Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   EXP/Pidief.dis (https://www.trojaner-board.de/126221-exp-pidief-dis.html)

xray88 28.10.2012 09:38
EXP/Pidief.dis
 
Hallo,

Ich brauche dringend Hilfe. Beim Avira hat mir vor kurzem ein Fund mit dem namen EXP/Pidief.dis gemeldet und in die Quarantaene verschoben nun ist meine Frage wie bekomme ich das Programm wieder vom Laptop ? Habe gelesen das es irgent ein Programm runter laed

Bedanke mich schon mal fuer die Hilfe

cosinus 28.10.2012 12:50
http://www.trojaner-board.de/125889-...tml#post941520

xray88 28.10.2012 21:51
So hab jetzt mal Malware durchlaufen lassen.
Hier ist der Log

Malwarebytes Anti-Malware (Test) 1.65.1.1000
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.10.28.01

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19328

Schutz: Aktiviert

10/28/2012 9:38:48 AM
mbam-log-2012-10-28 (09-38-48).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 480656
Laufzeit: 2 Stunde(n), 2 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 29.10.2012 12:29
Du solltest keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

xray88 29.10.2012 16:03
Code:
Malwarebytes Anti-Malware (Test) 1.65.1.1000
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.10.28.01

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19328

Schutz: Aktiviert

10/28/2012 9:38:48 AM
mbam-log-2012-10-28 (09-38-48).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 480656
Laufzeit: 2 Stunde(n), 2 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

cosinus 29.10.2012 18:02
Und WO bitte sind jetzt die Logs mit Funden?!
Du hast schon bebilderte Anleitungen bekommen

xray88 29.10.2012 18:10
Sorry ich bin wirklich nicht gut mit dem Computer und hab auch nicht soviel ahnung hoffe ich hab jetzt das richtige gepostet
Code:
Exportierte Ereignisse:

10/28/2012 10:29 AM [System Scanner] Malware gefunden
      Die Datei
      'C:\Users\Steffi\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe'
      enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen'
      [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56c75139.qua'
      verschoben!

10/28/2012 10:22 AM [Echtzeit Scanner] Malware gefunden
      In der Datei
      'C:\Users\Steffi\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

10/28/2012 9:12 AM [System Scanner] Malware gefunden
      Die Datei
      'C:\Users\Steffi\AppData\Local\Mozilla\Firefox\Profiles\mr5c4agi.default\Cache\A
      \D9\E7C09d01'
      enthielt einen Virus oder unerwünschtes Programm 'EXP/Pidief.dis' [exploit].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '55a74326.qua'
      verschoben!

10/28/2012 9:11 AM [Echtzeit Scanner] Malware gefunden
      In der Datei
      'C:\Users\Steffi\AppData\Local\Mozilla\Firefox\Profiles\mr5c4agi.default\Cache\A
      \D9\E7C09d01'
      wurde ein Virus oder unerwünschtes Programm 'EXP/Pidief.dis' [exploit] gefunden.
      Ausgeführte Aktion: Übergeben an Scanner

10/25/2012 4:33 PM [System Scanner] Malware gefunden
      Die Datei
      'C:\Users\Steffi\AppData\Local\Mozilla\Firefox\Profiles\mr5c4agi.default\Cache\0
      \D8\FDDBFd01'
      enthielt einen Virus oder unerwünschtes Programm 'EXP/Pidief.dis' [exploit].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56e7e71a.qua'
      verschoben!

10/25/2012 4:32 PM [Echtzeit Scanner] Malware gefunden
      In der Datei
so eset hab ich jetzt auch durchgefuehrt leider ist in meiner Log Datei kein kompletter befund weiss auch nicht warum. Eset hat aber 4 Datein gefunden
Code:
C:\Users\Steffi\Music\MP3\autorun.inf        Win32/Agent.NFZ Wurm        Gesäubert durch Löschen - in Quarantäne kopiert
C:\Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\7ac88064-7026ec93        Java/Agent.DM Trojaner        gelöscht - in Quarantäne kopiert
C:\Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\55756d9b-46388b34        Java/Exploit.CVE-2012-1723.AL Trojaner        gelöscht - in Quarantäne kopiert
C:\Users\Steffi\AppData\Local\Temp\uninstall1262721217.exe        Variante von Win32/YourFileDownloader Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert
Code:
C:\Users\Steffi\Music\MP3\autorun.inf        Win32/Agent.NFZ Wurm        Gesäubert durch Löschen - in Quarantäne kopiert
C:\Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\7ac88064-7026ec93        Java/Agent.DM Trojaner        gelöscht - in Quarantäne kopiert
C:\Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\55756d9b-46388b34        Java/Exploit.CVE-2012-1723.AL Trojaner        gelöscht - in Quarantäne kopiert
C:\Users\Steffi\AppData\Local\Temp\uninstall1262721217.exe        Variante von Win32/YourFileDownloader Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert
Code:
C:\Users\Steffi\Music\MP3\autorun.inf        Win32/Agent.NFZ Wurm        Gesäubert durch Löschen - in Quarantäne kopiert
C:\Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\7ac88064-7026ec93        Java/Agent.DM Trojaner        gelöscht - in Quarantäne kopiert
C:\Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\55756d9b-46388b34        Java/Exploit.CVE-2012-1723.AL Trojaner        gelöscht - in Quarantäne kopiert
C:\Users\Steffi\AppData\Local\Temp\uninstall1262721217.exe        Variante von Win32/YourFileDownloader Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert
Code:
C:\Users\Steffi\Music\MP3\autorun.inf        Win32/Agent.NFZ Wurm        Gesäubert durch Löschen - in Quarantäne kopiert
C:\Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\7ac88064-7026ec93        Java/Agent.DM Trojaner        gelöscht - in Quarantäne kopiert
C:\Users\Steffi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\55756d9b-46388b34        Java/Exploit.CVE-2012-1723.AL Trojaner        gelöscht - in Quarantäne kopiert
C:\Users\Steffi\AppData\Local\Temp\uninstall1262721217.exe        Variante von Win32/YourFileDownloader Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert
Hoffe man kann trotzdem daraus was schliessen

Leider hat er den Code 4 mal rein gemacht und kann es leider auch nicht mehr editieren sorry

Code:
Emsisoft Anti-Malware - Version 7.0
Letztes Update: 10/30/2012 4:57:47 AM

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, Q:\

Riskware-Erkennung: Aus
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:        10/30/2012 4:58:31 AM

Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco -> FullScreen        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco -> HardwareAcceleration        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco -> MusicVolume        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco -> SoundsVolume        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco -> WideScreen        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> 3DInitError        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> 3DInitWarning        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> DirectXVersion        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> Driver        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> DriverDate        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> DriverDescription        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> FreeVideoBlocks        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> LastResolution        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> LastTestBitCount        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> LastTestVersion        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
Value: hkey_users\s-1-5-21-1885657928-2712068699-3060036246-1000\software\jollybear\big city adventure san francisco\3dsettings -> UseDDTM        gefunden: Trace.Registry.GameFiesta Big City Adventure San Francisco (A)
C:\ProgramData\Avira\AntiVir Desktop\INFECTED\5542a276.qua -> (Quarantine-8) -> (INFECTED_JS)        gefunden: PDF:Exploit.JS.EQ (B)
C:\ProgramData\Avira\AntiVir Desktop\INFECTED\55a74326.qua -> (Quarantine-8) -> (INFECTED_JS)        gefunden: PDF:Exploit.PDF-JS.HN (B)
C:\ProgramData\Avira\AntiVir Desktop\INFECTED\55b9b18d.qua -> (Quarantine-8) -> (INFECTED_JS)        gefunden: PDF:Exploit.JS.DD (B)
C:\ProgramData\Avira\AntiVir Desktop\INFECTED\56c75139.qua -> (Quarantine-8)        gefunden: Adware.Generic.264530 (B)
C:\ProgramData\Avira\AntiVir Desktop\INFECTED\56e7e71a.qua -> (Quarantine-8) -> (INFECTED_JS)        gefunden: PDF:Exploit.PDF-JS.HN (B)
C:\ProgramData\Avira\AntiVir Desktop\INFECTED\56f680b0.qua -> (Quarantine-8)        gefunden: Adware.Generic.264530 (B)

