| |
| |||||||
Log-Analyse und Auswertung: Ihr Computer wurde gesterrt - Entsperren Sie mit UkashWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.09.2012, 11:51
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - user.js - File not found
IE - HKU\S-1-5-21-1536490661-2766708214-4031899807-1000\..\SearchScopes\{4B53164B-EABF-439C-8343-8F09C1A9B1E0}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=41A52713-2214-4CCA-806F-6E43F782D355&apn_sauid=B8C3DD03-0777-4E2B-8E0C-0048F358F7ED
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O32 - HKLM CDRom: AutoRun - 1
:Files
C:\ProgramData\vvnbzkacilrvjxr
C:\Users\Roberto Bucher\AppData\Local\{*
C:\Program Files (x86)\Yontoo
C:\ProgramData\ozzeqzyruysussd
C:\Users\All Users\ozzeqzyruysussd
C:\ProgramData\Tarma Installer
C:\Users\All Users\Tarma Installer
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.09.2012, 18:13
| #17 |
 | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash So, hier ist das log:
__________________Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-1536490661-2766708214-4031899807-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4B53164B-EABF-439C-8343-8F09C1A9B1E0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B53164B-EABF-439C-8343-8F09C1A9B1E0}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
========== FILES ==========
C:\ProgramData\vvnbzkacilrvjxr moved successfully.
C:\Users\Roberto Bucher\AppData\Local\{237D1F10-A963-4A99-887C-A86191D74DA6} moved successfully.
C:\Users\Roberto Bucher\AppData\Local\{4B1239AB-3609-4923-B57A-C10F9ECE68C3} folder moved successfully.
File\Folder C:\Program Files (x86)\Yontoo not found.
C:\ProgramData\ozzeqzyruysussd folder moved successfully.
File\Folder C:\Users\All Users\ozzeqzyruysussd not found.
File\Folder C:\ProgramData\Tarma Installer not found.
File\Folder C:\Users\All Users\Tarma Installer not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Roberto Bucher\Desktop\cmd.bat deleted successfully.
C:\Users\Roberto Bucher\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Manu
->Temp folder emptied: 1027 bytes
->Temporary Internet Files folder emptied: 536 bytes
->Java cache emptied: 234204 bytes
->FireFox cache emptied: 23715764 bytes
->Google Chrome cache emptied: 474501432 bytes
->Flash cache emptied: 18476 bytes
User: Marc
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 871 bytes
->Java cache emptied: 96976 bytes
->Google Chrome cache emptied: 342820261 bytes
->Flash cache emptied: 1464 bytes
User: Public
User: Roberto
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 804 bytes
User: Roberto Bucher
->Temp folder emptied: 18895137 bytes
->Temporary Internet Files folder emptied: 4755006 bytes
->Java cache emptied: 4673905 bytes
->FireFox cache emptied: 60463967 bytes
->Flash cache emptied: 506 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1993995 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 422007 bytes
Total Files Cleaned = 889.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.61.5 log created on 09182012_184253
Files\Folders moved on Reboot...
C:\Users\Roberto Bucher\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Roberto Bucher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S374YGHH\123930-computer-wurde-gesterrt-entsperren-ukash-2[1].htm moved successfully.
C:\Users\Roberto Bucher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DFNMDT8T\ads[1].htm moved successfully.
C:\Users\Roberto Bucher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DFNMDT8T\si[1].htm moved successfully.
