Trojaner-Board - TrojanDownloader:Win32/Adload.DA !?

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - TrojanDownloader:Win32/Adload.DA !? (https://www.trojaner-board.de/127548-trojandownloader-win32-adload.html)

TrojanDownloader:Win32/Adload.DA !?

Hi Leute :)

erstmal, ich bin ganz neu angemeldet und grüsse mal alle unter euch!

nun zu meinem problem, nachdem ich gegooglet habe und einige einträge mit dem selben problem gefunden habe, wollte ich euch fragen was ich tun soll.
ich bekomme von meinem wartungscenter die meldung:
'Windows hat TrojanDownloader:Win32/Adload.DA, einen bekannten Computervirus, auf dem Computer gefunden.

Folgen Sie den Anweisungen, um den Virus vom Computer zu entfernen:

Besuchen Sie folgende Website:
Microsoft Safety Scanner'

ich benutze kaspersky anti virus 2013 und habe bereits einen kompletten check gemacht der nichts ergeben hat.
könnt ihr mir helfen wie ich diesen virus (oder was auch immer es ist, tut mir leid aber ich kenne mich absolut nicht aus.. surfen, music laden ist so ziemlich alles was ich kann ... :o) entfernen kann, oder soll ich mir bereits gelöste threads genau durchlesen und die schritte dort befolgen?

hoffe ihr könnt mir ein wenig helfen :dankeschoen:

Liebe Grüsse
tiniii

Hallo und :hallo:

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

msconfig

netsvcs

safebootminimal

safebootnetwork

activex

drivers32

%SYSTEMDRIVE%\*.

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles

%SYSTEMROOT%\System32\config\*.sav

%SYSTEMROOT%\*. /mp /s

%SYSTEMROOT%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Hi Cosinus!

erstmal vielen dank für deine sehr schnelle und sehr ausführliche antwort! *freu* :dankeschoen:

ich denke dass ich alles verstanden habe und hoffe dass ich alles richtig gemacht habe (falls nicht bitte nicht schimpfen, ich bin wie gesagt echt unwissend wenn es um pcs geht... :o)

ich habe den quickscan gemacht und hier ist mein ergebnis:

Code:

OTL logfile created on: 11/27/2012 8:03:33 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tini\Desktop

 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3.00 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 58.31% Memory free

5.99 Gb Paging File | 4.65 Gb Available in Paging File | 77.49% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 900.41 Gb Total Space | 779.23 Gb Free Space | 86.54% Space Free | Partition Type: NTFS

Drive D: | 30.00 Gb Total Space | 10.23 Gb Free Space | 34.11% Space Free | Partition Type: NTFS

 

Computer Name: TINI-PC | User Name: Tini | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012/11/27 19:58:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tini\Desktop\OTL.exe

PRC - [2012/11/20 14:34:29 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe

PRC - [2012/10/27 00:14:50 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2012/07/02 16:25:14 | 002,232,504 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe

PRC - [2012/07/02 16:24:54 | 003,790,504 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_Giraffic.exe

PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2011/06/08 18:15:06 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe

PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2010/01/19 15:10:48 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe

PRC - [2009/12/29 18:50:10 | 000,678,432 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe

PRC - [2009/12/10 02:02:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2009/11/07 11:46:52 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

PRC - [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009/07/02 02:03:12 | 002,352,416 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

PRC - [2009/07/02 02:03:12 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

PRC - [2009/07/02 02:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

PRC - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012/11/20 14:34:29 | 014,586,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_110.dll

MOD - [2012/10/27 00:14:50 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll

MOD - [2009/11/02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll

MOD - [2009/11/02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll

MOD - [2009/07/02 02:03:24 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll

 

 
 ========== Services (SafeList) ==========

 

SRV - [2012/11/20 14:34:29 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/11/15 17:08:35 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP)

SRV - [2012/10/27 00:14:50 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/07/02 16:25:14 | 002,232,504 | ---- | M] (Giraffic) [Auto | Running] -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)

SRV - [2011/11/28 22:38:00 | 004,229,912 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)

SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011/09/04 00:03:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2009/12/10 02:02:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2009/11/07 11:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)

SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/07/02 02:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)

DRV - [2012/11/15 17:12:22 | 000,589,144 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)

DRV - [2012/11/15 17:12:22 | 000,043,608 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)

DRV - [2012/10/10 17:11:52 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2012/10/10 17:11:52 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)

DRV - [2012/08/13 15:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)

DRV - [2012/08/02 14:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)

DRV - [2012/06/19 16:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)

DRV - [2011/10/01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)

DRV - [2011/10/01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)

DRV - [2011/10/01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)

DRV - [2011/10/01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)

DRV - [2010/06/22 03:51:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)

DRV - [2010/03/02 12:24:58 | 001,006,624 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)

DRV - [2010/01/07 09:05:26 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2009/12/31 02:35:54 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/07/22 11:43:31] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerCinema Movie\000.fcl -- ({60DB6561-0A84-4c94-AF33-288405CFD56D})

DRV - [2009/12/22 13:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)

DRV - [2009/12/03 11:26:22 | 009,941,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009/10/29 19:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)

DRV - [2009/10/29 19:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)

DRV - [2009/10/13 13:03:28 | 000,067,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2009/07/01 12:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)

DRV - [2009/05/13 20:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)

DRV - [2009/05/13 20:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://medion.msn.com

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.medion.com [binary data]

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.medion.com/ [binary data]

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=2912_4&babsrc=SP_ss&mntrId=1e6b7ca50000000000001c4bd6028871

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{475187CA-0775-4017-AB51-E948BBA1661F}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{724E5287-594D-4019-8370-B60D14AD497B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050&SSPV=IENOSGBR

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={0018DD92-4C37-4D38-B171-21D1D6271CA5}&mid=53cf9f094ea447d18e7fcd0290e66182-7cf4ac3cc0065b6430f371aa1aafeffa28bf2d51&lang=de&ds=st011&pr=sa&d=2012-02-16 13:59:23&v=9.0.0.23&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{CBB82912-64F8-4C6E-A618-3762C439712D}: "URL" = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc=

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\SearchScopes\{EA68F8AA-9B47-4A4E-9BCC-0939262B3DCC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true

FF - prefs.js..CT2625848.browser.search.defaultthis.engineName: true

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"

FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "https://www.google.com/"

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\Users\Tini\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tini\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/09/09 20:32:31 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 14:27:28 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2012/10/09 20:36:48 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2012/10/09 20:36:50 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2012/10/09 20:36:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 00:14:50 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 00:14:48 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 00:14:50 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 00:14:48 | 000,000,000 | ---D | M]

 

[2011/09/02 22:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tini\AppData\Roaming\mozilla\Extensions

[2012/10/23 21:41:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tini\AppData\Roaming\mozilla\Firefox\Profiles\ecfa2ova.default\extensions

[2012/09/02 18:47:42 | 000,000,927 | ---- | M] () -- C:\Users\Tini\AppData\Roaming\mozilla\firefox\profiles\ecfa2ova.default\searchplugins\conduit.xml

[2012/03/22 01:00:49 | 000,002,060 | ---- | M] () -- C:\Users\Tini\AppData\Roaming\mozilla\firefox\profiles\ecfa2ova.default\searchplugins\softonic.xml

[2012/10/27 00:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2012/10/27 00:14:50 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/07/20 13:01:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012/07/09 13:44:18 | 000,003,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

[2012/07/20 12:58:41 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012/08/31 19:59:23 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/07/20 13:01:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2012/07/20 13:01:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2012/07/20 13:01:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2012/07/20 13:01:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB DE Toolbar) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe (cyberlink)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found

O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)

O4 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000..\Run: [HP Deskjet 3070 B611 series (NET)] C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Tini\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found

O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found

O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)

O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)

O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-3648990694-1417340204-238680334-1000\..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18FB4348-A233-4652-9588-6B0492EB5C9F}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DA6FBA5-A79C-4CC1-9878-85963AFB2B96}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: BsScanner - Service

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: BsScanner - Service

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)

Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012/11/27 19:58:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tini\Desktop\OTL.exe

[2012/11/11 15:05:02 | 000,000,000 | ---D | C] -- C:\Users\Tini\AppData\Roaming\Mozilla-Cache

[2012/11/11 15:04:32 | 000,000,000 | ---D | C] -- C:\Users\Tini\AppData\Roaming\Party

[2012/11/11 15:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyPoker

[2012/11/11 15:03:44 | 000,000,000 | ---D | C] -- C:\Programs

[2012/11/08 17:27:09 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV

[2012/11/08 17:26:29 | 000,000,000 | ---D | C] -- C:\Poker

[20 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012/11/27 20:01:00 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job

[2012/11/27 19:58:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tini\Desktop\OTL.exe

[2012/11/27 19:56:30 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/11/27 19:56:30 | 000,010,096 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/11/27 19:49:29 | 000,001,958 | ---- | M] () -- C:\Users\Tini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3070 B611 series (Netzwerk).lnk

[2012/11/27 19:48:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/11/27 19:48:10 | 2414,432,256 | -HS- | M] () -- C:\hiberfil.sys

[2012/11/26 21:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/11/24 16:48:54 | 000,654,436 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2012/11/24 16:48:54 | 000,616,318 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012/11/24 16:48:54 | 000,130,050 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2012/11/24 16:48:54 | 000,106,440 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012/11/18 18:58:09 | 000,023,587 | ---- | M] () -- C:\Users\Tini\Desktop\concept-bmx-bicycle-2.jpg

[2012/11/16 17:38:26 | 000,093,775 | ---- | M] () -- C:\Users\Tini\Desktop\Hisoka_by_vilsen.jpg

[2012/11/16 08:41:50 | 000,289,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012/11/15 17:12:22 | 000,589,144 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys

[2012/11/15 17:12:22 | 000,043,608 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\kltdi.sys

[2012/11/11 15:04:00 | 000,001,699 | ---- | M] () -- C:\Users\Tini\Desktop\PartyPoker.lnk

[20 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012/11/18 18:58:05 | 000,023,587 | ---- | C] () -- C:\Users\Tini\Desktop\concept-bmx-bicycle-2.jpg

[2012/11/16 17:38:22 | 000,093,775 | ---- | C] () -- C:\Users\Tini\Desktop\Hisoka_by_vilsen.jpg

[2012/11/15 23:31:12 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

[2012/11/15 23:30:17 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

[2012/11/11 15:04:00 | 000,001,699 | ---- | C] () -- C:\Users\Tini\Desktop\PartyPoker.lnk

[2012/07/04 09:37:23 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat

[2012/03/24 11:27:57 | 000,000,017 | ---- | C] () -- C:\Users\Tini\AppData\Local\resmon.resmoncfg

[2012/02/17 18:06:12 | 000,000,624 | ---- | C] () -- C:\Windows\eReg.dat

[2012/02/15 21:30:29 | 000,347,472 | ---- | C] () -- C:\Users\Tini\AppData\Local\MB.SAV

[2012/01/19 18:44:16 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

[2011/10/12 18:40:30 | 000,005,632 | ---- | C] () -- C:\Users\Tini\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2011/09/02 22:55:09 | 000,017,408 | ---- | C] () -- C:\Users\Tini\AppData\Local\WebpageIcons.db

[2011/06/08 22:49:42 | 001,929,576 | ---- | C] () -- C:\Windows\System32\HPScanTRDrv_DJ3070_B611.dll

 
 ========== ZeroAccess Check ==========

 

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== LOP Check ==========

 

[2011/09/04 15:27:13 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Ascaron Entertainment

[2012/03/25 10:42:31 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Azureus

[2012/03/22 22:25:01 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Babylon

[2012/09/16 10:22:34 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\DVDVideoSoft

[2012/09/16 10:07:42 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\DVDVideoSoftIEHelpers

[2012/05/13 20:23:14 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Kalypso Media

[2011/10/02 13:05:10 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\LolClient

[2012/09/02 18:41:48 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\OpenCandy

[2012/11/11 15:06:01 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Party

[2011/09/05 21:14:07 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Raptr

[2012/05/14 21:24:25 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\runic games

[2012/11/24 22:37:18 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\SoftGrid Client

[2012/03/23 15:31:11 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\TalesRunner

[2011/09/13 18:49:21 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\TP

[2012/05/13 20:25:18 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Tropico 4

[2011/10/16 01:02:49 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Unity

[2012/02/19 12:24:55 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\YoudaGames

[2012/05/17 22:03:49 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\YourFileDownloader

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2012/07/10 12:27:20 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN

[2012/08/21 07:22:14 | 000,000,000 | ---D | M] -- C:\7c743e06b9fb87dd6fc453c579

[2010/12/03 13:19:06 | 000,000,000 | ---D | M] -- C:\Backup My Data

[2011/09/02 22:11:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2012/03/24 11:36:28 | 000,000,000 | ---D | M] -- C:\Download

[2012/05/13 20:30:19 | 000,000,000 | -HSD | M] -- C:\found.000

[2010/07/22 17:28:37 | 000,000,000 | ---D | M] -- C:\Intel

[2011/09/13 18:54:19 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2012/05/22 09:45:15 | 000,000,000 | ---D | M] -- C:\Netgear

[2012/11/08 17:26:29 | 000,000,000 | ---D | M] -- C:\Poker

[2012/10/27 07:54:08 | 000,000,000 | R--D | M] -- C:\Program Files

[2012/10/09 20:42:23 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2012/11/11 15:03:44 | 000,000,000 | ---D | M] -- C:\Programs

[2011/09/02 22:11:54 | 000,000,000 | -HSD | M] -- C:\Recovery

[2012/11/27 20:06:57 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2011/09/02 22:21:53 | 000,000,000 | R--D | M] -- C:\Users

[2012/11/08 17:27:09 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011/09/12 16:52:08 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Adobe

[2011/09/05 09:31:12 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Apple Computer

[2011/09/04 15:27:13 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Ascaron Entertainment

[2012/03/25 10:42:31 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Azureus

[2012/03/22 22:25:01 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Babylon

[2011/09/09 20:32:22 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\DivX

[2012/09/16 10:22:34 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\DVDVideoSoft

[2012/09/16 10:07:42 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\DVDVideoSoftIEHelpers

[2012/04/24 12:24:08 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\HpUpdate

[2011/09/02 22:22:12 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Identities

[2012/05/13 20:23:14 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Kalypso Media

[2011/10/02 13:05:10 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\LolClient

[2011/09/03 10:56:51 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Macromedia

[2009/07/14 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Media Center Programs

[2012/07/20 09:23:22 | 000,000,000 | --SD | M] -- C:\Users\Tini\AppData\Roaming\Microsoft

[2011/09/02 22:36:49 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Mozilla

[2012/11/11 15:05:02 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Mozilla-Cache

[2012/09/02 18:41:48 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\OpenCandy

[2012/11/11 15:06:01 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Party

[2011/09/05 21:14:07 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Raptr

[2012/05/14 21:24:25 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\runic games

[2012/11/24 22:37:18 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\SoftGrid Client

[2012/03/23 15:31:11 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\TalesRunner

[2011/09/13 18:49:21 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\TP

[2012/05/13 20:25:18 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Tropico 4

[2011/10/16 01:02:49 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\Unity

[2011/10/26 16:07:26 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\vlc

[2011/09/03 18:17:26 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\WinRAR

[2012/02/19 12:24:55 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\YoudaGames

[2012/05/17 22:03:49 | 000,000,000 | ---D | M] -- C:\Users\Tini\AppData\Roaming\YourFileDownloader

 
 < %APPDATA%\*.exe /s >

[2011/09/03 10:44:38 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\Tini\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe

[2011/10/11 20:35:54 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tini\AppData\Roaming\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\DesktopMgr.exe

[2011/10/11 20:35:54 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tini\AppData\Roaming\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe

[2011/10/11 20:35:54 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tini\AppData\Roaming\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe

[2011/10/11 20:35:54 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tini\AppData\Roaming\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe

[2011/10/11 20:35:54 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tini\AppData\Roaming\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe

[2011/10/11 20:35:54 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tini\AppData\Roaming\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe

[2011/10/11 20:35:54 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tini\AppData\Roaming\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe

[2011/10/11 20:35:54 | 000,069,632 | R--- | M] (Acresso Software Inc.) -- C:\Users\Tini\AppData\Roaming\Microsoft\Installer\{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe

[2011/11/18 05:30:06 | 002,081,208 | ---- | M] (Speedchecker Limited                                        ) -- C:\Users\Tini\AppData\Roaming\OpenCandy\348958ACFE7D48B6A36EF7F315103A38\pcspeedup_oc.exe

[2012/09/02 18:42:13 | 013,491,699 | ---- | M] () -- C:\Users\Tini\AppData\Roaming\OpenCandy\B8756A17719C44A9997FDF36F684780A\TuneUpUtilities2012_de-DE-p2v1.exe

 
 < %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >

[2012/06/19 16:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl1.sys

[2012/08/13 17:24:22 | 000,075,096 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klflt.sys

[2012/11/15 17:12:22 | 000,589,144 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klif.sys

[2012/08/02 14:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klim6.sys

[2012/10/10 17:11:52 | 000,025,944 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klkbdflt.sys

[2012/10/10 17:11:52 | 000,025,944 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klmouflt.sys

[2012/11/15 17:12:22 | 000,043,608 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\kltdi.sys

[2012/08/13 15:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\kneps.sys

 
 < %SYSTEMROOT%\System32\config\*.sav >

 
 < %SYSTEMROOT%\*. /mp /s >

 
 < %SYSTEMROOT%\system32\*.dll /lockedfiles >

[20 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 

< End of report >

Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus.

aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

So, GMER ist mir hängen geblieben, als ich es im abgesicherten modus versucht habe ist der screen blau geworden mittendrin, es stand dass ein problem aufgetreten ist und irgendetwas von dump crash (konnte mir nicht alles merken da der pc sofort neugestartet hat)

hier das ergebnis von aswMBR:

Code:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2012-11-27 22:30:42

-----------------------------

22:30:42.661    OS Version: Windows 6.1.7600 

22:30:42.661    Number of processors: 2 586 0x170A

22:30:42.671    ComputerName: TINI-PC  UserName: Tini

22:30:43.961    Initialize success

22:30:50.566    AVAST engine defs: 12112701

22:31:05.386    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

22:31:05.386    Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3

22:31:05.402    Disk 0 MBR read successfully

22:31:05.402    Disk 0 MBR scan

22:31:05.417    Disk 0 unknown MBR code

22:31:05.417    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS           99 MB offset 2048

22:31:05.433    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       922022 MB offset 204800

22:31:05.464    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        30720 MB offset 1888505856

22:31:05.480    Disk 0 Partition 4 00     12  Compaq diag NTFS         1026 MB offset 1951420416

22:31:05.480    Disk 0 scanning sectors +1953523120

22:31:05.604    Disk 0 scanning C:\Windows\system32\drivers

22:31:14.818    Service scanning

22:31:21.797    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5

22:31:22.405    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5

22:31:22.436    Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5

22:31:22.483    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5

22:31:22.530    Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5

22:31:22.577    Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5

22:31:34.840    Modules scanning

22:31:42.072    Disk 0 trace - called modules:

22:31:42.102    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 

22:31:42.112    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88dac030]

22:31:42.112    3 CLASSPNP.SYS[8cb7c59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86599028]

22:31:43.937    AVAST engine scan C:\Windows

22:31:47.709    AVAST engine scan C:\Windows\system32

22:34:32.355    AVAST engine scan C:\Windows\system32\drivers

22:34:45.320    AVAST engine scan C:\Users\Tini

22:41:10.310    AVAST engine scan C:\ProgramData

22:42:15.500    Scan finished successfully

22:43:44.749    Disk 0 MBR has been saved successfully to "C:\Users\Tini\Desktop\MBR.dat"

22:43:44.765    The log file has been saved successfully to "C:\Users\Tini\Desktop\aswMBR.txt"

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

bitteschön:

Code:

08:24:11.0479 2228  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

08:24:11.0604 2228  ============================================================

08:24:11.0604 2228  Current date / time: 2012/11/28 08:24:11.0604

08:24:11.0604 2228  SystemInfo:

08:24:11.0604 2228  

08:24:11.0604 2228  OS Version: 6.1.7600 ServicePack: 0.0

08:24:11.0604 2228  Product type: Workstation

08:24:11.0604 2228  ComputerName: TINI-PC

08:24:11.0604 2228  UserName: Tini

08:24:11.0604 2228  Windows directory: C:\Windows

08:24:11.0604 2228  System windows directory: C:\Windows

08:24:11.0604 2228  Processor architecture: Intel x86

08:24:11.0604 2228  Number of processors: 2

08:24:11.0604 2228  Page size: 0x1000

08:24:11.0604 2228  Boot type: Normal boot

08:24:11.0604 2228  ============================================================

08:24:14.0793 2228  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

08:24:14.0793 2228  ============================================================

08:24:14.0793 2228  \Device\Harddisk0\DR0:

08:24:14.0793 2228  MBR partitions:

08:24:14.0793 2228  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x31800

08:24:14.0793 2228  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32000, BlocksNum 0x708D3000

08:24:14.0793 2228  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x70905000, BlocksNum 0x3C00000

08:24:14.0793 2228  ============================================================

08:24:14.0855 2228  C: <-> \Device\Harddisk0\DR0\Partition2

08:24:14.0964 2228  D: <-> \Device\Harddisk0\DR0\Partition3

08:24:14.0964 2228  ============================================================

08:24:14.0964 2228  Initialize success

08:24:14.0964 2228  ============================================================

08:24:38.0243 4396  ============================================================

08:24:38.0243 4396  Scan started

08:24:38.0243 4396  Mode: Manual; SigCheck; TDLFS; 

08:24:38.0243 4396  ============================================================

08:24:38.0571 4396  ================ Scan system memory ========================

08:24:38.0571 4396  System memory - ok

08:24:38.0571 4396  ================ Scan services =============================

08:24:38.0727 4396  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys

08:24:38.0836 4396  1394ohci - ok

08:24:38.0883 4396  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys

08:24:38.0899 4396  ACPI - ok

08:24:38.0914 4396  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys

08:24:38.0992 4396  AcpiPmi - ok

08:24:39.0086 4396  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

08:24:39.0117 4396  AdobeFlashPlayerUpdateSvc - ok

08:24:39.0164 4396  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

08:24:39.0179 4396  adp94xx - ok

08:24:39.0195 4396  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

08:24:39.0226 4396  adpahci - ok

08:24:39.0242 4396  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

08:24:39.0257 4396  adpu320 - ok

08:24:39.0304 4396  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

08:24:39.0335 4396  AeLookupSvc - ok

08:24:39.0382 4396  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys

08:24:39.0429 4396  AFD - ok

08:24:39.0460 4396  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys

08:24:39.0476 4396  agp440 - ok

08:24:39.0491 4396  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys

08:24:39.0507 4396  aic78xx - ok

08:24:39.0538 4396  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe

08:24:39.0585 4396  ALG - ok

08:24:39.0601 4396  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys

08:24:39.0616 4396  aliide - ok

08:24:39.0616 4396  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys

08:24:39.0647 4396  amdagp - ok

08:24:39.0663 4396  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys

08:24:39.0679 4396  amdide - ok

08:24:39.0694 4396  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

08:24:39.0735 4396  AmdK8 - ok

08:24:39.0755 4396  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

08:24:39.0795 4396  AmdPPM - ok

08:24:39.0825 4396  [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

08:24:39.0845 4396  amdsata - ok

08:24:39.0875 4396  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

08:24:39.0895 4396  amdsbs - ok

08:24:39.0915 4396  [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

08:24:39.0935 4396  amdxata - ok

08:24:39.0945 4396  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys

08:24:40.0025 4396  AppID - ok

08:24:40.0045 4396  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

08:24:40.0155 4396  AppIDSvc - ok

08:24:40.0205 4396  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll

08:24:40.0255 4396  Appinfo - ok

08:24:40.0385 4396  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:24:40.0405 4396  Apple Mobile Device - ok

08:24:40.0435 4396  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys

08:24:40.0445 4396  arc - ok

08:24:40.0465 4396  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

08:24:40.0485 4396  arcsas - ok

08:24:40.0495 4396  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

08:24:40.0575 4396  AsyncMac - ok

08:24:40.0615 4396  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys

08:24:40.0625 4396  atapi - ok

08:24:40.0655 4396  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

08:24:40.0705 4396  AudioEndpointBuilder - ok

08:24:40.0715 4396  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll

08:24:40.0755 4396  Audiosrv - ok

08:24:40.0845 4396  AVP - ok

08:24:40.0865 4396  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

08:24:40.0895 4396  AxInstSV - ok

08:24:40.0915 4396  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys

08:24:41.0005 4396  b06bdrv - ok

08:24:41.0055 4396  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys

08:24:41.0105 4396  b57nd60x - ok

08:24:41.0135 4396  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll

08:24:41.0195 4396  BDESVC - ok

08:24:41.0235 4396  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys

08:24:41.0285 4396  Beep - ok

08:24:41.0345 4396  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll

08:24:41.0395 4396  BFE - ok

08:24:41.0445 4396  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll

08:24:41.0505 4396  BITS - ok

08:24:41.0555 4396  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

08:24:41.0575 4396  blbdrive - ok

08:24:41.0615 4396  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

08:24:41.0635 4396  Bonjour Service - ok

08:24:41.0675 4396  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

08:24:41.0695 4396  bowser - ok

08:24:41.0715 4396  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

08:24:41.0745 4396  BrFiltLo - ok

08:24:41.0785 4396  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

08:24:41.0825 4396  BrFiltUp - ok

08:24:41.0855 4396  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll

08:24:41.0925 4396  Browser - ok

08:24:41.0985 4396  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

08:24:42.0066 4396  Brserid - ok

08:24:42.0076 4396  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

08:24:42.0106 4396  BrSerWdm - ok

08:24:42.0126 4396  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

08:24:42.0146 4396  BrUsbMdm - ok

08:24:42.0156 4396  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

08:24:42.0196 4396  BrUsbSer - ok

08:24:42.0236 4396  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys

08:24:42.0276 4396  BthEnum - ok

08:24:42.0286 4396  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

08:24:42.0306 4396  BTHMODEM - ok

08:24:42.0336 4396  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys

08:24:42.0346 4396  BthPan - ok

08:24:42.0376 4396  [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys

08:24:42.0396 4396  BTHPORT - ok

08:24:42.0436 4396  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll

08:24:42.0476 4396  bthserv - ok

08:24:42.0506 4396  [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys

08:24:42.0536 4396  BTHUSB - ok

08:24:42.0546 4396  [ 92C5B845803F3662637EB691AC0B250F ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys

08:24:42.0786 4396  btusbflt - ok

08:24:42.0826 4396  [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys

08:24:42.0846 4396  btwaudio - ok

08:24:42.0856 4396  [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys

08:24:42.0876 4396  btwavdt - ok

08:24:42.0926 4396  [ F7434401AE320BB97903A3C1865242FB ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

08:24:42.0946 4396  btwdins - ok

08:24:42.0956 4396  [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys

08:24:42.0966 4396  btwl2cap - ok

08:24:42.0986 4396  [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys

08:24:42.0996 4396  btwrchid - ok

08:24:43.0036 4396  [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS

08:24:43.0056 4396  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning

08:24:43.0056 4396  BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)

08:24:43.0096 4396  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

08:24:43.0136 4396  cdfs - ok

08:24:43.0166 4396  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

08:24:43.0196 4396  cdrom - ok

08:24:43.0236 4396  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll

08:24:43.0296 4396  CertPropSvc - ok

08:24:43.0326 4396  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

08:24:43.0358 4396  circlass - ok

08:24:43.0436 4396  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys

08:24:43.0467 4396  CLFS - ok

08:24:43.0560 4396  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:24:43.0576 4396  clr_optimization_v2.0.50727_32 - ok

08:24:43.0607 4396  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:24:43.0623 4396  clr_optimization_v4.0.30319_32 - ok

08:24:43.0638 4396  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

08:24:43.0654 4396  CmBatt - ok

08:24:43.0670 4396  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys

08:24:43.0685 4396  cmdide - ok

08:24:43.0716 4396  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys

08:24:43.0748 4396  CNG - ok

08:24:43.0779 4396  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

08:24:43.0810 4396  Compbatt - ok

08:24:43.0826 4396  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

08:24:43.0841 4396  CompositeBus - ok

08:24:43.0841 4396  COMSysApp - ok

08:24:43.0857 4396  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

08:24:43.0872 4396  crcdisk - ok

08:24:43.0904 4396  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll

08:24:43.0935 4396  CryptSvc - ok

08:24:44.0028 4396  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

08:24:44.0060 4396  cvhsvc - ok

08:24:44.0091 4396  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll

08:24:44.0122 4396  DcomLaunch - ok

08:24:44.0138 4396  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll

08:24:44.0184 4396  defragsvc - ok

08:24:44.0200 4396  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

08:24:44.0262 4396  DfsC - ok

08:24:44.0278 4396  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll

08:24:44.0340 4396  Dhcp - ok

08:24:44.0356 4396  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys

08:24:44.0387 4396  discache - ok

08:24:44.0418 4396  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys

08:24:44.0434 4396  Disk - ok

08:24:44.0465 4396  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

08:24:44.0496 4396  Dnscache - ok

08:24:44.0543 4396  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll

08:24:44.0590 4396  dot3svc - ok

08:24:44.0684 4396  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll

08:24:44.0746 4396  DPS - ok

08:24:44.0793 4396  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

08:24:44.0840 4396  drmkaud - ok

08:24:44.0871 4396  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

08:24:44.0902 4396  DXGKrnl - ok

08:24:44.0918 4396  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll

08:24:45.0089 4396  EapHost - ok

08:24:45.0198 4396  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys

08:24:45.0323 4396  ebdrv - ok

08:24:45.0339 4396  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe

08:24:45.0401 4396  EFS - ok

08:24:45.0448 4396  [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

08:24:45.0495 4396  ehRecvr - ok

08:24:45.0510 4396  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe

08:24:45.0557 4396  ehSched - ok

08:24:45.0573 4396  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

08:24:45.0604 4396  elxstor - ok

08:24:45.0666 4396  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys

08:24:45.0698 4396  ErrDev - ok

08:24:45.0854 4396  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll

08:24:45.0916 4396  EventSystem - ok

08:24:46.0014 4396  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys

08:24:46.0054 4396  exfat - ok

08:24:46.0114 4396  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

08:24:46.0184 4396  fastfat - ok

08:24:46.0244 4396  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe

08:24:46.0304 4396  Fax - ok

08:24:46.0324 4396  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

08:24:46.0344 4396  fdc - ok

08:24:46.0364 4396  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll

08:24:46.0394 4396  fdPHost - ok

08:24:46.0414 4396  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll

08:24:46.0464 4396  FDResPub - ok

08:24:46.0484 4396  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

08:24:46.0494 4396  FileInfo - ok

08:24:46.0514 4396  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

08:24:46.0554 4396  Filetrace - ok

08:24:46.0554 4396  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

08:24:46.0584 4396  flpydisk - ok

08:24:46.0604 4396  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

08:24:46.0624 4396  FltMgr - ok

08:24:46.0654 4396  [ 7FE4995528A7529A761875151EE3D512 ] FontCache       C:\Windows\system32\FntCache.dll

08:24:46.0694 4396  FontCache - ok

08:24:46.0754 4396  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

08:24:46.0784 4396  FontCache3.0.0.0 - ok

08:24:46.0794 4396  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

08:24:46.0814 4396  FsDepends - ok

08:24:46.0834 4396  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

08:24:46.0844 4396  Fs_Rec - ok

08:24:46.0864 4396  [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

08:24:46.0884 4396  fvevol - ok

08:24:46.0904 4396  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

08:24:46.0924 4396  gagp30kx - ok

08:24:46.0974 4396  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

08:24:46.0984 4396  GEARAspiWDM - ok

08:24:47.0014 4396  Giraffic - ok

08:24:47.0034 4396  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll

08:24:47.0064 4396  gpsvc - ok

08:24:47.0074 4396  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

08:24:47.0114 4396  hcw85cir - ok

08:24:47.0154 4396  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

08:24:47.0184 4396  HdAudAddService - ok

08:24:47.0204 4396  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

08:24:47.0224 4396  HDAudBus - ok

08:24:47.0244 4396  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

08:24:47.0264 4396  HidBatt - ok

08:24:47.0284 4396  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

08:24:47.0314 4396  HidBth - ok

08:24:47.0344 4396  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

08:24:47.0374 4396  HidIr - ok

08:24:47.0404 4396  [ 1FAB2540C1BD6DA847CCD292F4EEE48A ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys

08:24:47.0414 4396  hidkmdf - ok

08:24:47.0434 4396  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll

08:24:47.0484 4396  hidserv - ok

08:24:47.0514 4396  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

08:24:47.0534 4396  HidUsb - ok

08:24:47.0564 4396  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll

08:24:47.0614 4396  hkmsvc - ok

08:24:47.0634 4396  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

08:24:47.0684 4396  HomeGroupListener - ok

08:24:47.0704 4396  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

08:24:47.0734 4396  HomeGroupProvider - ok

08:24:47.0764 4396  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys

08:24:47.0784 4396  HpSAMD - ok

08:24:47.0814 4396  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys

08:24:47.0864 4396  HTTP - ok

08:24:47.0904 4396  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

08:24:47.0914 4396  hwpolicy - ok

08:24:47.0934 4396  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

08:24:47.0964 4396  i8042prt - ok

08:24:47.0994 4396  [ 5A6C5876FB84418D08D67B8CAED5EFCF ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys

08:24:48.0004 4396  iaStor - ok

08:24:48.0034 4396  [ DE9560E9703BFE1BD08014A406BE0033 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

08:24:48.0054 4396  IAStorDataMgrSvc - ok

08:24:48.0094 4396  [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

08:24:48.0114 4396  iaStorV - ok

08:24:48.0174 4396  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

08:24:48.0204 4396  idsvc - ok

08:24:48.0234 4396  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

08:24:48.0254 4396  iirsp - ok

08:24:48.0284 4396  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll

08:24:48.0324 4396  IKEEXT - ok

08:24:48.0404 4396  [ BA9A1F572D1A91559E6E76504CFD381C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

08:24:48.0464 4396  IntcAzAudAddService - ok

08:24:48.0474 4396  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

08:24:48.0494 4396  intelide - ok

08:24:48.0514 4396  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

08:24:48.0544 4396  intelppm - ok

08:24:48.0564 4396  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

08:24:48.0604 4396  IPBusEnum - ok

08:24:48.0624 4396  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:24:48.0664 4396  IpFilterDriver - ok

08:24:48.0684 4396  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

08:24:48.0724 4396  iphlpsvc - ok

08:24:48.0744 4396  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys

08:24:48.0764 4396  IPMIDRV - ok

08:24:48.0784 4396  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

08:24:48.0824 4396  IPNAT - ok

08:24:48.0874 4396  [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

08:24:48.0904 4396  iPod Service - ok

08:24:48.0924 4396  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys

08:24:48.0954 4396  IRENUM - ok

08:24:48.0974 4396  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys

08:24:48.0994 4396  isapnp - ok

08:24:49.0014 4396  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

08:24:49.0034 4396  iScsiPrt - ok

08:24:49.0044 4396  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

08:24:49.0054 4396  kbdclass - ok

08:24:49.0074 4396  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

08:24:49.0094 4396  kbdhid - ok

08:24:49.0104 4396  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe

08:24:49.0124 4396  KeyIso - ok

08:24:49.0154 4396  [ EA26CB00F83686856F2C79673C00C686 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys

08:24:49.0174 4396  KL1 - ok

08:24:49.0234 4396  [ FBC7F840F1118D358D2AFB8C1714B384 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys

08:24:49.0264 4396  KLIF - ok

08:24:49.0284 4396  [ AF127FE7DD5ED2BBC9049FD8A00DEFC2 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys

08:24:49.0294 4396  KLIM6 - ok

08:24:49.0324 4396  [ 24AEBAD59D1DE8A7CC36E8F09F999362 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys

08:24:49.0334 4396  klkbdflt - ok

08:24:49.0354 4396  [ A58507C2827C3AE1D4CCB2746AAB349F ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys

08:24:49.0374 4396  klmouflt - ok

08:24:49.0414 4396  [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys

08:24:49.0434 4396  kltdi - ok

08:24:49.0444 4396  [ 71A38C123600172511C26BFABD0EF579 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys

08:24:49.0464 4396  kneps - ok

08:24:49.0484 4396  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

08:24:49.0504 4396  KSecDD - ok

08:24:49.0524 4396  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

08:24:49.0544 4396  KSecPkg - ok

08:24:49.0574 4396  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll

08:24:49.0624 4396  KtmRm - ok

08:24:49.0644 4396  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\system32\srvsvc.dll

08:24:49.0674 4396  LanmanServer - ok

08:24:49.0684 4396  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

08:24:49.0744 4396  LanmanWorkstation - ok

08:24:49.0804 4396  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

08:24:49.0854 4396  lltdio - ok

08:24:49.0884 4396  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

08:24:49.0934 4396  lltdsvc - ok

08:24:49.0974 4396  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll

08:24:50.0034 4396  lmhosts - ok

08:24:50.0115 4396  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

08:24:50.0155 4396  LSI_FC - ok

08:24:50.0195 4396  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

08:24:50.0215 4396  LSI_SAS - ok

08:24:50.0225 4396  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

08:24:50.0245 4396  LSI_SAS2 - ok

08:24:50.0285 4396  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

08:24:50.0295 4396  LSI_SCSI - ok

08:24:50.0315 4396  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys

08:24:50.0341 4396  luafv - ok

08:24:50.0372 4396  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

08:24:50.0387 4396  Mcx2Svc - ok

08:24:50.0403 4396  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

08:24:50.0419 4396  megasas - ok

08:24:50.0450 4396  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

08:24:50.0465 4396  MegaSR - ok

08:24:50.0481 4396  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll

08:24:50.0528 4396  MMCSS - ok

08:24:50.0543 4396  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys

08:24:50.0590 4396  Modem - ok

08:24:50.0606 4396  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

08:24:50.0621 4396  monitor - ok

08:24:50.0621 4396  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

08:24:50.0637 4396  mouclass - ok

08:24:50.0653 4396  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

08:24:50.0684 4396  mouhid - ok

08:24:50.0699 4396  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

08:24:50.0715 4396  mountmgr - ok

08:24:50.0762 4396  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

08:24:50.0777 4396  MozillaMaintenance - ok

08:24:50.0793 4396  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys

08:24:50.0809 4396  mpio - ok

08:24:50.0824 4396  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

08:24:50.0855 4396  mpsdrv - ok

08:24:50.0887 4396  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll

08:24:50.0933 4396  MpsSvc - ok

08:24:50.0965 4396  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

08:24:50.0980 4396  MRxDAV - ok

08:24:51.0027 4396  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

08:24:51.0074 4396  mrxsmb - ok

08:24:51.0089 4396  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:24:51.0121 4396  mrxsmb10 - ok

08:24:51.0136 4396  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:24:51.0152 4396  mrxsmb20 - ok

08:24:51.0167 4396  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys

08:24:51.0183 4396  msahci - ok

08:24:51.0199 4396  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys

08:24:51.0230 4396  msdsm - ok

08:24:51.0245 4396  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe

08:24:51.0277 4396  MSDTC - ok

08:24:51.0292 4396  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys

08:24:51.0323 4396  Msfs - ok

08:24:51.0355 4396  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

08:24:51.0386 4396  mshidkmdf - ok

08:24:51.0401 4396  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys

08:24:51.0417 4396  msisadrv - ok

08:24:51.0448 4396  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

08:24:51.0479 4396  MSiSCSI - ok

08:24:51.0495 4396  msiserver - ok

08:24:51.0511 4396  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

08:24:51.0557 4396  MSKSSRV - ok

08:24:51.0589 4396  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

08:24:51.0620 4396  MSPCLOCK - ok

08:24:51.0651 4396  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

08:24:51.0682 4396  MSPQM - ok

08:24:51.0682 4396  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

08:24:51.0698 4396  MsRPC - ok

08:24:51.0713 4396  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

08:24:51.0729 4396  mssmbios - ok

08:24:51.0745 4396  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

08:24:51.0776 4396  MSTEE - ok

08:24:51.0807 4396  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

08:24:51.0838 4396  MTConfig - ok

08:24:51.0854 4396  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys

08:24:51.0869 4396  Mup - ok

08:24:51.0901 4396  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll

08:24:51.0947 4396  napagent - ok

08:24:51.0979 4396  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

08:24:51.0994 4396  NativeWifiP - ok

08:24:52.0025 4396  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys

08:24:52.0057 4396  NDIS - ok

08:24:52.0072 4396  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

08:24:52.0103 4396  NdisCap - ok

08:24:52.0119 4396  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

08:24:52.0166 4396  NdisTapi - ok

08:24:52.0197 4396  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

08:24:52.0228 4396  Ndisuio - ok

08:24:52.0244 4396  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

08:24:52.0291 4396  NdisWan - ok

08:24:52.0306 4396  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

08:24:52.0353 4396  NDProxy - ok

08:24:52.0353 4396  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

08:24:52.0400 4396  NetBIOS - ok

08:24:52.0415 4396  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

08:24:52.0447 4396  NetBT - ok

08:24:52.0462 4396  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe

08:24:52.0478 4396  Netlogon - ok

08:24:52.0509 4396  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll

08:24:52.0556 4396  Netman - ok

08:24:52.0571 4396  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll

08:24:52.0618 4396  netprofm - ok

08:24:52.0649 4396  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

08:24:52.0665 4396  NetTcpPortSharing - ok

08:24:52.0681 4396  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

08:24:52.0712 4396  nfrd960 - ok

08:24:52.0743 4396  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll

08:24:52.0774 4396  NlaSvc - ok

08:24:52.0790 4396  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

08:24:52.0821 4396  Npfs - ok

08:24:52.0837 4396  npggsvc - ok

08:24:52.0852 4396  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll

08:24:52.0899 4396  nsi - ok

08:24:52.0915 4396  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

08:24:52.0946 4396  nsiproxy - ok

08:24:53.0008 4396  [ 5126C5402C730C2A953275D8497A4715 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

08:24:53.0039 4396  Ntfs - ok

08:24:53.0055 4396  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys

08:24:53.0086 4396  Null - ok

08:24:53.0117 4396  [ EFF6795CDACB959D1AB89EB9B9C29B57 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys

08:24:53.0133 4396  NVHDA - ok

08:24:53.0320 4396  [ 50C1B2DD2A5B3ED82C6E4683C4AD58B8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

08:24:53.0476 4396  nvlddmkm - ok

08:24:53.0507 4396  [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

08:24:53.0523 4396  nvraid - ok

08:24:53.0570 4396  [ 4520B63899E867F354EE012D34E11536 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

08:24:53.0585 4396  nvstor - ok

08:24:53.0601 4396  [ D9051D79D19C63B67CA12BD1C3B6FFB3 ] nvsvc           C:\Windows\system32\nvvsvc.exe

08:24:53.0617 4396  nvsvc - ok

08:24:53.0648 4396  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys

08:24:53.0663 4396  nv_agp - ok

08:24:53.0679 4396  [ F1A718C6C6CD3EDF157FA3D459ADFEF7 ] NW1950          C:\Windows\system32\DRIVERS\NW1950.sys

08:24:53.0695 4396  NW1950 - ok

08:24:53.0726 4396  [ 953E08D5CA0B02697A8145AAA0CA28BE ] NxpCap          C:\Windows\system32\DRIVERS\NxpCap.sys

08:24:53.0788 4396  NxpCap - ok

08:24:53.0804 4396  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

08:24:53.0835 4396  ohci1394 - ok

08:24:53.0866 4396  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:24:53.0882 4396  ose - ok

08:24:54.0007 4396  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

08:24:54.0163 4396  osppsvc - ok

08:24:54.0209 4396  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

08:24:54.0225 4396  p2pimsvc - ok

08:24:54.0272 4396  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll

08:24:54.0303 4396  p2psvc - ok

08:24:54.0319 4396  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

08:24:54.0334 4396  Parport - ok

08:24:54.0365 4396  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys

08:24:54.0381 4396  partmgr - ok

08:24:54.0397 4396  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys

08:24:54.0412 4396  Parvdm - ok

08:24:54.0443 4396  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll

08:24:54.0475 4396  PcaSvc - ok

08:24:54.0490 4396  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys

08:24:54.0506 4396  pci - ok

08:24:54.0521 4396  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys

08:24:54.0537 4396  pciide - ok

08:24:54.0553 4396  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

08:24:54.0568 4396  pcmcia - ok

08:24:54.0584 4396  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys

08:24:54.0599 4396  pcw - ok

08:24:54.0693 4396  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

08:24:54.0771 4396  PEAUTH - ok

08:24:55.0106 4396  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll

08:24:55.0226 4396  pla - ok

08:24:55.0276 4396  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

08:24:55.0306 4396  PlugPlay - ok

08:24:55.0326 4396  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

08:24:55.0366 4396  PNRPAutoReg - ok

08:24:55.0386 4396  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

08:24:55.0406 4396  PNRPsvc - ok

08:24:55.0436 4396  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

08:24:55.0486 4396  PolicyAgent - ok

08:24:55.0536 4396  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll

08:24:55.0576 4396  Power - ok

08:24:55.0616 4396  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

08:24:55.0646 4396  PptpMiniport - ok

08:24:55.0676 4396  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

08:24:55.0736 4396  Processor - ok

08:24:55.0776 4396  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\Windows\system32\profsvc.dll

08:24:55.0796 4396  ProfSvc - ok

08:24:55.0806 4396  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe

08:24:55.0826 4396  ProtectedStorage - ok

08:24:55.0846 4396  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

08:24:55.0896 4396  Psched - ok

08:24:55.0956 4396  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

08:24:55.0966 4396  PSI_SVC_2 - ok

08:24:56.0006 4396  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

08:24:56.0046 4396  ql2300 - ok

08:24:56.0096 4396  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

08:24:56.0126 4396  ql40xx - ok

08:24:56.0177 4396  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll

08:24:56.0227 4396  QWAVE - ok

08:24:56.0247 4396  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

08:24:56.0277 4396  QWAVEdrv - ok

08:24:56.0297 4396  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

08:24:56.0327 4396  RasAcd - ok

08:24:56.0357 4396  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

08:24:56.0387 4396  RasAgileVpn - ok

08:24:56.0417 4396  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll

08:24:56.0447 4396  RasAuto - ok

08:24:56.0477 4396  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

08:24:56.0517 4396  Rasl2tp - ok

08:24:56.0547 4396  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll

08:24:56.0597 4396  RasMan - ok

08:24:56.0617 4396  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

08:24:56.0647 4396  RasPppoe - ok

08:24:56.0677 4396  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

08:24:56.0727 4396  RasSstp - ok

08:24:56.0747 4396  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

08:24:56.0777 4396  rdbss - ok

08:24:56.0837 4396  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

08:24:56.0867 4396  rdpbus - ok

08:24:56.0887 4396  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

08:24:56.0937 4396  RDPCDD - ok

08:24:56.0967 4396  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

08:24:57.0007 4396  RDPENCDD - ok

08:24:57.0037 4396  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

08:24:57.0067 4396  RDPREFMP - ok

08:24:57.0127 4396  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

08:24:57.0167 4396  RDPWD - ok

08:24:57.0207 4396  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

08:24:57.0227 4396  rdyboost - ok

08:24:57.0277 4396  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll

08:24:57.0347 4396  RemoteAccess - ok

08:24:57.0397 4396  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

08:24:57.0447 4396  RemoteRegistry - ok

08:24:57.0467 4396  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys

08:24:57.0497 4396  RFCOMM - ok

08:24:57.0567 4396  [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe

08:24:57.0587 4396  RichVideo - ok

08:24:57.0597 4396  RimUsb - ok

08:24:57.0637 4396  [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys

08:24:57.0677 4396  RimVSerPort - ok

08:24:57.0707 4396  [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys

08:24:57.0747 4396  ROOTMODEM - ok

08:24:57.0767 4396  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

08:24:57.0807 4396  RpcEptMapper - ok

08:24:57.0837 4396  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe

08:24:57.0867 4396  RpcLocator - ok

08:24:57.0902 4396  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll

08:24:57.0934 4396  RpcSs - ok

08:24:57.0949 4396  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

08:24:57.0980 4396  rspndr - ok

08:24:58.0012 4396  [ B87F999E05DD9C0312C83A8752E8E66B ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys

08:24:58.0027 4396  RSUSBSTOR - ok

08:24:58.0058 4396  [ 06BD46BE6141556125F89DF738333720 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys

08:24:58.0074 4396  RTL8167 - ok

08:24:58.0105 4396  [ CFD6C307BF5DB3B339BE9F92B95433B9 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys

08:24:58.0136 4396  rtl8192se - ok

08:24:58.0168 4396  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe

08:24:58.0183 4396  SamSs - ok

08:24:58.0214 4396  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys

08:24:58.0230 4396  sbp2port - ok

08:24:58.0246 4396  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

08:24:58.0277 4396  SCardSvr - ok

08:24:58.0308 4396  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

08:24:58.0339 4396  scfilter - ok

08:24:58.0370 4396  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll

08:24:58.0402 4396  Schedule - ok

08:24:58.0433 4396  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll

08:24:58.0464 4396  SCPolicySvc - ok

08:24:58.0480 4396  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

08:24:58.0511 4396  SDRSVC - ok

08:24:58.0526 4396  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

08:24:58.0573 4396  secdrv - ok

08:24:58.0589 4396  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll

08:24:58.0636 4396  seclogon - ok

08:24:58.0667 4396  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll

08:24:58.0698 4396  SENS - ok

08:24:58.0729 4396  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll

08:24:58.0760 4396  SensrSvc - ok

08:24:58.0776 4396  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

08:24:58.0792 4396  Serenum - ok

08:24:58.0823 4396  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

08:24:58.0870 4396  Serial - ok

08:24:58.0885 4396  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

08:24:58.0932 4396  sermouse - ok

08:24:58.0963 4396  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll

08:24:58.0994 4396  SessionEnv - ok

08:24:59.0026 4396  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys

08:24:59.0072 4396  sffdisk - ok

08:24:59.0088 4396  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys

08:24:59.0104 4396  sffp_mmc - ok

08:24:59.0119 4396  [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys

08:24:59.0135 4396  sffp_sd - ok

08:24:59.0166 4396  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

08:24:59.0182 4396  sfloppy - ok

08:24:59.0228 4396  [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys

08:24:59.0260 4396  Sftfs - ok

08:24:59.0291 4396  [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist         C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

08:24:59.0306 4396  sftlist - ok

08:24:59.0322 4396  [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys

08:24:59.0338 4396  Sftplay - ok

08:24:59.0353 4396  [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys

08:24:59.0369 4396  Sftredir - ok

08:24:59.0384 4396  [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys

08:24:59.0400 4396  Sftvol - ok

08:24:59.0416 4396  [ A5812F0281CA5081BF696626F9BF324D ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

08:24:59.0431 4396  sftvsa - ok

08:24:59.0447 4396  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

08:24:59.0509 4396  SharedAccess - ok

08:24:59.0572 4396  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

08:24:59.0618 4396  ShellHWDetection - ok

08:24:59.0634 4396  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys

08:24:59.0650 4396  sisagp - ok

08:24:59.0681 4396  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

08:24:59.0696 4396  SiSRaid2 - ok

08:24:59.0712 4396  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

08:24:59.0728 4396  SiSRaid4 - ok

08:24:59.0748 4396  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys

08:24:59.0788 4396  Smb - ok

08:24:59.0838 4396  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

08:24:59.0888 4396  SNMPTRAP - ok

08:24:59.0908 4396  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys

08:24:59.0918 4396  spldr - ok

08:24:59.0968 4396  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\Windows\System32\spoolsv.exe

08:24:59.0988 4396  Spooler - ok

08:25:00.0098 4396  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe

08:25:00.0168 4396  sppsvc - ok

08:25:00.0208 4396  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

08:25:00.0258 4396  sppuinotify - ok

08:25:00.0358 4396  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys

08:25:00.0418 4396  srv - ok

08:25:00.0448 4396  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

08:25:00.0488 4396  srv2 - ok

08:25:00.0508 4396  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

08:25:00.0528 4396  srvnet - ok

08:25:00.0538 4396  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

08:25:00.0578 4396  SSDPSRV - ok

08:25:00.0608 4396  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

08:25:00.0648 4396  SstpSvc - ok

08:25:00.0658 4396  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

08:25:00.0678 4396  stexstor - ok

08:25:00.0718 4396  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

08:25:00.0748 4396  StillCam - ok

08:25:00.0788 4396  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll

08:25:00.0838 4396  StiSvc - ok

08:25:00.0858 4396  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

08:25:00.0878 4396  swenum - ok

08:25:00.0888 4396  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll

08:25:00.0938 4396  swprv - ok

08:25:00.0978 4396  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll

08:25:01.0018 4396  SysMain - ok

08:25:01.0028 4396  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll

08:25:01.0068 4396  TabletInputService - ok

08:25:01.0088 4396  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll

08:25:01.0138 4396  TapiSrv - ok

08:25:01.0158 4396  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll

08:25:01.0188 4396  TBS - ok

08:25:01.0248 4396  [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

08:25:01.0278 4396  Tcpip - ok

08:25:01.0298 4396  [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

08:25:01.0338 4396  TCPIP6 - ok

08:25:01.0358 4396  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

08:25:01.0408 4396  tcpipreg - ok

08:25:01.0428 4396  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

08:25:01.0458 4396  TDPIPE - ok

08:25:01.0478 4396  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

08:25:01.0488 4396  TDTCP - ok

08:25:01.0508 4396  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

08:25:01.0548 4396  tdx - ok

08:25:01.0568 4396  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

08:25:01.0578 4396  TermDD - ok

08:25:01.0608 4396  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll

08:25:01.0658 4396  TermService - ok

08:25:01.0698 4396  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll

08:25:01.0728 4396  Themes - ok

08:25:01.0748 4396  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll

08:25:01.0778 4396  THREADORDER - ok

08:25:01.0798 4396  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll

08:25:01.0838 4396  TrkWks - ok

08:25:01.0868 4396  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

08:25:01.0908 4396  TrustedInstaller - ok

08:25:01.0928 4396  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

08:25:01.0958 4396  tssecsrv - ok

08:25:01.0998 4396  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

08:25:02.0048 4396  tunnel - ok

08:25:02.0068 4396  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

08:25:02.0078 4396  uagp35 - ok

08:25:02.0098 4396  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

08:25:02.0148 4396  udfs - ok

08:25:02.0178 4396  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

08:25:02.0208 4396  UI0Detect - ok

08:25:02.0238 4396  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys

08:25:02.0248 4396  uliagpkx - ok

08:25:02.0268 4396  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

08:25:02.0278 4396  umbus - ok

08:25:02.0298 4396  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

08:25:02.0318 4396  UmPass - ok

08:25:02.0338 4396  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll

08:25:02.0398 4396  upnphost - ok

08:25:02.0448 4396  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys

08:25:02.0508 4396  USBAAPL - ok

08:25:02.0548 4396  [ C31AE588E403042632DC796CF09E30B0 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

08:25:02.0568 4396  usbccgp - ok

08:25:02.0588 4396  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys

08:25:02.0628 4396  usbcir - ok

08:25:02.0628 4396  [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

08:25:02.0648 4396  usbehci - ok

08:25:02.0668 4396  [ BDCD7156EC37448F08633FD899823620 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

08:25:02.0688 4396  usbhub - ok

08:25:02.0698 4396  [ EB2D819A639015253C871CDA09D91D58 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

08:25:02.0728 4396  usbohci - ok

08:25:02.0768 4396  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

08:25:02.0788 4396  usbprint - ok

08:25:02.0828 4396  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

08:25:02.0848 4396  usbscan - ok

08:25:02.0878 4396  [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:25:02.0908 4396  USBSTOR - ok

08:25:02.0928 4396  [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

08:25:02.0948 4396  usbuhci - ok

08:25:02.0968 4396  [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

08:25:03.0028 4396  usbvideo - ok

08:25:03.0038 4396  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll

08:25:03.0078 4396  UxSms - ok

08:25:03.0078 4396  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe

08:25:03.0098 4396  VaultSvc - ok

08:25:03.0108 4396  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys

08:25:03.0128 4396  vdrvroot - ok

08:25:03.0148 4396  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe

08:25:03.0168 4396  vds - ok

08:25:03.0189 4396  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

08:25:03.0219 4396  vga - ok

08:25:03.0239 4396  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys

08:25:03.0269 4396  VgaSave - ok

08:25:03.0299 4396  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys

08:25:03.0309 4396  vhdmp - ok

08:25:03.0329 4396  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys

08:25:03.0349 4396  viaagp - ok

08:25:03.0359 4396  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys

08:25:03.0379 4396  ViaC7 - ok

08:25:03.0399 4396  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys

08:25:03.0409 4396  viaide - ok

08:25:03.0429 4396  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys

08:25:03.0439 4396  volmgr - ok

08:25:03.0459 4396  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

08:25:03.0479 4396  volmgrx - ok

08:25:03.0499 4396  [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys

08:25:03.0509 4396  volsnap - ok

08:25:03.0549 4396  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

08:25:03.0559 4396  vsmraid - ok

08:25:03.0589 4396  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe

08:25:03.0639 4396  VSS - ok

08:25:03.0679 4396  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

08:25:03.0709 4396  vwifibus - ok

08:25:03.0719 4396  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

08:25:03.0759 4396  vwififlt - ok

08:25:03.0779 4396  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll

08:25:03.0819 4396  W32Time - ok

08:25:03.0839 4396  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

08:25:03.0859 4396  WacomPen - ok

08:25:03.0879 4396  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

08:25:03.0919 4396  WANARP - ok

08:25:03.0919 4396  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

08:25:03.0949 4396  Wanarpv6 - ok

08:25:04.0029 4396  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

08:25:04.0089 4396  WatAdminSvc - ok

08:25:04.0129 4396  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe

08:25:04.0199 4396  wbengine - ok

08:25:04.0229 4396  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

08:25:04.0269 4396  WbioSrvc - ok

08:25:04.0299 4396  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

08:25:04.0354 4396  wcncsvc - ok

08:25:04.0370 4396  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

08:25:04.0417 4396  WcsPlugInService - ok

08:25:04.0432 4396  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys

08:25:04.0448 4396  Wd - ok

08:25:04.0479 4396  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

08:25:04.0510 4396  Wdf01000 - ok

08:25:04.0526 4396  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll

08:25:04.0557 4396  WdiServiceHost - ok

08:25:04.0557 4396  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll

08:25:04.0588 4396  WdiSystemHost - ok

08:25:04.0619 4396  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\Windows\System32\webclnt.dll

08:25:04.0651 4396  WebClient - ok

08:25:04.0666 4396  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll

08:25:04.0713 4396  Wecsvc - ok

08:25:04.0729 4396  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll

08:25:04.0775 4396  wercplsupport - ok

08:25:04.0807 4396  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll

08:25:04.0838 4396  WerSvc - ok

08:25:04.0869 4396  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

08:25:04.0900 4396  WfpLwf - ok

08:25:04.0931 4396  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

08:25:04.0947 4396  WIMMount - ok

08:25:04.0994 4396  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll

08:25:05.0025 4396  WinDefend - ok

08:25:05.0025 4396  WinHttpAutoProxySvc - ok

08:25:05.0072 4396  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

08:25:05.0150 4396  Winmgmt - ok

08:25:05.0238 4396  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll

08:25:05.0318 4396  WinRM - ok

08:25:05.0388 4396  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

08:25:05.0438 4396  WinUsb - ok

08:25:05.0468 4396  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll

08:25:05.0518 4396  Wlansvc - ok

08:25:05.0598 4396  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

08:25:05.0638 4396  wlidsvc - ok

08:25:05.0658 4396  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

08:25:05.0698 4396  WmiAcpi - ok

08:25:05.0728 4396  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

08:25:05.0758 4396  wmiApSrv - ok

08:25:05.0798 4396  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe

08:25:05.0848 4396  WMPNetworkSvc - ok

08:25:05.0858 4396  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll

08:25:05.0908 4396  WPCSvc - ok

08:25:05.0928 4396  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

08:25:05.0968 4396  WPDBusEnum - ok

08:25:05.0978 4396  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

08:25:06.0028 4396  ws2ifsl - ok

08:25:06.0058 4396  [ A661A76333057B383A06E65F0073222F ] wscsvc          C:\Windows\System32\wscsvc.dll

08:25:06.0098 4396  wscsvc - ok

08:25:06.0098 4396  WSearch - ok

08:25:06.0238 4396  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll

08:25:06.0308 4396  wuauserv - ok

08:25:06.0358 4396  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

08:25:06.0408 4396  WudfPf - ok

08:25:06.0428 4396  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

08:25:06.0448 4396  WUDFRd - ok

08:25:06.0488 4396  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

08:25:06.0528 4396  wudfsvc - ok

08:25:06.0548 4396  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll

08:25:06.0588 4396  WwanSvc - ok

08:25:06.0628 4396  [ 1F93FCB5BAB3A921ECBA522F63586F4A ] X10Hid          C:\Windows\System32\Drivers\x10hid.sys

08:25:06.0638 4396  X10Hid - ok

08:25:06.0688 4396  [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets         C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

08:25:06.0708 4396  x10nets ( UnsignedFile.Multi.Generic ) - warning

08:25:06.0708 4396  x10nets - detected UnsignedFile.Multi.Generic (1)

08:25:06.0728 4396  [ 378DC1B0B1F62A7488EE8D31A3C6E949 ] XUIF            C:\Windows\System32\Drivers\x10ufx2.sys

08:25:06.0748 4396  XUIF - ok

08:25:06.0788 4396  [ 74EC37B9EAF9FCA015B933A526825C7A ] {60DB6561-0A84-4c94-AF33-288405CFD56D} C:\Program Files\CyberLink\PowerCinema Movie\000.fcl

08:25:06.0798 4396  {60DB6561-0A84-4c94-AF33-288405CFD56D} - ok

08:25:06.0798 4396  ================ Scan global ===============================

08:25:06.0828 4396  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll

08:25:06.0858 4396  [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll

08:25:06.0868 4396  [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll

08:25:06.0898 4396  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll

08:25:06.0928 4396  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe

08:25:06.0938 4396  [Global] - ok

08:25:06.0938 4396  ================ Scan MBR ==================================

08:25:06.0948 4396  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0

08:25:09.0727 4396  \Device\Harddisk0\DR0 ( TDSS File System ) - warning

08:25:09.0727 4396  \Device\Harddisk0\DR0 - detected TDSS File System (1)

08:25:09.0727 4396  ================ Scan VBR ==================================

08:25:09.0727 4396  [ F758BEADF2690C37F4DF05E0F5DF705F ] \Device\Harddisk0\DR0\Partition1

08:25:09.0727 4396  \Device\Harddisk0\DR0\Partition1 - ok

08:25:09.0758 4396  [ 99D413A8D4AFC5955094E5A36C9C1B89 ] \Device\Harddisk0\DR0\Partition2

08:25:09.0758 4396  \Device\Harddisk0\DR0\Partition2 - ok

08:25:09.0789 4396  [ BFF9B73ACA102FB0972D90EEFCEC23CF ] \Device\Harddisk0\DR0\Partition3

08:25:09.0789 4396  \Device\Harddisk0\DR0\Partition3 - ok

08:25:09.0789 4396  ============================================================

08:25:09.0789 4396  Scan finished

08:25:09.0789 4396  ============================================================

08:25:09.0821 2172  Detected object count: 3

08:25:09.0821 2172  Actual detected object count: 3

08:26:12.0801 2172  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user

08:26:12.0801 2172  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

08:26:12.0801 2172  x10nets ( UnsignedFile.Multi.Generic ) - skipped by user

08:26:12.0801 2172  x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 

08:26:12.0801 2172  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

08:26:12.0801 2172  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Du hast ein TDSS/TDL im System. Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Code:

ComboFix 12-11-28.01 - Tini 28.11.2012  11:10:47.1.2 - x86

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3070.1940 [GMT 1:00]

ausgeführt von:: c:\users\Tini\Desktop\ComboFix.exe

AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\program files\DealPly

c:\program files\DealPly\DealPlyTune.dll

c:\windows\system32\pt

c:\windows\system32\pt\Lagoon.resources.dll

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-10-28 bis 2012-11-28  ))))))))))))))))))))))))))))))

.