Gescannt        586001
Gefunden        22

Scan Ende:        10/30/2012 11:24:27 AM
Scan Zeit:        6:25:56

cosinus 31.10.2012 14:56
1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

xray88 01.11.2012 22:36
Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-01 07:35:00
-----------------------------
07:35:00.776    OS Version: Windows x64 6.0.6002 Service Pack 2
07:35:00.776    Number of processors: 2 586 0x1706
07:35:00.777    ComputerName: STEFFI-PC  UserName: Steffi
07:35:11.015    Initialize success
07:35:23.805    AVAST engine defs: 12103100
07:35:44.365    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
07:35:44.367    Disk 0 Vendor: WDC_WD3200BEVT-60ZCT0 12.01A12 Size: 305245MB BusType: 3
07:35:44.394    Disk 0 MBR read successfully
07:35:44.396    Disk 0 MBR scan
07:35:44.401    Disk 0 unknown MBR code
07:35:44.405    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      293680 MB offset 63
07:35:44.438    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS        11563 MB offset 601458688
07:35:44.578    Disk 0 scanning C:\Windows\system32\drivers
07:36:47.737    Service scanning
07:37:21.330    Modules scanning
07:37:21.332    Disk 0 trace - called modules:
07:37:21.352    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
07:37:21.353    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004dc0790]
07:37:21.355    3 CLASSPNP.SYS[fffffa6000a58c33] -> nt!IofCallDriver -> [0xfffffa8004ea0c20]
07:37:21.355    5 hpdskflt.sys[fffffa6001a020ee] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004c68590]
07:37:26.022    AVAST engine scan C:\Windows
07:38:33.770    AVAST engine scan C:\Windows\system32
07:50:53.323    AVAST engine scan C:\Windows\system32\drivers
07:52:17.717    AVAST engine scan C:\Users\Steffi
09:13:38.458    AVAST engine scan C:\ProgramData
09:20:48.093    Scan finished successfully
22:05:45.626    Disk 0 MBR has been saved successfully to "C:\Users\Steffi\Documents\MBR.dat"
22:05:45.630    The log file has been saved successfully to "C:\Users\Steffi\Documents\aswMBR.txt"
Code:
22:30:18.0963 9920  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
22:30:20.0944 9920  ============================================================
22:30:20.0944 9920  Current date / time: 2012/11/01 22:30:20.0944
22:30:20.0944 9920  SystemInfo:
22:30:20.0944 9920 
22:30:20.0944 9920  OS Version: 6.0.6002 ServicePack: 2.0
22:30:20.0944 9920  Product type: Workstation
22:30:20.0944 9920  ComputerName: STEFFI-PC
22:30:20.0945 9920  UserName: Steffi
22:30:20.0945 9920  Windows directory: C:\Windows
22:30:20.0945 9920  System windows directory: C:\Windows
22:30:20.0945 9920  Running under WOW64
22:30:20.0945 9920  Processor architecture: Intel x64
22:30:20.0945 9920  Number of processors: 2
22:30:20.0945 9920  Page size: 0x1000
22:30:20.0945 9920  Boot type: Normal boot
22:30:20.0945 9920  ============================================================
22:30:22.0478 9920  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
22:30:22.0528 9920  ============================================================
22:30:22.0528 9920  \Device\Harddisk0\DR0:
22:30:22.0528 9920  MBR partitions:
22:30:22.0528 9920  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23D986F1
22:30:22.0528 9920  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23D98800, BlocksNum 0x1695800
22:30:22.0528 9920  ============================================================
22:30:22.0555 9920  C: <-> \Device\Harddisk0\DR0\Partition1
22:30:22.0615 9920  D: <-> \Device\Harddisk0\DR0\Partition2
22:30:22.0616 9920  ============================================================
22:30:22.0616 9920  Initialize success
22:30:22.0616 9920  ============================================================
22:30:44.0783 9768  ============================================================
22:30:44.0783 9768  Scan started
22:30:44.0783 9768  Mode: Manual; SigCheck; TDLFS;
22:30:44.0783 9768  ============================================================
22:30:45.0265 9768  ================ Scan system memory ========================
22:30:45.0265 9768  System memory - ok
22:30:45.0266 9768  ================ Scan services =============================
22:30:45.0390 9768  [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc          C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
22:30:45.0693 9768  a2acc - ok
22:30:45.0817 9768  [ E327C0DE1D7013BE360881801C0AB0FA ] a2AntiMalware  C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
22:30:45.0957 9768  a2AntiMalware - ok
22:30:46.0046 9768  [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA          C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
22:30:46.0062 9768  A2DDA - ok
22:30:46.0082 9768  [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
22:30:46.0098 9768  a2injectiondriver - ok
22:30:46.0122 9768  [ E41D79682A209F72F4F578CFD4A53952 ] a2util          C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
22:30:46.0136 9768  a2util - ok
22:30:46.0333 9768  [ 60FBB29CCCE48B4C3A6517CAF42C3496 ] Accelerometer  C:\Windows\system32\DRIVERS\Accelerometer.sys
22:30:46.0348 9768  Accelerometer - ok
22:30:46.0383 9768  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
22:30:46.0422 9768  ACPI - ok
22:30:46.0535 9768  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:30:46.0607 9768  AdobeFlashPlayerUpdateSvc - ok
22:30:46.0663 9768  [ F14215E37CF124104575073F782111D2 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
22:30:46.0701 9768  adp94xx - ok
22:30:46.0777 9768  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci        C:\Windows\system32\drivers\adpahci.sys
22:30:46.0806 9768  adpahci - ok
22:30:46.0814 9768  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
22:30:46.0834 9768  adpu160m - ok
22:30:46.0841 9768  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
22:30:46.0862 9768  adpu320 - ok
22:30:46.0887 9768  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
22:30:47.0231 9768  AeLookupSvc - ok
22:30:47.0338 9768  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\AESTSr64.exe
22:30:47.0428 9768  AESTFilters - ok
22:30:47.0497 9768  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD            C:\Windows\system32\drivers\afd.sys
22:30:47.0639 9768  AFD - ok
22:30:47.0693 9768  [ 8B0D8B5BAFD4C9D57B41426BC68B32F9 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
22:30:47.0781 9768  AgereModemAudio - ok
22:30:47.0848 9768  [ 70E15CDA25E151DFC60636EF73F5A7BE ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
22:30:48.0059 9768  AgereSoftModem - ok
22:30:48.0099 9768  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:30:48.0136 9768  agp440 - ok
22:30:48.0175 9768  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx        C:\Windows\system32\drivers\djsvs.sys
22:30:48.0209 9768  aic78xx - ok
22:30:48.0217 9768  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG            C:\Windows\System32\alg.exe
22:30:48.0420 9768  ALG - ok
22:30:48.0447 9768  [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:30:48.0458 9768  aliide - ok
22:30:48.0467 9768  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
22:30:48.0478 9768  amdide - ok
22:30:48.0511 9768  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
22:30:48.0576 9768  AmdK8 - ok
22:30:48.0637 9768  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
22:30:48.0677 9768  androidusb - ok
22:30:48.0738 9768  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:30:48.0752 9768  AntiVirSchedulerService - ok
22:30:48.0836 9768  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:30:48.0849 9768  AntiVirService - ok
22:30:48.0905 9768  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo        C:\Windows\System32\appinfo.dll
22:30:48.0972 9768  Appinfo - ok
22:30:49.0045 9768  [ BA8417D4765F3988FF921F30F630E303 ] arc            C:\Windows\system32\drivers\arc.sys
22:30:49.0064 9768  arc - ok
22:30:49.0078 9768  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:30:49.0098 9768  arcsas - ok
22:30:49.0121 9768  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:30:49.0191 9768  AsyncMac - ok