C:\Users\Roberto Bucher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Roberto Bucher\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
19.09.2012, 14:34
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
19.09.2012, 18:02
| #19 |
| | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Hallo, dies ist das Log von TDSS Killer Code:
ATTFilter 18:49:59.0867 4440 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:50:00.0132 4440 ============================================================
18:50:00.0132 4440 Current date / time: 2012/09/19 18:50:00.0132
18:50:00.0132 4440 SystemInfo:
18:50:00.0132 4440
18:50:00.0132 4440 OS Version: 6.1.7601 ServicePack: 1.0
18:50:00.0132 4440 Product type: Workstation
18:50:00.0132 4440 ComputerName: ROBERTOBUCHER
18:50:00.0132 4440 UserName: Roberto Bucher
18:50:00.0132 4440 Windows directory: C:\Windows
18:50:00.0132 4440 System windows directory: C:\Windows
18:50:00.0132 4440 Running under WOW64
18:50:00.0132 4440 Processor architecture: Intel x64
18:50:00.0132 4440 Number of processors: 6
18:50:00.0132 4440 Page size: 0x1000
18:50:00.0132 4440 Boot type: Normal boot
18:50:00.0132 4440 ============================================================
18:50:01.0741 4440 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:50:09.0158 4440 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:50:09.0173 4440 ============================================================
18:50:09.0173 4440 \Device\Harddisk0\DR0:
18:50:09.0173 4440 MBR partitions:
18:50:09.0173 4440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
18:50:09.0173 4440 \Device\Harddisk1\DR1:
18:50:09.0173 4440 GPT partitions:
18:50:09.0173 4440 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C88BB10F-D891-4913-901F-EFDCAC6BA2C1}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
18:50:09.0173 4440 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0DDBE58B-3115-4B38-969F-B040F5625273}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
18:50:09.0173 4440 MBR partitions:
18:50:09.0173 4440 ============================================================
18:50:09.0204 4440 C: <-> \Device\Harddisk0\DR0\Partition1
18:50:09.0251 4440 K: <-> \Device\Harddisk1\DR1\Partition2
18:50:09.0251 4440 ============================================================
18:50:09.0251 4440 Initialize success
18:50:09.0251 4440 ============================================================
18:56:09.0423 2808 ============================================================
18:56:09.0423 2808 Scan started
18:56:09.0423 2808 Mode: Manual; SigCheck; TDLFS;
18:56:09.0423 2808 ============================================================
18:56:10.0481 2808 ================ Scan system memory ========================
18:56:10.0481 2808 System memory - ok
18:56:10.0482 2808 ================ Scan services =============================
18:56:10.0972 2808 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:56:11.0071 2808 1394ohci - ok
18:56:11.0128 2808 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:56:11.0141 2808 ACPI - ok
18:56:11.0190 2808 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:56:11.0288 2808 AcpiPmi - ok
18:56:11.0425 2808 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:56:11.0433 2808 AdobeARMservice - ok
18:56:11.0596 2808 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:56:11.0604 2808 AdobeFlashPlayerUpdateSvc - ok
18:56:11.0664 2808 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:56:11.0692 2808 adp94xx - ok
18:56:11.0720 2808 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:56:11.0737 2808 adpahci - ok
18:56:11.0760 2808 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:56:11.0772 2808 adpu320 - ok
18:56:11.0798 2808 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:56:11.0863 2808 AeLookupSvc - ok
18:56:11.0926 2808 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:56:12.0004 2808 AFD - ok
18:56:12.0050 2808 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:56:12.0066 2808 agp440 - ok
18:56:12.0082 2808 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:56:12.0144 2808 ALG - ok
18:56:12.0160 2808 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:56:12.0160 2808 aliide - ok
18:56:12.0222 2808 [ 5C8C9AAB596582AFFD94939917D8FB13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:56:12.0300 2808 AMD External Events Utility - ok
18:56:12.0347 2808 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:56:12.0347 2808 amdide - ok
18:56:12.0394 2808 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:56:12.0456 2808 AmdK8 - ok
18:56:12.0799 2808 [ 538B0A6E89ACA1929668F9EB95D3C0BC ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:56:13.0033 2808 amdkmdag - ok
18:56:13.0096 2808 [ 977286B382FE0920F379A69C351A7AF4 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:56:13.0158 2808 amdkmdap - ok
18:56:13.0220 2808 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:56:13.0252 2808 AmdPPM - ok