.

2012-11-28 11:09 . 2012-11-28 11:09        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-11-28 10:15 . 2012-11-28 10:15        60872        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{75624F61-8662-42B0-8778-B448EA578E5F}\offreg.dll

2012-11-27 18:54 . 2012-11-08 18:00        6812136        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{75624F61-8662-42B0-8778-B448EA578E5F}\mpengine.dll

2012-11-15 22:31 . 2012-07-26 03:39        526952        ----a-w-        c:\windows\system32\drivers\Wdf01000.sys

2012-11-15 22:31 . 2012-07-26 03:39        47720        ----a-w-        c:\windows\system32\drivers\WdfLdr.sys

2012-11-15 22:31 . 2012-07-26 02:46        9728        ----a-w-        c:\windows\system32\Wdfres.dll

2012-11-15 22:30 . 2012-07-26 02:33        66560        ----a-w-        c:\windows\system32\drivers\WUDFPf.sys

2012-11-15 22:30 . 2012-07-26 02:32        155136        ----a-w-        c:\windows\system32\drivers\WUDFRd.sys

2012-11-15 22:30 . 2012-07-26 03:20        73216        ----a-w-        c:\windows\system32\WUDFSvc.dll

2012-11-15 22:30 . 2012-07-26 03:20        172032        ----a-w-        c:\windows\system32\WUDFPlatform.dll

2012-11-15 22:30 . 2012-07-26 03:21        196608        ----a-w-        c:\windows\system32\WUDFHost.exe

2012-11-15 22:30 . 2012-07-26 03:20        613888        ----a-w-        c:\windows\system32\WUDFx.dll

2012-11-15 22:30 . 2012-07-26 03:20        38912        ----a-w-        c:\windows\system32\WUDFCoinstaller.dll

2012-11-15 15:58 . 2012-09-25 21:55        78336        ----a-w-        c:\windows\system32\synceng.dll

2012-11-15 15:58 . 2012-10-18 17:57        2344960        ----a-w-        c:\windows\system32\win32k.sys

2012-11-11 14:05 . 2012-11-11 14:05        --------        d-----w-        c:\users\Tini\AppData\Roaming\Mozilla-Cache

2012-11-11 14:04 . 2012-11-11 14:06        --------        d-----w-        c:\users\Tini\AppData\Roaming\Party

2012-11-11 14:03 . 2012-11-11 14:03        --------        d-----w-        C:\Programs

2012-11-08 16:27 . 2012-11-08 16:27        --------        d--h--w-        c:\windows\AxInstSV

2012-11-08 16:26 . 2012-11-08 16:26        --------        d-----w-        C:\Poker

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-20 13:34 . 2012-04-17 07:01        697272        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2012-11-20 13:34 . 2011-09-03 09:56        73656        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2012-11-15 16:12 . 2012-06-08 09:38        43608        ----a-w-        c:\windows\system32\drivers\kltdi.sys

2012-10-16 20:34 . 2012-11-27 18:53        559104        ----a-w-        c:\windows\apppatch\AcLayers.dll

2012-10-10 16:11 . 2012-07-25 12:53        25944        ----a-w-        c:\windows\system32\drivers\klmouflt.sys

2012-10-10 16:11 . 2012-05-25 17:38        25944        ----a-w-        c:\windows\system32\drivers\klkbdflt.sys

2012-09-25 21:52 . 2012-09-25 21:52        0        ----a-w-        c:\windows\system32\sho1298.tmp

2012-09-23 21:10 . 2012-09-23 21:10        0        ----a-w-        c:\windows\system32\shoAB96.tmp

2012-09-14 23:19 . 2012-09-14 23:19        0        ----a-w-        c:\windows\system32\sho1970.tmp

2012-09-14 18:30 . 2012-10-10 15:37        2048        ----a-w-        c:\windows\system32\tzres.dll

2012-08-31 17:21 . 2012-10-10 15:36        1210736        ----a-w-        c:\windows\system32\drivers\ntfs.sys

2012-08-30 17:18 . 2012-10-10 15:36        3958128        ----a-w-        c:\windows\system32\ntkrnlpa.exe

2012-08-30 17:18 . 2012-10-10 15:36        3902832        ----a-w-        c:\windows\system32\ntoskrnl.exe

2012-10-26 23:14 . 2012-10-26 23:14        261600        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]

2011-05-09 09:49        176936        ----a-w-        c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

"HP Deskjet 3070 B611 series (NET)"="c:\program files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" [2011-06-08 1804648]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-12-03 13838952]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-29 8391200]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2009-12-29 678432]

"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]

"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2010-01-19 75048]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2012-11-15 356376]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

.

c:\users\Tini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Tintenwarnungen überwachen - HP Deskjet 3070 B611 series (Netzwerk).lnk - c:\windows\system32\RunDll32.exe [2009-7-14 44544]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 795936]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer7"=wdmaud.drv

.

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]

S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [x]

S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [x]

S2 {60DB6561-0A84-4c94-AF33-288405CFD56D};Power Control [2010/07/22 11:43];c:\program files\CyberLink\PowerCinema Movie\000.fcl [x]

S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]

S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files\Giraffic\Veoh_GirafficWatchdog.exe [x]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]

S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

S3 hidkmdf;Microsoft HID Class Shim for KMDF;c:\windows\system32\DRIVERS\hidkmdf.sys [x]

S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [x]

S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]

S3 NW1950;NextWindow 1950 Touch Screen;c:\windows\system32\DRIVERS\NW1950.sys [x]

S3 NxpCap;CTX capture service;c:\windows\system32\DRIVERS\NxpCap.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]

S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]

S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - 36626872

*Deregistered* - 36626872

.

Inhalt des "geplante Tasks" Ordners

.

2012-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 13:34]

.

2012-11-28 c:\windows\Tasks\HP Photo Creations Messager.job

- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848

uInternet Settings,ProxyOverride = *.local

IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Free YouTube to MP3 Converter - c:\users\Tini\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Tini\AppData\Roaming\Mozilla\Firefox\Profiles\ecfa2ova.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/

FF - ExtSQL: 2012-10-09 21:36; content_blocker@kaspersky.com; c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com

FF - ExtSQL: 2012-10-09 21:36; url_advisor@kaspersky.com; c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com

FF - ExtSQL: 2012-10-09 21:36; virtual_keyboard@kaspersky.com; c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com

FF - user.js: extensions.softonic_i.hmpg - true

FF - user.js: extensions.softonic_i.hmpgUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc=

FF - user.js: extensions.softonic_i.dfltSrch - true

FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic)

FF - user.js: extensions.softonic_i.keyWordUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=2&cc=&q=

FF - user.js: extensions.softonic_i.dnsErr - true

FF - user.js: extensions.softonic_i.newTab - true

FF - user.js: extensions.softonic_i.newTabUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=15&cc=

FF - user.js: extensions.softonic_i.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=

FF - user.js: extensions.softonic_i.id - 1e6b7ca50000000000001c4bd6028871

FF - user.js: extensions.softonic_i.instlDay - 15421

FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5

FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5

FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.51:01

FF - user.js: extensions.softonic_i.prtnrId - softonic

FF - user.js: extensions.softonic_i.prdct - softonic

FF - user.js: extensions.softonic_i.aflt - SD

FF - user.js: extensions.softonic_i.smplGrp - eng7

FF - user.js: extensions.softonic_i.tlbrId - de12JANdefault

FF - user.js: extensions.softonic_i.instlRef - MON00015

FF - user.js: extensions.softonic_i.dfltLng - de

FF - user.js: extensions.softonic_i.excTlbr - false

FF - user.js: extensions.BabylonToolbar_i.newTab - false

user_pref('extensions.dealply.partner', 'vita');

user_pref('extensions.dealply.channel', 'vitaeazel');

user_pref('extensions.dealply.installId', 'v23500280561241430038462012032222252622');

user_pref('extensions.dealply.installIdSource', 'inst');

user_pref('extensions.dealply.sampleGroup', '2');

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112555&tt=2912_4

FF - user.js: extensions.BabylonToolbar_i.babExt - 

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 1e6b7ca50000000000001c4bd6028871

FF - user.js: extensions.BabylonToolbar_i.hardId - 1e6b7ca50000000000001c4bd6028871

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15541

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1713:58

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - base

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)

URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)

HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe

SafeBoot-BsScanner

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{60DB6561-0A84-4c94-AF33-288405CFD56D}]

"ImagePath"="\??\c:\program files\CyberLink\PowerCinema Movie\000.fcl"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-3648990694-1417340204-238680334-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*&wño]

@Class="Shell"

.

[HKEY_USERS\S-1-5-21-3648990694-1417340204-238680334-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*&wño\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-3648990694-1417340204-238680334-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*&wño]

"0"=hex:43,3a,5c,55,73,65,72,73,5c,54,69,6e,69,5c,64,77,68,65,6c,70,65,72,5c,

   54,65,6e,65,6d,65,6e,74,20,32,2e,6d,70,34,00,63,00,31,00,32,00,38,00,2e,00,\

"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2012-11-28  12:11:55

ComboFix-quarantined-files.txt  2012-11-28 11:11

.

Vor Suchlauf: 11 Verzeichnis(se), 837.245.505.536 Bytes frei

Nach Suchlauf: 16 Verzeichnis(se), 844.704.227.328 Bytes frei

.

- - End Of File - - D1FEAB4AA5D49048C866E759BC86611F

Mach bitte neue Logs mit aswMBR und TDSS-Killer

danke, bin erst vorhin dazu gekommen weiterzumachen

hier der aswMBR log

Code:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2012-11-27 22:30:42

-----------------------------

22:30:42.661    OS Version: Windows 6.1.7600 

22:30:42.661    Number of processors: 2 586 0x170A

22:30:42.671    ComputerName: TINI-PC  UserName: Tini

22:30:43.961    Initialize success

22:30:50.566    AVAST engine defs: 12112701

22:31:05.386    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

22:31:05.386    Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3

22:31:05.402    Disk 0 MBR read successfully

22:31:05.402    Disk 0 MBR scan

22:31:05.417    Disk 0 unknown MBR code

22:31:05.417    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS           99 MB offset 2048

22:31:05.433    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       922022 MB offset 204800

22:31:05.464    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        30720 MB offset 1888505856

22:31:05.480    Disk 0 Partition 4 00     12  Compaq diag NTFS         1026 MB offset 1951420416

22:31:05.480    Disk 0 scanning sectors +1953523120

22:31:05.604    Disk 0 scanning C:\Windows\system32\drivers

22:31:14.818    Service scanning

22:31:21.797    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5

22:31:22.405    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5

22:31:22.436    Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5

22:31:22.483    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5

22:31:22.530    Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5

22:31:22.577    Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5

22:31:34.840    Modules scanning

22:31:42.072    Disk 0 trace - called modules:

22:31:42.102    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 

22:31:42.112    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88dac030]

22:31:42.112    3 CLASSPNP.SYS[8cb7c59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86599028]

22:31:43.937    AVAST engine scan C:\Windows

22:31:47.709    AVAST engine scan C:\Windows\system32

22:34:32.355    AVAST engine scan C:\Windows\system32\drivers

22:34:45.320    AVAST engine scan C:\Users\Tini

22:41:10.310    AVAST engine scan C:\ProgramData

22:42:15.500    Scan finished successfully

22:43:44.749    Disk 0 MBR has been saved successfully to "C:\Users\Tini\Desktop\MBR.dat"

22:43:44.765    The log file has been saved successfully to "C:\Users\Tini\Desktop\aswMBR.txt"
 
 

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2012-11-28 20:13:58

-----------------------------

20:13:58.280    OS Version: Windows 6.1.7600 

20:13:58.280    Number of processors: 2 586 0x170A

20:13:58.280    ComputerName: TINI-PC  UserName: Tini

20:13:59.715    Initialize success

20:14:10.073    AVAST engine defs: 12112800

20:14:14.925    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

20:14:14.941    Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3

20:14:14.956    Disk 0 MBR read successfully

20:14:14.956    Disk 0 MBR scan

20:14:14.972    Disk 0 unknown MBR code

20:14:14.987    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS           99 MB offset 2048

20:14:14.987    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       922022 MB offset 204800

20:14:15.019    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        30720 MB offset 1888505856

20:14:15.050    Disk 0 Partition 4 00     12  Compaq diag NTFS         1026 MB offset 1951420416

20:14:15.050    Disk 0 scanning sectors +1953523120

20:14:15.128    Disk 0 scanning C:\Windows\system32\drivers

20:14:24.722    Service scanning

20:14:35.236    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5

20:14:35.860    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5

20:14:35.907    Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5

20:14:35.938    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5

20:14:35.985    Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5

20:14:36.032    Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5

20:14:47.670    Modules scanning

20:14:54.705    Disk 0 trace - called modules:

20:14:54.721    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 

20:14:54.736    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88da7310]

20:14:54.736    3 CLASSPNP.SYS[8cb7f59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8659a028]

20:14:56.749    AVAST engine scan C:\Windows

20:15:00.228    AVAST engine scan C:\Windows\system32

20:18:08.147    AVAST engine scan C:\Windows\system32\drivers

20:18:31.064    AVAST engine scan C:\Users\Tini

20:22:32.819    AVAST engine scan C:\ProgramData

20:23:39.864    Scan finished successfully

20:25:31.265    Disk 0 MBR has been saved successfully to "C:\Users\Tini\Desktop\MBR.dat"

20:25:31.296    The log file has been saved successfully to "C:\Users\Tini\Desktop\aswMBR.txt"

und der TDSS log:

Code:

20:27:33.0949 1844  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

20:27:34.0027 1844  ============================================================

20:27:34.0027 1844  Current date / time: 2012/11/28 20:27:34.0027

20:27:34.0027 1844  SystemInfo:

20:27:34.0027 1844  

20:27:34.0027 1844  OS Version: 6.1.7600 ServicePack: 0.0

20:27:34.0027 1844  Product type: Workstation

20:27:34.0027 1844  ComputerName: TINI-PC

20:27:34.0027 1844  UserName: Tini

20:27:34.0027 1844  Windows directory: C:\Windows

20:27:34.0027 1844  System windows directory: C:\Windows

20:27:34.0027 1844  Processor architecture: Intel x86

20:27:34.0027 1844  Number of processors: 2

20:27:34.0027 1844  Page size: 0x1000

20:27:34.0027 1844  Boot type: Normal boot

20:27:34.0027 1844  ============================================================

20:27:34.0510 1844  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

20:27:34.0510 1844  ============================================================

20:27:34.0510 1844  \Device\Harddisk0\DR0:

20:27:34.0510 1844  MBR partitions:

20:27:34.0510 1844  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x31800

20:27:34.0510 1844  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32000, BlocksNum 0x708D3000

20:27:34.0510 1844  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x70905000, BlocksNum 0x3C00000

20:27:34.0510 1844  ============================================================

20:27:34.0604 1844  C: <-> \Device\Harddisk0\DR0\Partition2

20:27:34.0651 1844  D: <-> \Device\Harddisk0\DR0\Partition3

20:27:34.0651 1844  ============================================================

20:27:34.0651 1844  Initialize success

20:27:34.0651 1844  ============================================================

20:27:39.0580 1668  ============================================================

20:27:39.0580 1668  Scan started

20:27:39.0580 1668  Mode: Manual; SigCheck; TDLFS; 