22:30:49.0204 9768  [ E68D9B3A3905619732F7FE039466A623 ] atapi          C:\Windows\system32\drivers\atapi.sys
22:30:49.0223 9768  atapi - ok
22:30:49.0267 9768  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:30:49.0390 9768  AudioEndpointBuilder - ok
22:30:49.0412 9768  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:30:49.0455 9768  AudioSrv - ok
22:30:49.0501 9768  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:30:49.0518 9768  avgntflt - ok
22:30:49.0550 9768  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:30:49.0569 9768  avipbb - ok
22:30:49.0582 9768  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:30:49.0597 9768  avkmgr - ok
22:30:49.0749 9768  [ A2160C5D70F3517FC7356B689ABD6FCD ] BCM43XV        C:\Windows\system32\DRIVERS\bcmwl664.sys
22:30:50.0790 9768  BCM43XV - ok
22:30:50.0845 9768  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE            C:\Windows\System32\bfe.dll
22:30:50.0936 9768  BFE - ok
22:30:51.0080 9768  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
22:30:51.0200 9768  BITS - ok
22:30:51.0259 9768  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
22:30:51.0298 9768  blbdrive - ok
22:30:51.0350 9768  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:30:51.0409 9768  bowser - ok
22:30:51.0439 9768  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
22:30:51.0495 9768  BrFiltLo - ok
22:30:51.0508 9768  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
22:30:51.0559 9768  BrFiltUp - ok
22:30:51.0606 9768  [ A1B39DE453433B115B4EA69EE0343816 ] Browser        C:\Windows\System32\browser.dll
22:30:51.0695 9768  Browser - ok
22:30:51.0732 9768  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid        C:\Windows\system32\drivers\brserid.sys
22:30:51.0827 9768  Brserid - ok
22:30:51.0850 9768  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
22:30:51.0928 9768  BrSerWdm - ok
22:30:51.0947 9768  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
22:30:52.0019 9768  BrUsbMdm - ok
22:30:52.0051 9768  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
22:30:52.0113 9768  BrUsbSer - ok
22:30:52.0154 9768  [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum        C:\Windows\system32\DRIVERS\BthEnum.sys
22:30:52.0231 9768  BthEnum - ok
22:30:52.0269 9768  [ 72F70A38BB15252EB7C4DA7BA3BD4ED1 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:30:52.0310 9768  BTHMODEM - ok
22:30:52.0332 9768  [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:30:52.0383 9768  BthPan - ok
22:30:52.0432 9768  [ E1466882252FF51EDDE48C3F7EDA2591 ] BTHPORT        C:\Windows\system32\Drivers\BTHport.sys
22:30:52.0501 9768  BTHPORT - ok
22:30:52.0542 9768  [ 22E65FFD640F16968F855F5B3528D366 ] BthServ        C:\Windows\System32\bthserv.dll
22:30:52.0582 9768  BthServ - ok
22:30:52.0606 9768  [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
22:30:52.0669 9768  BTHUSB - ok
22:30:52.0738 9768  [ 5C73E29F176A0A258EF2D339C1BD9E3E ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
22:30:52.0755 9768  btwaudio - ok
22:30:52.0820 9768  [ 73B4341807E3398DAC73102E4709ECB0 ] btwavdt        C:\Windows\system32\drivers\btwavdt.sys
22:30:52.0836 9768  btwavdt - ok
22:30:52.0848 9768  [ DA0386AED062087147A4A9E09A23F6F1 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
22:30:52.0863 9768  btwrchid - ok
22:30:52.0893 9768  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:30:52.0957 9768  cdfs - ok
22:30:53.0065 9768  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
22:30:53.0120 9768  cdrom - ok
22:30:53.0150 9768  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc    C:\Windows\System32\certprop.dll
22:30:53.0196 9768  CertPropSvc - ok
22:30:53.0211 9768  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:30:53.0264 9768  circlass - ok
22:30:53.0315 9768  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
22:30:53.0338 9768  CLFS - ok
22:30:53.0427 9768  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:30:53.0440 9768  clr_optimization_v2.0.50727_32 - ok
22:30:53.0490 9768  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:30:53.0502 9768  clr_optimization_v2.0.50727_64 - ok
22:30:53.0579 9768  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:30:53.0593 9768  clr_optimization_v4.0.30319_32 - ok
22:30:53.0672 9768  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:30:53.0686 9768  clr_optimization_v4.0.30319_64 - ok
22:30:53.0715 9768  [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:30:53.0781 9768  CmBatt - ok
22:30:53.0808 9768  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:30:53.0820 9768  cmdide - ok
22:30:53.0919 9768  [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx      C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
22:30:53.0937 9768  Com4QLBEx - ok
22:30:53.0944 9768  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:30:53.0962 9768  Compbatt - ok
22:30:53.0972 9768  COMSysApp - ok
22:30:54.0013 9768  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
22:30:54.0031 9768  crcdisk - ok
22:30:54.0075 9768  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:30:54.0156 9768  CryptSvc - ok
22:30:54.0258 9768  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:30:54.0298 9768  cvhsvc - ok
22:30:54.0383 9768  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:30:54.0484 9768  DcomLaunch - ok
22:30:54.0542 9768  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:30:54.0583 9768  DfsC - ok
22:30:54.0705 9768  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
22:30:55.0069 9768  DFSR - ok
22:30:55.0142 9768  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
22:30:55.0218 9768  Dhcp - ok
22:30:55.0246 9768  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
22:30:55.0266 9768  disk - ok
22:30:55.0316 9768  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:30:55.0338 9768  Dnscache - ok
22:30:55.0372 9768  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc        C:\Windows\System32\dot3svc.dll
22:30:55.0437 9768  dot3svc - ok
22:30:55.0472 9768  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS            C:\Windows\system32\dps.dll
22:30:55.0531 9768  DPS - ok
22:30:55.0623 9768  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
22:30:55.0710 9768  drmkaud - ok
22:30:55.0833 9768  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
22:30:55.0921 9768  DXGKrnl - ok
22:30:55.0937 9768  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60          C:\Windows\system32\DRIVERS\E1G6032E.sys
22:30:55.0993 9768  E1G60 - ok
22:30:56.0077 9768  [ C2303883FD9BE49DC36A6400643002EA ] EapHost        C:\Windows\System32\eapsvc.dll
22:30:56.0142 9768  EapHost - ok
22:30:56.0175 9768  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
22:30:56.0191 9768  Ecache - ok
22:30:56.0259 9768  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
22:30:56.0294 9768  ehRecvr - ok
22:30:56.0309 9768  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched        C:\Windows\ehome\ehsched.exe
22:30:56.0347 9768  ehSched - ok
22:30:56.0379 9768  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart        C:\Windows\ehome\ehstart.dll
22:30:56.0432 9768  ehstart - ok
22:30:56.0481 9768  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
22:30:56.0503 9768  elxstor - ok
22:30:56.0565 9768  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt        C:\Windows\system32\emdmgmt.dll
22:30:56.0660 9768  EMDMgmt - ok
22:30:56.0694 9768  [ 0E3F3301052673CF16813E65D5DE98AD ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
22:30:56.0716 9768  enecir - ok
22:30:56.0736 9768  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:30:56.0776 9768  ErrDev - ok
22:30:56.0848 9768  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem    C:\Windows\system32\es.dll
22:30:56.0899 9768  EventSystem - ok
22:30:57.0013 9768  [ 251AF86E0A4DDF3A6B181ED5103B06B1 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
22:30:57.0060 9768  ewusbnet - ok
22:30:57.0101 9768  [ 486844F47B6636044A42454614ED4523 ] exfat          C:\Windows\system32\drivers\exfat.sys
22:30:57.0144 9768  exfat - ok
