackEnlistment + 140D                                                                                  82C523C9 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                    82C8BD52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text          C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                                  section is writeable [0x8E820340, 0x3E9407, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT            C:\Windows\system32\rundll32.exe[1472] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\system32\rundll32.exe[1472] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\system32\rundll32.exe[1472] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\system32\rundll32.exe[1472] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\System32\rundll32.exe[2368] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\System32\rundll32.exe[2368] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\System32\rundll32.exe[2368] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\System32\rundll32.exe[2368] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\System32\rundll32.exe[2376] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\System32\rundll32.exe[2376] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                      [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\System32\rundll32.exe[2376] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Windows\System32\rundll32.exe[2376] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]  [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]    [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]  [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]  [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT            C:\Program Files\Windows Media Player\wmplayer.exe[2644] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress]  [75C2FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device          \Driver\ACPI_HAL \Device\00000046                                                                                          halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device          \Driver\BTHUSB \Device\00000070                                                                                            bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                                    fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                                    rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                                    fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                                    rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                                    fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                                    rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                                    fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                                    rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device          \Driver\BTHUSB \Device\0000006e                                                                                            bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)

AttachedDevice  \FileSystem\fastfat \Fat                                                                                                  fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg            HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c26f1e699                                               
Reg            HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001c26f1e699@8400d2e9d725                                  0xB7 0xD2 0xB3 0xE2 ...
Reg            HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c26f1e699 (not active ControlSet)                           
Reg            HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001c26f1e699@8400d2e9d725                                      0xB7 0xD2 0xB3 0xE2 ...

---- EOF - GMER 1.0.15 ----
--- --- ---


Code:
OSAM Logfile:

       
Code:

       
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:53:56 on 18.07.2012

OS: Windows 7  Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 13.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"NokiaConnectionManager" - "Nokia" - C:\PROGRA~1\Nokia\NOKIAP~1\CONNEC~1.CPL

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"catchme" (catchme) - ? - C:\Users\Marius\AppData\Local\Temp\catchme.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"pwdiypod" (pwdiypod) - ? - C:\Users\Marius\AppData\Local\Temp\pwdiypod.sys  (Hidden registry entry, rootkit activity | File not found)
"SynasUSB" (SynasUSB) - "SIA Syncrosoft" - C:\Windows\System32\drivers\SynasUSB.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - c:\PROGRA~1\MICROS~1\shellext.dll
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} "Nokia Phone Browser" - "Nokia" - C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_3_300_265.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
"ICQ7M" - "ICQ, LLC." - C:\Program Files\ICQ7M\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"DELL Webcam Manager" - "Creative Technology Ltd." - "C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe" /s
"ICQ" - "ICQ, LLC." - "C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4
"PC Suite Tray" - "Nokia" - "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"MSC" - "Microsoft Corporation" - "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\NisSrv.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\MsMpEng.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"Sony Ericsson PCCompanion" (Sony Ericsson PCCompanion) - "Avanquest Software" - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
Code:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-18 18:58:00
-----------------------------
18:58:00.983    OS Version: Windows 6.1.7601 Service Pack 1
18:58:00.983    Number of processors: 2 586 0xF0A
18:58:00.993    ComputerName: MARIUS-PC  UserName: Marius
18:58:02.383    Initialize success
19:00:42.166    AVAST engine defs: 12071800
19:01:37.845    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
19:01:37.855    Disk 0 Vendor: WDC_WD2500BEVS-75UST0 01.01A01 Size: 238475MB BusType: 3
19:01:38.235    Disk 0 MBR read successfully
19:01:38.235    Disk 0 MBR scan
19:01:38.245    Disk 0 Windows 7 default MBR code
19:01:38.285    Disk 0 Partition 1 00    DE Dell Utility Dell 8.0      109 MB offset 63
19:01:38.375    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS        10240 MB offset 225280
19:01:38.516    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS      225564 MB offset 21196800
19:01:38.536    Disk 0 Partition - 00    0F Extended LBA              2560 MB offset 483151872
19:01:38.676    Disk 0 Partition 4 00    DD              MSDOS5.0    2559 MB offset 483153920
19:01:38.926    Disk 0 scanning sectors +488394752
19:01:39.336    Disk 0 scanning C:\Windows\system32\drivers
19:02:21.649    Service scanning
19:02:42.347    Modules scanning
19:04:09.026    Disk 0 trace - called modules:
19:04:09.056    ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys VSTCNXT3.SYS intelppm.sys
19:04:09.066    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a54a00]
19:04:09.076    3 CLASSPNP.SYS[8927159e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x8597f030]
19:04:10.256    AVAST engine scan C:\Windows
19:05:07.000    AVAST engine scan C:\Windows\system32
19:21:09.993    AVAST engine scan C:\Windows\system32\drivers
19:24:08.722    AVAST engine scan C:\Users\Marius
19:39:50.513    AVAST engine scan C:\ProgramData
19:46:03.260    Scan finished successfully
19:47:08.040    Disk 0 MBR has been saved successfully to "C:\Users\Marius\Desktop\MBR.dat"
19:47:08.056    The log file has been saved successfully to "C:\Users\Marius\Desktop\aswMBR.txt"

cosinus 19.07.2012 09:39
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

mno7 20.07.2012 16:34
Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.20.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Marius :: MARIUS-PC [Administrator]

20.07.2012 16:32:54
mbam-log-2012-07-20 (16-32-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 292445
Laufzeit: 51 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:40 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131