20:27:39.0580 1668  ============================================================

20:27:40.0017 1668  ================ Scan system memory ========================

20:27:40.0017 1668  System memory - ok

20:27:40.0017 1668  ================ Scan services =============================

20:27:40.0173 1668  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys

20:27:40.0313 1668  1394ohci - ok

20:27:40.0345 1668  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys

20:27:40.0360 1668  ACPI - ok

20:27:40.0391 1668  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys

20:27:40.0454 1668  AcpiPmi - ok

20:27:40.0563 1668  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

20:27:40.0610 1668  AdobeFlashPlayerUpdateSvc - ok

20:27:40.0657 1668  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

20:27:40.0672 1668  adp94xx - ok

20:27:40.0703 1668  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

20:27:40.0719 1668  adpahci - ok

20:27:40.0750 1668  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

20:27:40.0766 1668  adpu320 - ok

20:27:40.0813 1668  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

20:27:40.0859 1668  AeLookupSvc - ok

20:27:40.0891 1668  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys

20:27:40.0969 1668  AFD - ok

20:27:41.0031 1668  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys

20:27:41.0062 1668  agp440 - ok

20:27:41.0078 1668  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys

20:27:41.0109 1668  aic78xx - ok

20:27:41.0140 1668  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe

20:27:41.0171 1668  ALG - ok

20:27:41.0187 1668  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys

20:27:41.0203 1668  aliide - ok

20:27:41.0218 1668  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys

20:27:41.0234 1668  amdagp - ok

20:27:41.0249 1668  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys

20:27:41.0265 1668  amdide - ok

20:27:41.0281 1668  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

20:27:41.0312 1668  AmdK8 - ok

20:27:41.0327 1668  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

20:27:41.0359 1668  AmdPPM - ok

20:27:41.0390 1668  [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

20:27:41.0405 1668  amdsata - ok

20:27:41.0437 1668  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

20:27:41.0468 1668  amdsbs - ok

20:27:41.0483 1668  [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

20:27:41.0499 1668  amdxata - ok

20:27:41.0515 1668  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys

20:27:41.0608 1668  AppID - ok

20:27:41.0624 1668  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

20:27:41.0717 1668  AppIDSvc - ok

20:27:41.0733 1668  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll

20:27:41.0780 1668  Appinfo - ok

20:27:41.0873 1668  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:27:41.0889 1668  Apple Mobile Device - ok

20:27:41.0920 1668  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys

20:27:41.0936 1668  arc - ok

20:27:41.0951 1668  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

20:27:41.0967 1668  arcsas - ok

20:27:41.0983 1668  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

20:27:42.0076 1668  AsyncMac - ok

20:27:42.0092 1668  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys

20:27:42.0107 1668  atapi - ok

20:27:42.0139 1668  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:27:42.0201 1668  AudioEndpointBuilder - ok

20:27:42.0201 1668  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll

20:27:42.0248 1668  Audiosrv - ok

20:27:42.0326 1668  AVP - ok

20:27:42.0357 1668  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

20:27:42.0404 1668  AxInstSV - ok

20:27:42.0451 1668  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys

20:27:42.0529 1668  b06bdrv - ok

20:27:42.0544 1668  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys

20:27:42.0575 1668  b57nd60x - ok

20:27:42.0638 1668  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll

20:27:42.0700 1668  BDESVC - ok

20:27:42.0731 1668  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys

20:27:42.0778 1668  Beep - ok

20:27:42.0825 1668  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll

20:27:42.0856 1668  BFE - ok

20:27:42.0903 1668  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\system32\qmgr.dll

20:27:42.0965 1668  BITS - ok

20:27:42.0981 1668  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

20:27:42.0997 1668  blbdrive - ok

20:27:43.0043 1668  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

20:27:43.0075 1668  Bonjour Service - ok

20:27:43.0090 1668  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

20:27:43.0121 1668  bowser - ok

20:27:43.0137 1668  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:27:43.0168 1668  BrFiltLo - ok

20:27:43.0184 1668  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:27:43.0215 1668  BrFiltUp - ok

20:27:43.0262 1668  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

20:27:43.0309 1668  BridgeMP - ok

20:27:43.0340 1668  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll

20:27:43.0387 1668  Browser - ok

20:27:43.0418 1668  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

20:27:43.0465 1668  Brserid - ok

20:27:43.0480 1668  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

20:27:43.0511 1668  BrSerWdm - ok

20:27:43.0527 1668  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

20:27:43.0543 1668  BrUsbMdm - ok

20:27:43.0558 1668  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

20:27:43.0589 1668  BrUsbSer - ok

20:27:43.0621 1668  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys

20:27:43.0683 1668  BthEnum - ok

20:27:43.0699 1668  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

20:27:43.0730 1668  BTHMODEM - ok

20:27:43.0745 1668  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys

20:27:43.0777 1668  BthPan - ok

20:27:43.0808 1668  [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys

20:27:43.0823 1668  BTHPORT - ok

20:27:43.0855 1668  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll

20:27:43.0901 1668  bthserv - ok

20:27:43.0933 1668  [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys

20:27:43.0948 1668  BTHUSB - ok

20:27:43.0979 1668  [ 92C5B845803F3662637EB691AC0B250F ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys

20:27:43.0995 1668  btusbflt - ok

20:27:44.0026 1668  [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys

20:27:44.0042 1668  btwaudio - ok

20:27:44.0042 1668  [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys

20:27:44.0057 1668  btwavdt - ok

20:27:44.0135 1668  [ F7434401AE320BB97903A3C1865242FB ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

20:27:44.0182 1668  btwdins - ok

20:27:44.0182 1668  [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys

20:27:44.0198 1668  btwl2cap - ok

20:27:44.0213 1668  [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys

20:27:44.0213 1668  btwrchid - ok

20:27:44.0276 1668  [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS

20:27:44.0276 1668  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning

20:27:44.0276 1668  BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)

20:27:44.0354 1668  catchme - ok

20:27:44.0385 1668  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

20:27:44.0416 1668  cdfs - ok

20:27:44.0463 1668  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

20:27:44.0494 1668  cdrom - ok

20:27:44.0541 1668  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll

20:27:44.0588 1668  CertPropSvc - ok

20:27:44.0603 1668  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

20:27:44.0619 1668  circlass - ok

20:27:44.0635 1668  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys

20:27:44.0666 1668  CLFS - ok

20:27:44.0744 1668  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:27:44.0775 1668  clr_optimization_v2.0.50727_32 - ok

20:27:44.0806 1668  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:27:44.0822 1668  clr_optimization_v4.0.30319_32 - ok

20:27:44.0837 1668  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

20:27:44.0853 1668  CmBatt - ok

20:27:44.0884 1668  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys

20:27:44.0900 1668  cmdide - ok

20:27:44.0931 1668  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys

20:27:44.0947 1668  CNG - ok

20:27:44.0978 1668  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

20:27:44.0993 1668  Compbatt - ok

20:27:45.0009 1668  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

20:27:45.0025 1668  CompositeBus - ok

20:27:45.0040 1668  COMSysApp - ok

20:27:45.0056 1668  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

20:27:45.0071 1668  crcdisk - ok

20:27:45.0103 1668  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll

20:27:45.0149 1668  CryptSvc - ok

20:27:45.0212 1668  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

20:27:45.0243 1668  cvhsvc - ok

20:27:45.0259 1668  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll

20:27:45.0305 1668  DcomLaunch - ok

20:27:45.0321 1668  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll

20:27:45.0352 1668  defragsvc - ok

20:27:45.0368 1668  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

20:27:45.0430 1668  DfsC - ok

20:27:45.0461 1668  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll

20:27:45.0524 1668  Dhcp - ok

20:27:45.0539 1668  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys

20:27:45.0571 1668  discache - ok

20:27:45.0602 1668  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys

20:27:45.0617 1668  Disk - ok

20:27:45.0633 1668  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

20:27:45.0664 1668  Dnscache - ok

20:27:45.0695 1668  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll

20:27:45.0758 1668  dot3svc - ok

20:27:45.0789 1668  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll

20:27:45.0836 1668  DPS - ok

20:27:45.0851 1668  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

20:27:45.0898 1668  drmkaud - ok

20:27:45.0929 1668  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

20:27:45.0961 1668  DXGKrnl - ok

20:27:45.0976 1668  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll

20:27:46.0023 1668  EapHost - ok

20:27:46.0085 1668  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys

20:27:46.0195 1668  ebdrv - ok

20:27:46.0210 1668  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe

20:27:46.0273 1668  EFS - ok

20:27:46.0304 1668  [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

20:27:46.0351 1668  ehRecvr - ok

20:27:46.0366 1668  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe

20:27:46.0413 1668  ehSched - ok

20:27:46.0444 1668  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

20:27:46.0475 1668  elxstor - ok

20:27:46.0491 1668  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys

20:27:46.0507 1668  ErrDev - ok

20:27:46.0553 1668  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll

20:27:46.0600 1668  EventSystem - ok

20:27:46.0616 1668  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys

20:27:46.0647 1668  exfat - ok

20:27:46.0678 1668  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

20:27:46.0725 1668  fastfat - ok

20:27:46.0756 1668  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe

20:27:46.0819 1668  Fax - ok

20:27:46.0834 1668  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

20:27:46.0850 1668  fdc - ok

20:27:46.0881 1668  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll

20:27:46.0912 1668  fdPHost - ok

20:27:46.0912 1668  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll

20:27:46.0959 1668  FDResPub - ok

20:27:46.0975 1668  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

20:27:47.0006 1668  FileInfo - ok

20:27:47.0021 1668  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

20:27:47.0053 1668  Filetrace - ok

20:27:47.0053 1668  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

20:27:47.0099 1668  flpydisk - ok

20:27:47.0131 1668  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

20:27:47.0146 1668  FltMgr - ok

20:27:47.0193 1668  [ 7FE4995528A7529A761875151EE3D512 ] FontCache       C:\Windows\system32\FntCache.dll

20:27:47.0224 1668  FontCache - ok

20:27:47.0271 1668  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

20:27:47.0287 1668  FontCache3.0.0.0 - ok

20:27:47.0302 1668  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

20:27:47.0318 1668  FsDepends - ok

20:27:47.0349 1668  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

20:27:47.0365 1668  Fs_Rec - ok

20:27:47.0380 1668  [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

20:27:47.0411 1668  fvevol - ok

20:27:47.0427 1668  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

20:27:47.0443 1668  gagp30kx - ok

20:27:47.0489 1668  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:27:47.0505 1668  GEARAspiWDM - ok

20:27:47.0552 1668  Giraffic - ok

20:27:47.0567 1668  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll

20:27:47.0599 1668  gpsvc - ok

20:27:47.0614 1668  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

20:27:47.0661 1668  hcw85cir - ok

20:27:47.0677 1668  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:27:47.0708 1668  HdAudAddService - ok

20:27:47.0723 1668  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

20:27:47.0755 1668  HDAudBus - ok

20:27:47.0770 1668  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

20:27:47.0786 1668  HidBatt - ok

20:27:47.0801 1668  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

20:27:47.0848 1668  HidBth - ok

20:27:47.0864 1668  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

20:27:47.0895 1668  HidIr - ok

20:27:47.0926 1668  [ 1FAB2540C1BD6DA847CCD292F4EEE48A ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys

20:27:47.0942 1668  hidkmdf - ok

20:27:47.0957 1668  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll

20:27:47.0989 1668  hidserv - ok

20:27:48.0004 1668  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

20:27:48.0051 1668  HidUsb - ok

20:27:48.0082 1668  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll

20:27:48.0129 1668  hkmsvc - ok

20:27:48.0160 1668  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:27:48.0207 1668  HomeGroupListener - ok

20:27:48.0223 1668  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:27:48.0269 1668  HomeGroupProvider - ok

20:27:48.0316 1668  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys

20:27:48.0347 1668  HpSAMD - ok

20:27:48.0379 1668  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys

20:27:48.0441 1668  HTTP - ok

20:27:48.0472 1668  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

20:27:48.0488 1668  hwpolicy - ok

20:27:48.0503 1668  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

20:27:48.0550 1668  i8042prt - ok

20:27:48.0566 1668  [ 5A6C5876FB84418D08D67B8CAED5EFCF ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys

20:27:48.0581 1668  iaStor - ok

20:27:48.0628 1668  [ DE9560E9703BFE1BD08014A406BE0033 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

20:27:48.0644 1668  IAStorDataMgrSvc - ok

20:27:48.0675 1668  [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

20:27:48.0706 1668  iaStorV - ok

20:27:48.0784 1668  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

20:27:48.0831 1668  idsvc - ok

20:27:48.0878 1668  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

20:27:48.0893 1668  iirsp - ok

20:27:48.0925 1668  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll

20:27:48.0971 1668  IKEEXT - ok

20:27:49.0065 1668  [ BA9A1F572D1A91559E6E76504CFD381C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys

20:27:49.0190 1668  IntcAzAudAddService - ok

20:27:49.0205 1668  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

20:27:49.0221 1668  intelide - ok

20:27:49.0252 1668  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

20:27:49.0283 1668  intelppm - ok

20:27:49.0299 1668  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

20:27:49.0346 1668  IPBusEnum - ok

20:27:49.0361 1668  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:27:49.0408 1668  IpFilterDriver - ok

20:27:49.0439 1668  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

20:27:49.0486 1668  iphlpsvc - ok

20:27:49.0502 1668  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys

20:27:49.0533 1668  IPMIDRV - ok

20:27:49.0549 1668  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

20:27:49.0595 1668  IPNAT - ok

20:27:49.0642 1668  [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

20:27:49.0658 1668  iPod Service - ok

20:27:49.0689 1668  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys

20:27:49.0720 1668  IRENUM - ok

20:27:49.0736 1668  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys

20:27:49.0751 1668  isapnp - ok

20:27:49.0783 1668  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

20:27:49.0814 1668  iScsiPrt - ok

20:27:49.0814 1668  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

20:27:49.0829 1668  kbdclass - ok

20:27:49.0845 1668  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

20:27:49.0861 1668  kbdhid - ok

20:27:49.0876 1668  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe

20:27:49.0892 1668  KeyIso - ok

20:27:49.0923 1668  [ EA26CB00F83686856F2C79673C00C686 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys

20:27:49.0939 1668  KL1 - ok

20:27:50.0001 1668  [ FBC7F840F1118D358D2AFB8C1714B384 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys

20:27:50.0032 1668  KLIF - ok

20:27:50.0048 1668  [ AF127FE7DD5ED2BBC9049FD8A00DEFC2 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys

20:27:50.0063 1668  KLIM6 - ok

20:27:50.0095 1668  [ 24AEBAD59D1DE8A7CC36E8F09F999362 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys

20:27:50.0110 1668  klkbdflt - ok

20:27:50.0126 1668  [ A58507C2827C3AE1D4CCB2746AAB349F ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys

20:27:50.0141 1668  klmouflt - ok

20:27:50.0173 1668  [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys

20:27:50.0188 1668  kltdi - ok

20:27:50.0204 1668  [ 71A38C123600172511C26BFABD0EF579 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys

20:27:50.0219 1668  kneps - ok

20:27:50.0251 1668  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

20:27:50.0266 1668  KSecDD - ok

20:27:50.0297 1668  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

20:27:50.0313 1668  KSecPkg - ok

20:27:50.0344 1668  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll

20:27:50.0391 1668  KtmRm - ok

20:27:50.0407 1668  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\System32\srvsvc.dll

20:27:50.0438 1668  LanmanServer - ok

20:27:50.0453 1668  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:27:50.0500 1668  LanmanWorkstation - ok

20:27:50.0547 1668  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

20:27:50.0594 1668  lltdio - ok

20:27:50.0609 1668  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

20:27:50.0656 1668  lltdsvc - ok

20:27:50.0687 1668  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll

20:27:50.0719 1668  lmhosts - ok

20:27:50.0750 1668  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

20:27:50.0765 1668  LSI_FC - ok

20:27:50.0781 1668  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

20:27:50.0797 1668  LSI_SAS - ok

20:27:50.0812 1668  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:27:50.0828 1668  LSI_SAS2 - ok

20:27:50.0843 1668  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:27:50.0859 1668  LSI_SCSI - ok

20:27:50.0875 1668  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys

20:27:50.0906 1668  luafv - ok

20:27:50.0937 1668  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

20:27:50.0953 1668  Mcx2Svc - ok

20:27:50.0968 1668  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

20:27:50.0984 1668  megasas - ok

20:27:51.0015 1668  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

20:27:51.0031 1668  MegaSR - ok

20:27:51.0062 1668  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll

20:27:51.0093 1668  MMCSS - ok

20:27:51.0109 1668  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys

20:27:51.0156 1668  Modem - ok

20:27:51.0171 1668  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

20:27:51.0187 1668  monitor - ok

20:27:51.0187 1668  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

20:27:51.0218 1668  mouclass - ok

20:27:51.0218 1668  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

20:27:51.0249 1668  mouhid - ok

20:27:51.0265 1668  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

20:27:51.0280 1668  mountmgr - ok

20:27:51.0327 1668  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

20:27:51.0343 1668  MozillaMaintenance - ok

20:27:51.0358 1668  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys

20:27:51.0374 1668  mpio - ok

20:27:51.0390 1668  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

20:27:51.0421 1668  mpsdrv - ok

20:27:51.0452 1668  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll

20:27:51.0499 1668  MpsSvc - ok

20:27:51.0530 1668  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

20:27:51.0561 1668  MRxDAV - ok

20:27:51.0608 1668  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

20:27:51.0655 1668  mrxsmb - ok

20:27:51.0670 1668  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:27:51.0686 1668  mrxsmb10 - ok