22:30:57.0183 9768  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
22:30:57.0250 9768  fastfat - ok
22:30:57.0278 9768  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
22:30:57.0350 9768  fdc - ok
22:30:57.0369 9768  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost        C:\Windows\system32\fdPHost.dll
22:30:57.0438 9768  fdPHost - ok
22:30:57.0458 9768  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
22:30:57.0552 9768  FDResPub - ok
22:30:57.0573 9768  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:30:57.0592 9768  FileInfo - ok
22:30:57.0626 9768  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
22:30:57.0677 9768  Filetrace - ok
22:30:57.0689 9768  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:30:57.0747 9768  flpydisk - ok
22:30:57.0784 9768  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:30:57.0810 9768  FltMgr - ok
22:30:57.0885 9768  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache      C:\Windows\system32\FntCache.dll
22:30:58.0060 9768  FontCache - ok
22:30:58.0107 9768  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:30:58.0123 9768  FontCache3.0.0.0 - ok
22:30:58.0182 9768  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr        C:\Windows\system32\DRIVERS\fssfltr.sys
22:30:58.0198 9768  fssfltr - ok
22:30:58.0308 9768  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:30:58.0424 9768  fsssvc - ok
22:30:58.0459 9768  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:30:58.0498 9768  Fs_Rec - ok
22:30:58.0541 9768  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:30:58.0560 9768  gagp30kx - ok
22:30:58.0607 9768  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc          C:\Windows\System32\gpsvc.dll
22:30:58.0670 9768  gpsvc - ok
22:30:58.0790 9768  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:30:58.0805 9768  gupdate - ok
22:30:58.0834 9768  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:30:58.0849 9768  gupdatem - ok
22:30:58.0879 9768  [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:30:59.0008 9768  HdAudAddService - ok
22:30:59.0074 9768  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:30:59.0205 9768  HDAudBus - ok
22:30:59.0227 9768  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:30:59.0304 9768  HidBth - ok
22:30:59.0326 9768  [ 5F47839455D01FF6403B008D481A6F5B ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
22:30:59.0377 9768  HidIr - ok
22:30:59.0398 9768  [ 59361D38A297755D46A540E450202B2A ] hidserv        C:\Windows\system32\hidserv.dll
22:30:59.0444 9768  hidserv - ok
22:30:59.0461 9768  [ D02C82CB3A20F391C8AEFF94E8E0BAA1 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:30:59.0552 9768  HidUsb - ok
22:30:59.0585 9768  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:30:59.0625 9768  hkmsvc - ok
22:30:59.0717 9768  [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
22:30:59.0740 9768  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
22:30:59.0740 9768  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
22:30:59.0767 9768  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs        C:\Windows\system32\drivers\hpcisss.sys
22:30:59.0780 9768  HpCISSs - ok
22:30:59.0807 9768  [ 4A435CA815A54639CA09DDF75D751EBC ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
22:30:59.0816 9768  hpdskflt - ok
22:30:59.0846 9768  [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
22:30:59.0881 9768  HpqKbFiltr - ok
22:30:59.0911 9768  [ E53D53D66D61794AF8160741946D0B43 ] HpqRemHid      C:\Windows\system32\DRIVERS\HpqRemHid.sys
22:30:59.0940 9768  HpqRemHid - ok
22:31:00.0077 9768  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
22:31:00.0091 9768  hpqwmiex - ok
22:31:00.0109 9768  [ 6BF024EA61D7894BF4AF0B10A90B546E ] hpsrv          C:\Windows\system32\Hpservice.exe
22:31:00.0170 9768  hpsrv - ok
22:31:00.0218 9768  [ 57BA73B5B321291E5114CB21350E1EA0 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:31:00.0291 9768  HSFHWAZL - ok
22:31:00.0353 9768  [ E6CD7F641916484B0141D191A390D866 ] HSF_DPV        C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:31:00.0510 9768  HSF_DPV - ok
22:31:00.0561 9768  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:31:00.0652 9768  HTTP - ok
22:31:00.0713 9768  [ 4B5C07DB91A0099272FAAE732E1152BD ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
22:31:00.0794 9768  hwdatacard - ok
22:31:00.0843 9768  [ 9C13A2691AC410CC7469F298684DCA5D ] hwusbfake      C:\Windows\system32\DRIVERS\ewusbfake.sys
22:31:00.0892 9768  hwusbfake - ok
22:31:00.0937 9768  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp          C:\Windows\system32\drivers\i2omp.sys
22:31:00.0955 9768  i2omp - ok
22:31:01.0047 9768  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:31:01.0098 9768  i8042prt - ok
22:31:01.0127 9768  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV        C:\Windows\system32\drivers\iastorv.sys
22:31:01.0152 9768  iaStorV - ok
22:31:01.0211 9768  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:31:01.0269 9768  IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:31:01.0269 9768  IDriverT - detected UnsignedFile.Multi.Generic (1)
22:31:01.0314 9768  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:31:01.0394 9768  idsvc - ok
22:31:01.0427 9768  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
22:31:01.0443 9768  iirsp - ok
22:31:01.0483 9768  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
22:31:01.0576 9768  IKEEXT - ok
22:31:01.0592 9768  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
22:31:01.0610 9768  intelide - ok
22:31:01.0650 9768  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:31:01.0719 9768  intelppm - ok
22:31:01.0758 9768  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
22:31:01.0826 9768  IPBusEnum - ok
22:31:01.0866 9768  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:31:01.0910 9768  IpFilterDriver - ok
22:31:01.0942 9768  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:31:01.0982 9768  iphlpsvc - ok
22:31:01.0987 9768  IpInIp - ok
22:31:02.0039 9768  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV        C:\Windows\system32\drivers\ipmidrv.sys
22:31:02.0090 9768  IPMIDRV - ok
22:31:02.0111 9768  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT          C:\Windows\system32\DRIVERS\ipnat.sys
22:31:02.0208 9768  IPNAT - ok
22:31:02.0237 9768  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:31:02.0302 9768  IRENUM - ok
22:31:02.0354 9768  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:31:02.0379 9768  isapnp - ok
22:31:02.0435 9768  [ DF88742822DE27C5DAA89D6790DDEA01 ] iscFlash        C:\Program Files (x86)\sp43867\iscflashx64.sys
22:31:02.0450 9768  iscFlash - ok
22:31:02.0497 9768  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:31:02.0522 9768  iScsiPrt - ok
22:31:02.0540 9768  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
22:31:02.0556 9768  iteatapi - ok
22:31:02.0571 9768  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid        C:\Windows\system32\drivers\iteraid.sys
22:31:02.0588 9768  iteraid - ok
22:31:02.0631 9768  [ F12FDD192CC5729304AC7CE9E89C81A0 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
22:31:02.0806 9768  JMCR - ok
22:31:02.0850 9768  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:31:02.0871 9768  kbdclass - ok
22:31:02.0894 9768  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:31:02.0931 9768  kbdhid - ok
22:31:02.0951 9768  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
22:31:02.0984 9768  KeyIso - ok
22:31:03.0080 9768  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:31:03.0126 9768  KSecDD - ok
22:31:03.0172 9768  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
22:31:03.0236 9768  ksthunk - ok
22:31:03.0288 9768  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm          C:\Windows\system32\msdtckrm.dll
22:31:03.0387 9768  KtmRm - ok
22:31:03.0420 9768  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:31:03.0495 9768  LanmanServer - ok
22:31:03.0537 9768  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:31:03.0585 9768  LanmanWorkstation - ok