20:27:51.0702 1668  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:27:51.0717 1668  mrxsmb20 - ok

20:27:51.0733 1668  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys

20:27:51.0748 1668  msahci - ok

20:27:51.0780 1668  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys

20:27:51.0795 1668  msdsm - ok

20:27:51.0811 1668  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe

20:27:51.0842 1668  MSDTC - ok

20:27:51.0873 1668  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys

20:27:51.0904 1668  Msfs - ok

20:27:51.0920 1668  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

20:27:51.0967 1668  mshidkmdf - ok

20:27:51.0967 1668  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys

20:27:51.0982 1668  msisadrv - ok

20:27:52.0014 1668  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

20:27:52.0060 1668  MSiSCSI - ok

20:27:52.0060 1668  msiserver - ok

20:27:52.0092 1668  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

20:27:52.0138 1668  MSKSSRV - ok

20:27:52.0154 1668  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

20:27:52.0201 1668  MSPCLOCK - ok

20:27:52.0216 1668  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

20:27:52.0263 1668  MSPQM - ok

20:27:52.0279 1668  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

20:27:52.0294 1668  MsRPC - ok

20:27:52.0326 1668  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

20:27:52.0341 1668  mssmbios - ok

20:27:52.0357 1668  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

20:27:52.0388 1668  MSTEE - ok

20:27:52.0404 1668  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

20:27:52.0419 1668  MTConfig - ok

20:27:52.0435 1668  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys

20:27:52.0450 1668  Mup - ok

20:27:52.0528 1668  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll

20:27:52.0591 1668  napagent - ok

20:27:52.0653 1668  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

20:27:52.0731 1668  NativeWifiP - ok

20:27:52.0965 1668  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys

20:27:52.0996 1668  NDIS - ok

20:27:53.0059 1668  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

20:27:53.0090 1668  NdisCap - ok

20:27:53.0184 1668  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

20:27:53.0262 1668  NdisTapi - ok

20:27:53.0324 1668  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

20:27:53.0402 1668  Ndisuio - ok

20:27:53.0433 1668  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

20:27:53.0496 1668  NdisWan - ok

20:27:53.0558 1668  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

20:27:53.0605 1668  NDProxy - ok

20:27:53.0636 1668  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

20:27:53.0683 1668  NetBIOS - ok

20:27:53.0730 1668  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

20:27:53.0761 1668  NetBT - ok

20:27:53.0792 1668  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe

20:27:53.0808 1668  Netlogon - ok

20:27:53.0964 1668  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll

20:27:54.0010 1668  Netman - ok

20:27:54.0120 1668  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll

20:27:54.0182 1668  netprofm - ok

20:27:54.0229 1668  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:27:54.0260 1668  NetTcpPortSharing - ok

20:27:54.0307 1668  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

20:27:54.0322 1668  nfrd960 - ok

20:27:54.0338 1668  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll

20:27:54.0385 1668  NlaSvc - ok

20:27:54.0416 1668  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

20:27:54.0447 1668  Npfs - ok

20:27:54.0494 1668  npggsvc - ok

20:27:54.0494 1668  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll

20:27:54.0525 1668  nsi - ok

20:27:54.0541 1668  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

20:27:54.0588 1668  nsiproxy - ok

20:27:54.0634 1668  [ 5126C5402C730C2A953275D8497A4715 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

20:27:54.0681 1668  Ntfs - ok

20:27:54.0697 1668  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys

20:27:54.0728 1668  Null - ok

20:27:54.0759 1668  [ EFF6795CDACB959D1AB89EB9B9C29B57 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys

20:27:54.0775 1668  NVHDA - ok

20:27:55.0009 1668  [ 50C1B2DD2A5B3ED82C6E4683C4AD58B8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

20:27:55.0274 1668  nvlddmkm - ok

20:27:55.0368 1668  [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

20:27:55.0399 1668  nvraid - ok

20:27:55.0414 1668  [ 4520B63899E867F354EE012D34E11536 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

20:27:55.0446 1668  nvstor - ok

20:27:55.0461 1668  [ D9051D79D19C63B67CA12BD1C3B6FFB3 ] nvsvc           C:\Windows\system32\nvvsvc.exe

20:27:55.0492 1668  nvsvc - ok

20:27:55.0492 1668  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys

20:27:55.0524 1668  nv_agp - ok

20:27:55.0539 1668  [ F1A718C6C6CD3EDF157FA3D459ADFEF7 ] NW1950          C:\Windows\system32\DRIVERS\NW1950.sys

20:27:55.0555 1668  NW1950 - ok

20:27:55.0789 1668  [ 953E08D5CA0B02697A8145AAA0CA28BE ] NxpCap          C:\Windows\system32\DRIVERS\NxpCap.sys

20:27:55.0882 1668  NxpCap - ok

20:27:55.0898 1668  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

20:27:55.0945 1668  ohci1394 - ok

20:27:55.0976 1668  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:27:55.0992 1668  ose - ok

20:27:56.0116 1668  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

20:27:56.0272 1668  osppsvc - ok

20:27:56.0304 1668  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

20:27:56.0350 1668  p2pimsvc - ok

20:27:56.0382 1668  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll

20:27:56.0397 1668  p2psvc - ok

20:27:56.0428 1668  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

20:27:56.0460 1668  Parport - ok

20:27:56.0491 1668  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys

20:27:56.0506 1668  partmgr - ok

20:27:56.0538 1668  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys

20:27:56.0569 1668  Parvdm - ok

20:27:56.0584 1668  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll

20:27:56.0631 1668  PcaSvc - ok

20:27:56.0647 1668  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys

20:27:56.0678 1668  pci - ok

20:27:56.0678 1668  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys

20:27:56.0694 1668  pciide - ok

20:27:56.0709 1668  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

20:27:56.0725 1668  pcmcia - ok

20:27:56.0740 1668  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys

20:27:56.0756 1668  pcw - ok

20:27:56.0787 1668  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

20:27:56.0850 1668  PEAUTH - ok

20:27:56.0928 1668  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll

20:27:57.0006 1668  pla - ok

20:27:57.0052 1668  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

20:27:57.0084 1668  PlugPlay - ok

20:27:57.0099 1668  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

20:27:57.0130 1668  PNRPAutoReg - ok

20:27:57.0146 1668  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

20:27:57.0162 1668  PNRPsvc - ok

20:27:57.0208 1668  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

20:27:57.0255 1668  PolicyAgent - ok

20:27:57.0302 1668  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll

20:27:57.0333 1668  Power - ok

20:27:57.0380 1668  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

20:27:57.0411 1668  PptpMiniport - ok

20:27:57.0458 1668  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

20:27:57.0505 1668  Processor - ok

20:27:57.0583 1668  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\Windows\system32\profsvc.dll

20:27:57.0630 1668  ProfSvc - ok

20:27:57.0645 1668  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:27:57.0661 1668  ProtectedStorage - ok

20:27:57.0739 1668  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

20:27:57.0801 1668  Psched - ok

20:27:58.0004 1668  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

20:27:58.0035 1668  PSI_SVC_2 - ok

20:27:58.0300 1668  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

20:27:58.0347 1668  ql2300 - ok

20:27:58.0394 1668  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

20:27:58.0425 1668  ql40xx - ok

20:27:58.0472 1668  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll

20:27:58.0519 1668  QWAVE - ok

20:27:58.0550 1668  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

20:27:58.0581 1668  QWAVEdrv - ok

20:27:58.0597 1668  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

20:27:58.0644 1668  RasAcd - ok

20:27:58.0690 1668  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

20:27:58.0737 1668  RasAgileVpn - ok

20:27:58.0800 1668  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll

20:27:58.0846 1668  RasAuto - ok

20:27:58.0878 1668  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

20:27:58.0924 1668  Rasl2tp - ok

20:27:59.0034 1668  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll

20:27:59.0127 1668  RasMan - ok

20:27:59.0143 1668  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

20:27:59.0174 1668  RasPppoe - ok

20:27:59.0205 1668  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

20:27:59.0252 1668  RasSstp - ok

20:27:59.0283 1668  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

20:27:59.0330 1668  rdbss - ok

20:27:59.0361 1668  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

20:27:59.0392 1668  rdpbus - ok

20:27:59.0408 1668  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

20:27:59.0470 1668  RDPCDD - ok

20:27:59.0502 1668  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

20:27:59.0533 1668  RDPENCDD - ok

20:27:59.0564 1668  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

20:27:59.0595 1668  RDPREFMP - ok

20:27:59.0658 1668  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

20:27:59.0720 1668  RDPWD - ok

20:27:59.0798 1668  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

20:27:59.0845 1668  rdyboost - ok

20:27:59.0892 1668  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll

20:27:59.0938 1668  RemoteAccess - ok

20:27:59.0970 1668  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

20:28:00.0016 1668  RemoteRegistry - ok

20:28:00.0032 1668  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys

20:28:00.0079 1668  RFCOMM - ok

20:28:00.0282 1668  [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe

20:28:00.0313 1668  RichVideo - ok

20:28:00.0328 1668  RimUsb - ok

20:28:00.0453 1668  [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys

20:28:00.0578 1668  RimVSerPort - ok

20:28:00.0703 1668  [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys

20:28:00.0781 1668  ROOTMODEM - ok

20:28:00.0874 1668  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

20:28:00.0968 1668  RpcEptMapper - ok

20:28:01.0030 1668  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe

20:28:01.0124 1668  RpcLocator - ok

20:28:01.0218 1668  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll

20:28:01.0264 1668  RpcSs - ok

20:28:01.0389 1668  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

20:28:01.0452 1668  rspndr - ok

20:28:01.0639 1668  [ B87F999E05DD9C0312C83A8752E8E66B ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys

20:28:01.0670 1668  RSUSBSTOR - ok

20:28:01.0826 1668  [ 06BD46BE6141556125F89DF738333720 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys

20:28:01.0857 1668  RTL8167 - ok

20:28:02.0029 1668  [ CFD6C307BF5DB3B339BE9F92B95433B9 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys

20:28:02.0076 1668  rtl8192se - ok

20:28:02.0138 1668  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe

20:28:02.0154 1668  SamSs - ok

20:28:02.0185 1668  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys

20:28:02.0200 1668  sbp2port - ok

20:28:02.0232 1668  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

20:28:02.0310 1668  SCardSvr - ok

20:28:02.0325 1668  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

20:28:02.0403 1668  scfilter - ok

20:28:02.0450 1668  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll

20:28:02.0559 1668  Schedule - ok

20:28:02.0606 1668  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll

20:28:02.0637 1668  SCPolicySvc - ok

20:28:02.0684 1668  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

20:28:02.0715 1668  SDRSVC - ok

20:28:02.0731 1668  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

20:28:02.0778 1668  secdrv - ok

20:28:02.0793 1668  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll

20:28:02.0840 1668  seclogon - ok

20:28:02.0871 1668  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll

20:28:02.0918 1668  SENS - ok

20:28:02.0934 1668  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll

20:28:02.0965 1668  SensrSvc - ok

20:28:02.0996 1668  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

20:28:03.0043 1668  Serenum - ok

20:28:03.0058 1668  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

20:28:03.0090 1668  Serial - ok

20:28:03.0121 1668  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

20:28:03.0168 1668  sermouse - ok

20:28:03.0199 1668  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll

20:28:03.0230 1668  SessionEnv - ok

20:28:03.0246 1668  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys

20:28:03.0292 1668  sffdisk - ok

20:28:03.0308 1668  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys

20:28:03.0324 1668  sffp_mmc - ok

20:28:03.0339 1668  [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys

20:28:03.0355 1668  sffp_sd - ok

20:28:03.0370 1668  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

20:28:03.0417 1668  sfloppy - ok

20:28:03.0464 1668  [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys

20:28:03.0480 1668  Sftfs - ok

20:28:03.0604 1668  [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist         C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

20:28:03.0620 1668  sftlist - ok

20:28:03.0792 1668  [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys

20:28:03.0823 1668  Sftplay - ok

20:28:03.0854 1668  [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys

20:28:03.0870 1668  Sftredir - ok

20:28:03.0901 1668  [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys

20:28:03.0948 1668  Sftvol - ok

20:28:04.0057 1668  [ A5812F0281CA5081BF696626F9BF324D ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

20:28:04.0072 1668  sftvsa - ok

20:28:04.0104 1668  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

20:28:04.0150 1668  SharedAccess - ok

20:28:04.0166 1668  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:28:04.0213 1668  ShellHWDetection - ok

20:28:04.0228 1668  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys

20:28:04.0244 1668  sisagp - ok

20:28:04.0275 1668  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:28:04.0291 1668  SiSRaid2 - ok

20:28:04.0322 1668  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

20:28:04.0338 1668  SiSRaid4 - ok

20:28:04.0384 1668  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys

20:28:04.0431 1668  Smb - ok

20:28:04.0525 1668  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

20:28:04.0587 1668  SNMPTRAP - ok

20:28:04.0603 1668  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys

20:28:04.0618 1668  spldr - ok

20:28:04.0743 1668  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\Windows\System32\spoolsv.exe

20:28:04.0790 1668  Spooler - ok

20:28:05.0336 1668  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe

20:28:05.0414 1668  sppsvc - ok

20:28:05.0430 1668  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

20:28:05.0539 1668  sppuinotify - ok

20:28:05.0664 1668  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys

20:28:05.0788 1668  srv - ok

20:28:05.0898 1668  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

20:28:05.0944 1668  srv2 - ok

20:28:06.0007 1668  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

20:28:06.0054 1668  srvnet - ok

20:28:06.0116 1668  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

20:28:06.0178 1668  SSDPSRV - ok

20:28:06.0225 1668  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

20:28:06.0350 1668  SstpSvc - ok

20:28:06.0428 1668  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

20:28:06.0444 1668  stexstor - ok

20:28:06.0537 1668  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

20:28:06.0584 1668  StillCam - ok

20:28:06.0709 1668  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll

20:28:06.0771 1668  StiSvc - ok

20:28:06.0787 1668  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

20:28:06.0802 1668  swenum - ok

20:28:06.0896 1668  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll

20:28:06.0958 1668  swprv - ok

20:28:07.0177 1668  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll

20:28:07.0224 1668  SysMain - ok

20:28:07.0239 1668  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:28:07.0286 1668  TabletInputService - ok

20:28:07.0348 1668  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll

20:28:07.0411 1668  TapiSrv - ok

20:28:07.0458 1668  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll

20:28:07.0504 1668  TBS - ok

20:28:07.0863 1668  [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

20:28:07.0926 1668  Tcpip - ok

20:28:07.0957 1668  [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

20:28:08.0004 1668  TCPIP6 - ok

20:28:08.0019 1668  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

20:28:08.0066 1668  tcpipreg - ok

20:28:08.0097 1668  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

20:28:08.0160 1668  TDPIPE - ok

20:28:08.0238 1668  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

20:28:08.0269 1668  TDTCP - ok

20:28:08.0300 1668  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

20:28:08.0347 1668  tdx - ok

20:28:08.0378 1668  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

20:28:08.0394 1668  TermDD - ok

20:28:08.0518 1668  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll

20:28:08.0659 1668  TermService - ok

20:28:08.0690 1668  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll

20:28:08.0737 1668  Themes - ok

20:28:08.0768 1668  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll

20:28:08.0799 1668  THREADORDER - ok

20:28:08.0908 1668  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll

20:28:09.0002 1668  TrkWks - ok

20:28:09.0189 1668  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:28:09.0283 1668  TrustedInstaller - ok