22:31:03.0603 9768  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:31:03.0660 9768  lltdio - ok
22:31:03.0713 9768  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
22:31:03.0777 9768  lltdsvc - ok
22:31:03.0806 9768  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts        C:\Windows\System32\lmhsvc.dll
22:31:03.0868 9768  lmhosts - ok
22:31:03.0891 9768  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:31:03.0911 9768  LSI_FC - ok
22:31:03.0927 9768  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
22:31:03.0946 9768  LSI_SAS - ok
22:31:03.0956 9768  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:31:03.0986 9768  LSI_SCSI - ok
22:31:04.0023 9768  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv          C:\Windows\system32\drivers\luafv.sys
22:31:04.0101 9768  luafv - ok
22:31:04.0144 9768  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
22:31:04.0191 9768  MBAMProtector - ok
22:31:04.0281 9768  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:31:04.0336 9768  MBAMService - ok
22:31:04.0389 9768  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
22:31:04.0414 9768  Mcx2Svc - ok
22:31:04.0454 9768  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas        C:\Windows\system32\drivers\megasas.sys
22:31:04.0473 9768  megasas - ok
22:31:04.0504 9768  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
22:31:04.0537 9768  MegaSR - ok
22:31:04.0565 9768  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS          C:\Windows\system32\mmcss.dll
22:31:04.0620 9768  MMCSS - ok
22:31:04.0642 9768  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem          C:\Windows\system32\drivers\modem.sys
22:31:04.0698 9768  Modem - ok
22:31:04.0715 9768  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
22:31:04.0761 9768  monitor - ok
22:31:04.0776 9768  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:31:04.0794 9768  mouclass - ok
22:31:04.0810 9768  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:31:04.0872 9768  mouhid - ok
22:31:04.0888 9768  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
22:31:04.0906 9768  MountMgr - ok
22:31:04.0939 9768  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:31:04.0954 9768  MozillaMaintenance - ok
22:31:04.0966 9768  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:31:05.0013 9768  mpio - ok
22:31:05.0043 9768  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:31:05.0081 9768  mpsdrv - ok
22:31:05.0125 9768  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:31:05.0220 9768  MpsSvc - ok
22:31:05.0264 9768  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
22:31:05.0277 9768  Mraid35x - ok
22:31:05.0296 9768  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:31:05.0320 9768  MRxDAV - ok
22:31:05.0347 9768  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:31:05.0372 9768  mrxsmb - ok
22:31:05.0405 9768  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:31:05.0440 9768  mrxsmb10 - ok
22:31:05.0452 9768  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:31:05.0480 9768  mrxsmb20 - ok
22:31:05.0523 9768  [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:31:05.0537 9768  msahci - ok
22:31:05.0560 9768  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
22:31:05.0574 9768  msdsm - ok
22:31:05.0594 9768  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC          C:\Windows\System32\msdtc.exe
22:31:05.0657 9768  MSDTC - ok
22:31:05.0684 9768  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:31:05.0743 9768  Msfs - ok
22:31:05.0768 9768  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:31:05.0784 9768  msisadrv - ok
22:31:05.0831 9768  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
22:31:05.0888 9768  MSiSCSI - ok
22:31:05.0893 9768  msiserver - ok
22:31:05.0976 9768  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
22:31:06.0129 9768  MSKSSRV - ok
22:31:06.0169 9768  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:31:06.0259 9768  MSPCLOCK - ok
22:31:06.0371 9768  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
22:31:06.0443 9768  MSPQM - ok
22:31:06.0482 9768  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
22:31:06.0509 9768  MsRPC - ok
22:31:06.0529 9768  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:31:06.0547 9768  mssmbios - ok
22:31:06.0568 9768  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
22:31:06.0619 9768  MSTEE - ok
22:31:06.0648 9768  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup            C:\Windows\system32\Drivers\mup.sys
22:31:06.0666 9768  Mup - ok
22:31:06.0708 9768  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
22:31:06.0792 9768  napagent - ok
22:31:06.0853 9768  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
22:31:06.0882 9768  NativeWifiP - ok
22:31:06.0944 9768  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:31:07.0030 9768  NDIS - ok
22:31:07.0082 9768  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:31:07.0121 9768  NdisTapi - ok
22:31:07.0139 9768  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
22:31:07.0180 9768  Ndisuio - ok
22:31:07.0214 9768  [ F8158771905260982CE724076419EF19 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
22:31:07.0252 9768  NdisWan - ok
22:31:07.0268 9768  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
22:31:07.0323 9768  NDProxy - ok
22:31:07.0353 9768  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
22:31:07.0415 9768  NetBIOS - ok
22:31:07.0448 9768  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt          C:\Windows\system32\DRIVERS\netbt.sys
22:31:07.0500 9768  netbt - ok
22:31:07.0514 9768  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
22:31:07.0529 9768  Netlogon - ok
22:31:07.0570 9768  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
22:31:07.0620 9768  Netman - ok
22:31:07.0664 9768  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
22:31:07.0712 9768  netprofm - ok
22:31:07.0743 9768  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:31:07.0757 9768  NetTcpPortSharing - ok
22:31:07.0899 9768  [ 263796D4F50DF61C0C7CA86F746B5767 ] NETw5v64        C:\Windows\system32\DRIVERS\NETw5v64.sys
22:31:08.0267 9768  NETw5v64 - ok
22:31:08.0293 9768  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
22:31:08.0310 9768  nfrd960 - ok
22:31:08.0329 9768  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:31:08.0392 9768  NlaSvc - ok
22:31:08.0408 9768  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:31:08.0454 9768  Npfs - ok
22:31:08.0490 9768  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi            C:\Windows\system32\nsisvc.dll
22:31:08.0557 9768  nsi - ok
22:31:08.0570 9768  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:31:08.0624 9768  nsiproxy - ok
22:31:08.0707 9768  [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:31:08.0882 9768  Ntfs - ok
22:31:08.0930 9768  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
22:31:08.0985 9768  Null - ok
22:31:09.0125 9768  [ 9733F305FA84AAF84E7FB09C0B345ADB ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x64.sys
22:31:09.0171 9768  NVENETFD - ok
22:31:09.0208 9768  [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
22:31:09.0225 9768  NVHDA - ok
22:31:09.0521 9768  [ FD39B98FF1BB8ED3848781497E9D02E0 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:31:10.0257 9768  nvlddmkm - ok
22:31:10.0277 9768  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:31:10.0292 9768  nvraid - ok
22:31:10.0301 9768  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:31:10.0314 9768  nvstor - ok
22:31:10.0355 9768  [ C1668D58547DD0C4A0FBD6AFA20D5890 ] nvsvc          C:\Windows\system32\nvvsvc.exe
22:31:10.0377 9768  nvsvc - ok
22:31:10.0418 9768  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:31:10.0433 9768  nv_agp - ok
22:31:10.0437 9768  NwlnkFlt - ok
22:31:10.0442 9768  NwlnkFwd - ok
22:31:10.0490 9768  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
22:31:10.0543 9768  ohci1394 - ok
22:31:10.0586 9768  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:10.0601 9768  ose - ok
22:31:10.0800 9768  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:31:11.0146 9768  osppsvc - ok
22:31:11.0207 9768  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
22:31:11.0295 9768  p2pimsvc - ok
22:31:11.0312 9768  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
22:31:11.0347 9768  p2psvc - ok
22:31:11.0406 9768  [ AECD57F94C887F58919F307C35498EA0 ] Parport        C:\Windows\system32\drivers\parport.sys
22:31:11.0522 9768  Parport - ok
22:31:11.0567 9768  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
22:31:11.0587 9768  partmgr - ok
22:31:11.0642 9768  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:31:11.0758 9768  PcaSvc - ok
22:31:11.0794 9768  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci            C:\Windows\system32\drivers\pci.sys
22:31:11.0847 9768  pci - ok
22:31:11.0915 9768  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:31:11.0946 9768  pciide - ok
22:31:12.0011 9768  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:31:12.0052 9768  pcmcia - ok
22:31:12.0098 9768  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:31:12.0307 9768  PEAUTH - ok
22:31:12.0463 9768  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:31:12.0513 9768  PerfHost - ok
22:31:12.0584 9768  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla            C:\Windows\system32\pla.dll
22:31:12.0705 9768  pla - ok
22:31:12.0740 9768  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:31:12.0772 9768  PlugPlay - ok
22:31:12.0796 9768  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg    C:\Windows\system32\p2psvc.dll
22:31:12.0821 9768  PNRPAutoReg - ok
22:31:12.0884 9768  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc        C:\Windows\system32\p2psvc.dll
22:31:12.0917 9768  PNRPsvc - ok
22:31:13.0051 9768  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
22:31:13.0156 9768  PolicyAgent - ok
22:31:13.0192 9768  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:31:13.0240 9768  PptpMiniport - ok
22:31:13.0273 9768  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor      C:\Windows\system32\drivers\processr.sys
22:31:13.0331 9768  Processor - ok
22:31:13.0370 9768  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc        C:\Windows\system32\profsvc.dll
22:31:13.0433 9768  ProfSvc - ok
22:31:13.0462 9768  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
22:31:13.0481 9768  ProtectedStorage - ok
22:31:13.0513 9768  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
22:31:13.0548 9768  PSched - ok
22:31:13.0588 9768  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
22:31:13.0602 9768  PxHlpa64 - ok
22:31:13.0669 9768  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:31:13.0789 9768  ql2300 - ok
22:31:13.0820 9768  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:31:13.0838 9768  ql40xx - ok
22:31:13.0929 9768  [ 2D757E14216E643E7885EBC0CFB0B906 ] QPCapSvc        C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
22:31:13.0949 9768  QPCapSvc - ok
22:31:13.0965 9768  [ EA8B29EAD23DA9DA2F5DF1DA7C82E308 ] QPSched        C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
22:31:13.0983 9768  QPSched - ok
22:31:14.0067 9768  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE          C:\Windows\system32\qwave.dll
22:31:14.0106 9768  QWAVE - ok
22:31:14.0125 9768  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:31:14.0165 9768  QWAVEdrv - ok
22:31:14.0203 9768  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:31:14.0268 9768  RasAcd - ok
22:31:14.0311 9768  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto        C:\Windows\System32\rasauto.dll
22:31:14.0380 9768  RasAuto - ok
22:31:14.0410 9768  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
22:31:14.0471 9768  Rasl2tp - ok
22:31:14.0499 9768  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
22:31:14.0563 9768  RasMan - ok
22:31:14.0603 9768  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:31:14.0638 9768  RasPppoe - ok
22:31:14.0674 9768  [ C6A593B51F34C33E5474539544072527 ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
22:31:14.0713 9768  RasSstp - ok
22:31:14.0752 9768  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
22:31:14.0792 9768  rdbss - ok
22:31:14.0826 9768  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:31:14.0871 9768  RDPCDD - ok
22:31:14.0906 9768  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr          C:\Windows\system32\drivers\rdpdr.sys
22:31:14.0983 9768  rdpdr - ok
22:31:14.0988 9768  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:31:15.0041 9768  RDPENCDD - ok
22:31:15.0073 9768  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
22:31:15.0144 9768  RDPWD - ok
22:31:15.0198 9768  [ B9570481A1BABCC4A9E941C553596077 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
22:31:15.0224 9768  Recovery Service for Windows - ok
22:31:15.0253 9768  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:31:15.0312 9768  RemoteAccess - ok
22:31:15.0343 9768  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:31:15.0397 9768  RemoteRegistry - ok
22:31:15.0428 9768  [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:31:15.0483 9768  RFCOMM - ok
22:31:15.0582 9768  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo      C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
22:31:15.0604 9768  RichVideo - ok
22:31:15.0671 9768  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
22:31:15.0728 9768  RpcLocator - ok
22:31:15.0789 9768  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs          C:\Windows\system32\rpcss.dll
22:31:15.0881 9768  RpcSs - ok
22:31:15.0926 9768  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:31:15.0972 9768  rspndr - ok
22:31:16.0028 9768  [ 170A66DFAAA22358E08D6F4B38C8F3DF ] RTL8169        C:\Windows\system32\DRIVERS\Rtlh64.sys
22:31:16.0085 9768  RTL8169 - ok
22:31:16.0097 9768  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs          C:\Windows\system32\lsass.exe
22:31:16.0111 9768  SamSs - ok
22:31:16.0127 9768  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:31:16.0140 9768  sbp2port - ok
22:31:16.0169 9768  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:31:16.0231 9768  SCardSvr - ok
22:31:16.0277 9768  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
22:31:16.0380 9768  Schedule - ok
22:31:16.0408 9768  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc    C:\Windows\System32\certprop.dll
22:31:16.0433 9768  SCPolicySvc - ok
22:31:16.0472 9768  [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus          C:\Windows\system32\DRIVERS\sdbus.sys
22:31:16.0507 9768  sdbus - ok
22:31:16.0526 9768  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:31:16.0553 9768  SDRSVC - ok
22:31:16.0559 9768  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:31:16.0631 9768  secdrv - ok
22:31:16.0657 9768  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
22:31:16.0702 9768  seclogon - ok
22:31:16.0719 9768  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
22:31:16.0799 9768  SENS - ok
22:31:16.0816 9768  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum        C:\Windows\system32\drivers\serenum.sys
22:31:16.0890 9768  Serenum - ok
22:31:16.0912 9768  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
22:31:17.0005 9768  Serial - ok
22:31:17.0026 9768  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:31:17.0081 9768  sermouse - ok
22:31:17.0107 9768  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:31:17.0155 9768  SessionEnv - ok
22:31:17.0173 9768  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
22:31:17.0219 9768  sffdisk - ok
22:31:17.0237 9768  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:31:17.0292 9768  sffp_mmc - ok
22:31:17.0311 9768  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
22:31:17.0357 9768  sffp_sd - ok
22:31:17.0377 9768  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
22:31:17.0451 9768  sfloppy - ok
22:31:17.0504 9768  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs          C:\Windows\system32\DRIVERS\Sftfslh.sys
22:31:17.0553 9768  Sftfs - ok
22:31:17.0626 9768  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:31:17.0667 9768  sftlist - ok