20:28:09.0314 1668  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

20:28:09.0345 1668  tssecsrv - ok

20:28:09.0439 1668  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

20:28:09.0517 1668  tunnel - ok

20:28:09.0532 1668  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

20:28:09.0548 1668  uagp35 - ok

20:28:09.0595 1668  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

20:28:09.0642 1668  udfs - ok

20:28:09.0720 1668  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

20:28:09.0751 1668  UI0Detect - ok

20:28:09.0766 1668  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys

20:28:09.0782 1668  uliagpkx - ok

20:28:09.0813 1668  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

20:28:09.0829 1668  umbus - ok

20:28:09.0844 1668  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

20:28:09.0891 1668  UmPass - ok

20:28:09.0954 1668  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll

20:28:10.0000 1668  upnphost - ok

20:28:10.0188 1668  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys

20:28:10.0219 1668  USBAAPL - ok

20:28:10.0281 1668  [ C31AE588E403042632DC796CF09E30B0 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

20:28:10.0328 1668  usbccgp - ok

20:28:10.0359 1668  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys

20:28:10.0390 1668  usbcir - ok

20:28:10.0437 1668  [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

20:28:10.0468 1668  usbehci - ok

20:28:10.0515 1668  [ BDCD7156EC37448F08633FD899823620 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

20:28:10.0562 1668  usbhub - ok

20:28:10.0578 1668  [ EB2D819A639015253C871CDA09D91D58 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

20:28:10.0609 1668  usbohci - ok

20:28:10.0656 1668  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

20:28:10.0687 1668  usbprint - ok

20:28:10.0765 1668  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

20:28:10.0796 1668  usbscan - ok

20:28:10.0843 1668  [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:28:10.0905 1668  USBSTOR - ok

20:28:10.0921 1668  [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

20:28:10.0952 1668  usbuhci - ok

20:28:10.0999 1668  [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

20:28:11.0030 1668  usbvideo - ok

20:28:11.0046 1668  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll

20:28:11.0092 1668  UxSms - ok

20:28:11.0124 1668  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe

20:28:11.0155 1668  VaultSvc - ok

20:28:11.0170 1668  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys

20:28:11.0186 1668  vdrvroot - ok

20:28:11.0217 1668  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe

20:28:11.0311 1668  vds - ok

20:28:11.0358 1668  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

20:28:11.0404 1668  vga - ok

20:28:11.0420 1668  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys

20:28:11.0467 1668  VgaSave - ok

20:28:11.0514 1668  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys

20:28:11.0545 1668  vhdmp - ok

20:28:11.0576 1668  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys

20:28:11.0592 1668  viaagp - ok

20:28:11.0607 1668  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys

20:28:11.0623 1668  ViaC7 - ok

20:28:11.0638 1668  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys

20:28:11.0654 1668  viaide - ok

20:28:11.0670 1668  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys

20:28:11.0685 1668  volmgr - ok

20:28:11.0716 1668  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

20:28:11.0748 1668  volmgrx - ok

20:28:11.0779 1668  [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys

20:28:11.0794 1668  volsnap - ok

20:28:11.0826 1668  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

20:28:11.0841 1668  vsmraid - ok

20:28:11.0872 1668  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe

20:28:11.0919 1668  VSS - ok

20:28:11.0966 1668  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

20:28:12.0060 1668  vwifibus - ok

20:28:12.0106 1668  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

20:28:12.0153 1668  vwififlt - ok

20:28:12.0200 1668  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll

20:28:12.0262 1668  W32Time - ok

20:28:12.0309 1668  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

20:28:12.0325 1668  WacomPen - ok

20:28:12.0340 1668  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

20:28:12.0387 1668  WANARP - ok

20:28:12.0387 1668  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

20:28:12.0418 1668  Wanarpv6 - ok

20:28:12.0528 1668  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

20:28:12.0590 1668  WatAdminSvc - ok

20:28:12.0652 1668  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe

20:28:12.0777 1668  wbengine - ok

20:28:12.0793 1668  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

20:28:12.0808 1668  WbioSrvc - ok

20:28:12.0840 1668  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

20:28:12.0933 1668  wcncsvc - ok

20:28:12.0964 1668  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:28:13.0011 1668  WcsPlugInService - ok

20:28:13.0027 1668  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys

20:28:13.0042 1668  Wd - ok

20:28:13.0074 1668  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

20:28:13.0105 1668  Wdf01000 - ok

20:28:13.0120 1668  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll

20:28:13.0152 1668  WdiServiceHost - ok

20:28:13.0167 1668  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll

20:28:13.0183 1668  WdiSystemHost - ok

20:28:13.0230 1668  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\Windows\System32\webclnt.dll

20:28:13.0276 1668  WebClient - ok

20:28:13.0292 1668  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll

20:28:13.0323 1668  Wecsvc - ok

20:28:13.0354 1668  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll

20:28:13.0401 1668  wercplsupport - ok

20:28:13.0432 1668  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll

20:28:13.0464 1668  WerSvc - ok

20:28:13.0495 1668  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

20:28:13.0526 1668  WfpLwf - ok

20:28:13.0557 1668  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

20:28:13.0573 1668  WIMMount - ok

20:28:13.0604 1668  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll

20:28:13.0635 1668  WinDefend - ok

20:28:13.0635 1668  WinHttpAutoProxySvc - ok

20:28:13.0838 1668  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

20:28:13.0885 1668  Winmgmt - ok

20:28:13.0932 1668  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll

20:28:13.0994 1668  WinRM - ok

20:28:14.0056 1668  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

20:28:14.0072 1668  WinUsb - ok

20:28:14.0103 1668  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll

20:28:14.0166 1668  Wlansvc - ok

20:28:14.0259 1668  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

20:28:14.0322 1668  wlidsvc - ok

20:28:14.0337 1668  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

20:28:14.0368 1668  WmiAcpi - ok

20:28:14.0400 1668  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

20:28:14.0431 1668  wmiApSrv - ok

20:28:14.0462 1668  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe

20:28:14.0524 1668  WMPNetworkSvc - ok

20:28:14.0556 1668  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll

20:28:14.0602 1668  WPCSvc - ok

20:28:14.0618 1668  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

20:28:14.0649 1668  WPDBusEnum - ok

20:28:14.0665 1668  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

20:28:14.0712 1668  ws2ifsl - ok

20:28:14.0758 1668  [ A661A76333057B383A06E65F0073222F ] wscsvc          C:\Windows\system32\wscsvc.dll

20:28:14.0821 1668  wscsvc - ok

20:28:14.0821 1668  WSearch - ok

20:28:14.0883 1668  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll

20:28:14.0946 1668  wuauserv - ok

20:28:14.0992 1668  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

20:28:15.0024 1668  WudfPf - ok

20:28:15.0055 1668  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

20:28:15.0070 1668  WUDFRd - ok

20:28:15.0117 1668  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

20:28:15.0148 1668  wudfsvc - ok

20:28:15.0164 1668  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll

20:28:15.0211 1668  WwanSvc - ok

20:28:15.0258 1668  [ 1F93FCB5BAB3A921ECBA522F63586F4A ] X10Hid          C:\Windows\System32\Drivers\x10hid.sys

20:28:15.0258 1668  X10Hid - ok

20:28:15.0320 1668  [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets         C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

20:28:15.0336 1668  x10nets ( UnsignedFile.Multi.Generic ) - warning

20:28:15.0336 1668  x10nets - detected UnsignedFile.Multi.Generic (1)

20:28:15.0367 1668  [ 378DC1B0B1F62A7488EE8D31A3C6E949 ] XUIF            C:\Windows\System32\Drivers\x10ufx2.sys

20:28:15.0382 1668  XUIF - ok

20:28:15.0445 1668  [ 74EC37B9EAF9FCA015B933A526825C7A ] {60DB6561-0A84-4c94-AF33-288405CFD56D} C:\Program Files\CyberLink\PowerCinema Movie\000.fcl

20:28:15.0476 1668  {60DB6561-0A84-4c94-AF33-288405CFD56D} - ok

20:28:15.0476 1668  ================ Scan global ===============================

20:28:15.0523 1668  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll

20:28:15.0554 1668  [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll

20:28:15.0570 1668  [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll

20:28:15.0601 1668  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll

20:28:15.0632 1668  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe

20:28:15.0632 1668  [Global] - ok

20:28:15.0632 1668  ================ Scan MBR ==================================

20:28:15.0648 1668  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0

20:28:18.0378 1668  \Device\Harddisk0\DR0 ( TDSS File System ) - warning

20:28:18.0378 1668  \Device\Harddisk0\DR0 - detected TDSS File System (1)

20:28:18.0378 1668  ================ Scan VBR ==================================

20:28:18.0378 1668  [ F758BEADF2690C37F4DF05E0F5DF705F ] \Device\Harddisk0\DR0\Partition1

20:28:18.0409 1668  \Device\Harddisk0\DR0\Partition1 - ok

20:28:18.0440 1668  [ 99D413A8D4AFC5955094E5A36C9C1B89 ] \Device\Harddisk0\DR0\Partition2

20:28:18.0471 1668  \Device\Harddisk0\DR0\Partition2 - ok

20:28:18.0502 1668  [ BFF9B73ACA102FB0972D90EEFCEC23CF ] \Device\Harddisk0\DR0\Partition3

20:28:18.0502 1668  \Device\Harddisk0\DR0\Partition3 - ok

20:28:18.0502 1668  ============================================================

20:28:18.0502 1668  Scan finished

20:28:18.0502 1668  ============================================================

20:28:18.0518 3256  Detected object count: 3

20:28:18.0518 3256  Actual detected object count: 3

20:28:31.0669 3256  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user

20:28:31.0669 3256  BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:28:31.0669 3256  x10nets ( UnsignedFile.Multi.Generic ) - skipped by user

20:28:31.0669 3256  x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 

20:28:31.0669 3256  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

20:28:31.0669 3256  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.

Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar.
Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast

Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

Anschließend Windows neu starten und ein neues Log mit aswMBR machen.

Ich habe FIXMBR gemacht und danach neugestartet und habe mit aswMBR einen neuen scan gemacht, aber mitten im scan startet mir der pc auf einmal neu?
habe den vorgang dann wiederholt, und er hat wieder mittendrin neugestartet7

woran kann das liegen? oder habe ich etwas wohl falsch gemacht?

Wie lange scannt aswMBR denn wenn es abstürzt? Nur einen Wimpernschlag oder schon eitwas länger?
Unten aswMBR mal so eingestellt dass bei "AV Scan" none ausgewählt ist?

tut mir leid, ich habe vergessen beim 2ten durchlauf 'none' auszuwählen und es so zu versuchen - sorry :/
(gescannt hat es übrigens nur etwa 1min bis zum absturz)
hat eben geklappt!

Code:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2012-11-27 22:30:42

-----------------------------

22:30:42.661    OS Version: Windows 6.1.7600 

22:30:42.661    Number of processors: 2 586 0x170A

22:30:42.671    ComputerName: TINI-PC  UserName: Tini

22:30:43.961    Initialize success

22:30:50.566    AVAST engine defs: 12112701

22:31:05.386    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

22:31:05.386    Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3

22:31:05.402    Disk 0 MBR read successfully

22:31:05.402    Disk 0 MBR scan

22:31:05.417    Disk 0 unknown MBR code

22:31:05.417    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS           99 MB offset 2048

22:31:05.433    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       922022 MB offset 204800

22:31:05.464    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        30720 MB offset 1888505856

22:31:05.480    Disk 0 Partition 4 00     12  Compaq diag NTFS         1026 MB offset 1951420416

22:31:05.480    Disk 0 scanning sectors +1953523120

22:31:05.604    Disk 0 scanning C:\Windows\system32\drivers

22:31:14.818    Service scanning

22:31:21.797    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5

22:31:22.405    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5

22:31:22.436    Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5

22:31:22.483    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5

22:31:22.530    Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5

22:31:22.577    Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5

22:31:34.840    Modules scanning

22:31:42.072    Disk 0 trace - called modules:

22:31:42.102    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 

22:31:42.112    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88dac030]

22:31:42.112    3 CLASSPNP.SYS[8cb7c59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86599028]

22:31:43.937    AVAST engine scan C:\Windows

22:31:47.709    AVAST engine scan C:\Windows\system32

22:34:32.355    AVAST engine scan C:\Windows\system32\drivers

22:34:45.320    AVAST engine scan C:\Users\Tini

22:41:10.310    AVAST engine scan C:\ProgramData

22:42:15.500    Scan finished successfully

22:43:44.749    Disk 0 MBR has been saved successfully to "C:\Users\Tini\Desktop\MBR.dat"

22:43:44.765    The log file has been saved successfully to "C:\Users\Tini\Desktop\aswMBR.txt"
 
 

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2012-11-28 20:13:58

-----------------------------

20:13:58.280    OS Version: Windows 6.1.7600 

20:13:58.280    Number of processors: 2 586 0x170A

20:13:58.280    ComputerName: TINI-PC  UserName: Tini

20:13:59.715    Initialize success

20:14:10.073    AVAST engine defs: 12112800

20:14:14.925    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

20:14:14.941    Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3

20:14:14.956    Disk 0 MBR read successfully

20:14:14.956    Disk 0 MBR scan

20:14:14.972    Disk 0 unknown MBR code

20:14:14.987    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS           99 MB offset 2048

20:14:14.987    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       922022 MB offset 204800

20:14:15.019    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        30720 MB offset 1888505856

20:14:15.050    Disk 0 Partition 4 00     12  Compaq diag NTFS         1026 MB offset 1951420416

20:14:15.050    Disk 0 scanning sectors +1953523120

20:14:15.128    Disk 0 scanning C:\Windows\system32\drivers

20:14:24.722    Service scanning

20:14:35.236    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5

20:14:35.860    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5

20:14:35.907    Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5

20:14:35.938    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5

20:14:35.985    Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5

20:14:36.032    Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5

20:14:47.670    Modules scanning

20:14:54.705    Disk 0 trace - called modules:

20:14:54.721    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 

20:14:54.736    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88da7310]

20:14:54.736    3 CLASSPNP.SYS[8cb7f59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8659a028]

20:14:56.749    AVAST engine scan C:\Windows

20:15:00.228    AVAST engine scan C:\Windows\system32

20:18:08.147    AVAST engine scan C:\Windows\system32\drivers

20:18:31.064    AVAST engine scan C:\Users\Tini

20:22:32.819    AVAST engine scan C:\ProgramData

20:23:39.864    Scan finished successfully

20:25:31.265    Disk 0 MBR has been saved successfully to "C:\Users\Tini\Desktop\MBR.dat"

20:25:31.296    The log file has been saved successfully to "C:\Users\Tini\Desktop\aswMBR.txt"
 
 

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software

Run date: 2012-11-29 22:28:55

-----------------------------

22:28:55.313    OS Version: Windows 6.1.7600 

22:28:55.313    Number of processors: 2 586 0x170A

22:28:55.313    ComputerName: TINI-PC  UserName: Tini

22:28:56.904    Initialize success

22:29:04.298    AVAST engine defs: 12112800

22:29:11.206    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

22:29:11.222    Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3

22:29:11.237    Disk 0 MBR read successfully

22:29:11.237    Disk 0 MBR scan

22:29:11.237    Disk 0 Windows 7 default MBR code

22:29:11.237    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS           99 MB offset 2048

22:29:11.253    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       922022 MB offset 204800

22:29:11.284    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        30720 MB offset 1888505856

22:29:11.300    Disk 0 Partition 4 00     12  Compaq diag NTFS         1026 MB offset 1951420416

22:29:11.300    Disk 0 scanning sectors +1953523120

22:29:11.393    Disk 0 scanning C:\Windows\system32\drivers

22:29:19.609    Service scanning

22:29:26.398    Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5

22:29:26.991    Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5

22:29:27.022    Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5

22:29:27.053    Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5

22:29:27.115    Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5

22:29:27.147    Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5

22:29:38.210    Modules scanning

22:29:44.061    Disk 0 trace - called modules:

22:29:44.081    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll 

22:29:44.091    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88da2388]

22:29:44.091    3 CLASSPNP.SYS[8cc0759e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8658a028]

22:29:44.101    Scan finished successfully

22:29:57.615    Disk 0 MBR has been saved successfully to "C:\Users\Tini\Desktop\MBR.dat"

22:29:57.646    The log file has been saved successfully to "C:\Users\Tini\Desktop\aswMBR.txt"