22:31:17.0705 9768  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay        C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:31:17.0728 9768  Sftplay - ok
22:31:17.0764 9768  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:31:17.0779 9768  Sftredir - ok
22:31:17.0796 9768  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
22:31:17.0811 9768  Sftvol - ok
22:31:17.0823 9768  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:31:17.0844 9768  sftvsa - ok
22:31:17.0874 9768  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:31:17.0947 9768  SharedAccess - ok
22:31:17.0975 9768  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:31:18.0027 9768  ShellHWDetection - ok
22:31:18.0048 9768  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
22:31:18.0066 9768  SiSRaid2 - ok
22:31:18.0080 9768  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:31:18.0098 9768  SiSRaid4 - ok
22:31:18.0161 9768  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
22:31:18.0180 9768  SkypeUpdate - ok
22:31:18.0266 9768  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc          C:\Windows\system32\SLsvc.exe
22:31:18.0753 9768  slsvc - ok
22:31:18.0798 9768  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
22:31:18.0841 9768  SLUINotify - ok
22:31:18.0884 9768  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
22:31:18.0922 9768  Smb - ok
22:31:18.0996 9768  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:31:19.0011 9768  SNMPTRAP - ok
22:31:19.0043 9768  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr          C:\Windows\system32\drivers\spldr.sys
22:31:19.0056 9768  spldr - ok
22:31:19.0087 9768  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler        C:\Windows\System32\spoolsv.exe
22:31:19.0149 9768  Spooler - ok
22:31:19.0189 9768  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv            C:\Windows\system32\DRIVERS\srv.sys
22:31:19.0226 9768  srv - ok
22:31:19.0282 9768  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:31:19.0316 9768  srv2 - ok
22:31:19.0356 9768  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:31:19.0385 9768  srvnet - ok
22:31:19.0426 9768  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus        C:\Windows\system32\DRIVERS\ssadbus.sys
22:31:19.0486 9768  ssadbus - ok
22:31:19.0515 9768  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:31:19.0544 9768  ssadmdfl - ok
22:31:19.0579 9768  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm        C:\Windows\system32\DRIVERS\ssadmdm.sys
22:31:19.0616 9768  ssadmdm - ok
22:31:19.0662 9768  [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus        C:\Windows\system32\DRIVERS\sscdbus.sys
22:31:19.0681 9768  sscdbus - ok
22:31:19.0728 9768  [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
22:31:19.0742 9768  sscdmdfl - ok
22:31:19.0778 9768  [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm        C:\Windows\system32\DRIVERS\sscdmdm.sys
22:31:19.0839 9768  sscdmdm - ok
22:31:19.0888 9768  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
22:31:19.0973 9768  SSDPSRV - ok
22:31:20.0027 9768  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc        C:\Windows\system32\sstpsvc.dll
22:31:20.0398 9768  SstpSvc - ok
22:31:20.0623 9768  [ 810199DCC3BDC38304D7D649992EA7BC ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
22:31:20.0843 9768  STacSV - ok
22:31:20.0911 9768  [ ED1722F43CE61409EF68340402D6267D ] STHDA          C:\Windows\system32\DRIVERS\stwrt64.sys
22:31:20.0970 9768  STHDA - ok
22:31:21.0042 9768  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
22:31:21.0090 9768  stisvc - ok
22:31:21.0161 9768  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:31:21.0177 9768  swenum - ok
22:31:21.0242 9768  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv          C:\Windows\System32\swprv.dll
22:31:21.0346 9768  swprv - ok
22:31:21.0366 9768  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx        C:\Windows\system32\drivers\symc8xx.sys
22:31:21.0383 9768  Symc8xx - ok
22:31:21.0401 9768  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
22:31:21.0418 9768  Sym_hi - ok
22:31:21.0436 9768  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
22:31:21.0453 9768  Sym_u3 - ok
22:31:21.0495 9768  [ C52B05821884F9A0EBEE38C45DBD73CD ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
22:31:21.0519 9768  SynTP - ok
22:31:21.0578 9768  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain        C:\Windows\system32\sysmain.dll
22:31:21.0691 9768  SysMain - ok
22:31:21.0718 9768  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:31:21.0749 9768  TabletInputService - ok
22:31:21.0785 9768  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv        C:\Windows\System32\tapisrv.dll
22:31:22.0006 9768  TapiSrv - ok
22:31:22.0047 9768  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS            C:\Windows\System32\tbssvc.dll
22:31:22.0150 9768  TBS - ok
22:31:22.0253 9768  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
22:31:22.0364 9768  Tcpip - ok
22:31:22.0415 9768  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
22:31:22.0497 9768  Tcpip6 - ok
22:31:22.0540 9768  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:31:22.0596 9768  tcpipreg - ok
22:31:22.0657 9768  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:31:22.0756 9768  TDPIPE - ok
22:31:22.0776 9768  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
22:31:22.0850 9768  TDTCP - ok
22:31:22.0872 9768  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
22:31:22.0921 9768  tdx - ok
22:31:22.0948 9768  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:31:22.0970 9768  TermDD - ok
22:31:23.0016 9768  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService    C:\Windows\System32\termsrv.dll
22:31:23.0113 9768  TermService - ok
22:31:23.0134 9768  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
22:31:23.0157 9768  Themes - ok
22:31:23.0188 9768  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER    C:\Windows\system32\mmcss.dll
22:31:23.0234 9768  THREADORDER - ok
22:31:23.0262 9768  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
22:31:23.0326 9768  TrkWks - ok
22:31:23.0386 9768  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:31:23.0432 9768  TrustedInstaller - ok
22:31:23.0461 9768  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:31:23.0524 9768  tssecsrv - ok
22:31:23.0555 9768  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp          C:\Windows\system32\DRIVERS\tunmp.sys
22:31:23.0592 9768  tunmp - ok
22:31:23.0631 9768  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:31:23.0659 9768  tunnel - ok
22:31:23.0679 9768  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:31:23.0699 9768  uagp35 - ok
22:31:23.0734 9768  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:31:23.0792 9768  udfs - ok
22:31:23.0820 9768  [ 060507C4113391394478F6953A79EEDC ] UI0Detect      C:\Windows\system32\UI0Detect.exe
22:31:23.0868 9768  UI0Detect - ok
22:31:23.0890 9768  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:31:23.0909 9768  uliagpkx - ok
22:31:23.0939 9768  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci        C:\Windows\system32\drivers\uliahci.sys
22:31:23.0965 9768  uliahci - ok
22:31:23.0980 9768  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
22:31:24.0000 9768  UlSata - ok
22:31:24.0012 9768  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2        C:\Windows\system32\drivers\ulsata2.sys
22:31:24.0032 9768  ulsata2 - ok
22:31:24.0038 9768  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
22:31:24.0084 9768  umbus - ok
22:31:24.0101 9768  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
22:31:24.0175 9768  upnphost - ok
22:31:24.0204 9768  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
22:31:24.0240 9768  usbccgp - ok
22:31:24.0262 9768  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:31:24.0329 9768  usbcir - ok
22:31:24.0345 9768  [ 827E44DE934A736EA31E91D353EB126F ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
22:31:24.0376 9768  usbehci - ok
22:31:24.0405 9768  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:31:24.0446 9768  usbhub - ok
22:31:24.0463 9768  [ 540B622DA0949695C40CDC9D5D497A8B ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
22:31:24.0510 9768  usbohci - ok
22:31:24.0541 9768  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:31:24.0573 9768  usbprint - ok
22:31:24.0604 9768  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
22:31:24.0629 9768  usbscan - ok
22:31:24.0664 9768  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:31:24.0705 9768  USBSTOR - ok
22:31:24.0733 9768  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
22:31:24.0758 9768  usbuhci - ok
22:31:24.0777 9768  [ FC33099877790D51B0927B7039059855 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:31:24.0828 9768  usbvideo - ok
22:31:24.0860 9768  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms          C:\Windows\System32\uxsms.dll
22:31:24.0886 9768  UxSms - ok
22:31:24.0921 9768  [ 294945381DFA7CE58CECF0A9896AF327 ] vds            C:\Windows\System32\vds.exe
22:31:24.0962 9768  vds - ok
22:31:24.0995 9768  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
22:31:25.0045 9768  vga - ok
22:31:25.0071 9768  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave        C:\Windows\System32\drivers\vga.sys
22:31:25.0122 9768  VgaSave - ok
22:31:25.0148 9768  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
22:31:25.0159 9768  viaide - ok
22:31:25.0202 9768  [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
22:31:25.0206 9768  Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - warning
22:31:25.0207 9768  Viewpoint Manager Service - detected UnsignedFile.Multi.Generic (1)
22:31:25.0227 9768  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:31:25.0241 9768  volmgr - ok
22:31:25.0276 9768  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
22:31:25.0300 9768  volmgrx - ok
22:31:25.0356 9768  [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap        C:\Windows\system32\drivers\volsnap.sys
22:31:25.0374 9768  volsnap - ok
22:31:25.0401 9768  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
22:31:25.0416 9768  vsmraid - ok
22:31:25.0477 9768  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS            C:\Windows\system32\vssvc.exe
22:31:25.0603 9768  VSS - ok
22:31:25.0656 9768  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time        C:\Windows\system32\w32time.dll
22:31:25.0744 9768  W32Time - ok
22:31:25.0758 9768  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:31:25.0846 9768  WacomPen - ok
22:31:25.0873 9768  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
22:31:25.0918 9768  Wanarp - ok
22:31:25.0923 9768  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:31:25.0958 9768  Wanarpv6 - ok
22:31:25.0982 9768  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
22:31:26.0068 9768  wcncsvc - ok
22:31:26.0104 9768  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:31:26.0148 9768  WcsPlugInService - ok
22:31:26.0165 9768  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
22:31:26.0183 9768  Wd - ok
22:31:26.0214 9768  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:31:26.0291 9768  Wdf01000 - ok
22:31:26.0316 9768  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:31:26.0383 9768  WdiServiceHost - ok
22:31:26.0388 9768  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost  C:\Windows\system32\wdi.dll
22:31:26.0436 9768  WdiSystemHost - ok
22:31:26.0463 9768  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient      C:\Windows\System32\webclnt.dll
22:31:26.0500 9768  WebClient - ok
22:31:26.0533 9768  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:31:26.0567 9768  Wecsvc - ok
22:31:26.0594 9768  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
22:31:26.0630 9768  wercplsupport - ok
22:31:26.0656 9768  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
22:31:26.0700 9768  WerSvc - ok
22:31:26.0763 9768  [ B5C348B265178FB9EE55ADDB3929485D ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:31:26.0881 9768  winachsf - ok
22:31:26.0933 9768  WinDefend - ok
22:31:26.0939 9768  WinHttpAutoProxySvc - ok
22:31:27.0002 9768  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
22:31:27.0050 9768  Winmgmt - ok
22:31:27.0176 9768  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM          C:\Windows\system32\WsmSvc.dll
22:31:27.0357 9768  WinRM - ok
22:31:27.0437 9768  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc        C:\Windows\System32\wlansvc.dll
22:31:27.0518 9768  Wlansvc - ok
22:31:27.0594 9768  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:31:27.0609 9768  wlcrasvc - ok
22:31:27.0765 9768  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:31:27.0925 9768  wlidsvc - ok
22:31:27.0971 9768  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
22:31:28.0006 9768  WmiAcpi - ok
22:31:28.0038 9768  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:31:28.0076 9768  wmiApSrv - ok
22:31:28.0101 9768  WMPNetworkSvc - ok
22:31:28.0127 9768  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:31:28.0169 9768  WPCSvc - ok
22:31:28.0203 9768  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:31:28.0253 9768  WPDBusEnum - ok
22:31:28.0289 9768  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
22:31:28.0308 9768  WpdUsb - ok
22:31:28.0446 9768  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:31:28.0591 9768  WPFFontCache_v0400 - ok
22:31:28.0659 9768  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
22:31:28.0759 9768  ws2ifsl - ok
22:31:28.0810 9768  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
22:31:28.0834 9768  wscsvc - ok
22:31:28.0839 9768  WSearch - ok
22:31:28.0935 9768  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:31:29.0092 9768  wuauserv - ok
22:31:29.0141 9768  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:31:29.0188 9768  WUDFRd - ok
22:31:29.0217 9768  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
22:31:29.0267 9768  wudfsvc - ok
22:31:29.0329 9768  [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {22D78859-9CE9-4B77-BF18-AC83E81A9263} C:\Program Files (x86)\HP\QuickPlay\000.fcl
22:31:29.0346 9768  {22D78859-9CE9-4B77-BF18-AC83E81A9263} - ok
22:31:29.0359 9768  ================ Scan global ===============================
22:31:29.0395 9768  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
22:31:29.0434 9768  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
22:31:29.0465 9768  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
22:31:29.0514 9768  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
22:31:29.0524 9768  [Global] - ok
22:31:29.0524 9768  ================ Scan MBR ==================================
22:31:29.0531 9768  [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
22:31:30.0259 9768  \Device\Harddisk0\DR0 - ok
22:31:30.0259 9768  ================ Scan VBR ==================================
22:31:30.0262 9768  [ AE42F678A486E07D583074A895F0F8A6 ] \Device\Harddisk0\DR0\Partition1
22:31:30.0264 9768  \Device\Harddisk0\DR0\Partition1 - ok
22:31:30.0266 9768  [ FCB4E5CDD69D6150BB805B372A29539F ] \Device\Harddisk0\DR0\Partition2
22:31:30.0269 9768  \Device\Harddisk0\DR0\Partition2 - ok
22:31:30.0269 9768  ============================================================
22:31:30.0269 9768  Scan finished
22:31:30.0269 9768  ============================================================
22:31:30.0280 8436  Detected object count: 3
22:31:30.0280 8436  Actual detected object count: 3
22:31:47.0554 8436  HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:31:47.0554 8436  HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:31:47.0555 8436  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:31:47.0555 8436  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:31:47.0558 8436  Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:31:47.0559 8436  Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 03.11.2012 14:49
Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Code:
msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:52 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131