18:56:13.0314 2808 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:56:13.0330 2808 amdsata - ok
18:56:13.0392 2808 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:56:13.0408 2808 amdsbs - ok
18:56:13.0423 2808 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:56:13.0423 2808 amdxata - ok
18:56:13.0454 2808 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
18:56:13.0642 2808 androidusb - ok
18:56:13.0688 2808 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:56:13.0860 2808 AppID - ok
18:56:13.0907 2808 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:56:14.0000 2808 AppIDSvc - ok
18:56:14.0110 2808 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:56:14.0156 2808 Appinfo - ok
18:56:14.0219 2808 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:56:14.0281 2808 AppMgmt - ok
18:56:14.0312 2808 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:56:14.0312 2808 arc - ok
18:56:14.0328 2808 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:56:14.0344 2808 arcsas - ok
18:56:14.0359 2808 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:56:14.0406 2808 AsyncMac - ok
18:56:14.0468 2808 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:56:14.0468 2808 atapi - ok
18:56:14.0531 2808 [ CBE5F8B3E54198F5DFE403A55A95DE08 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:56:14.0546 2808 AtiHDAudioService - ok
18:56:14.0858 2808 [ 538B0A6E89ACA1929668F9EB95D3C0BC ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:56:14.0936 2808 atikmdag - ok
18:56:14.0999 2808 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
18:56:15.0014 2808 atksgt - ok
18:56:15.0077 2808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:56:15.0139 2808 AudioEndpointBuilder - ok
18:56:15.0155 2808 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:56:15.0186 2808 AudioSrv - ok
18:56:15.0233 2808 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:56:15.0389 2808 AxInstSV - ok
18:56:15.0436 2808 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:56:15.0545 2808 b06bdrv - ok
18:56:15.0576 2808 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:56:15.0652 2808 b57nd60a - ok
18:56:15.0692 2808 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:56:15.0741 2808 BDESVC - ok
18:56:15.0758 2808 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:56:15.0813 2808 Beep - ok
18:56:15.0953 2808 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:56:15.0985 2808 BFE - ok
18:56:16.0244 2808 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120905.001\BHDrvx64.sys
18:56:16.0307 2808 BHDrvx64 - ok
18:56:16.0355 2808 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:56:16.0449 2808 BITS - ok
18:56:16.0492 2808 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:56:16.0525 2808 blbdrive - ok
18:56:16.0597 2808 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:56:16.0643 2808 bowser - ok
18:56:16.0689 2808 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:56:16.0783 2808 BrFiltLo - ok
18:56:16.0783 2808 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:56:16.0799 2808 BrFiltUp - ok
18:56:16.0845 2808 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:56:16.0877 2808 Browser - ok
18:56:16.0892 2808 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:56:16.0955 2808 Brserid - ok
18:56:16.0955 2808 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:56:16.0986 2808 BrSerWdm - ok
18:56:17.0017 2808 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:56:17.0064 2808 BrUsbMdm - ok
18:56:17.0095 2808 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:56:17.0111 2808 BrUsbSer - ok
18:56:17.0173 2808 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:56:17.0235 2808 BthEnum - ok
18:56:17.0251 2808 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:56:17.0282 2808 BTHMODEM - ok
18:56:17.0313 2808 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:56:17.0360 2808 BthPan - ok
18:56:17.0423 2808 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:56:17.0532 2808 BTHPORT - ok
18:56:17.0547 2808 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:56:17.0594 2808 bthserv - ok
18:56:17.0641 2808 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:56:17.0688 2808 BTHUSB - ok
18:56:17.0859 2808 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
18:56:17.0875 2808 ccSet_N360 - ok
18:56:17.0922 2808 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:56:17.0969 2808 cdfs - ok
18:56:18.0093 2808 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:56:18.0125 2808 cdrom - ok
18:56:18.0187 2808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:56:18.0296 2808 CertPropSvc - ok
18:56:18.0327 2808 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:56:18.0374 2808 circlass - ok
18:56:18.0437 2808 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:56:18.0452 2808 CLFS - ok
18:56:18.0561 2808 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:56:18.0624 2808 clr_optimization_v2.0.50727_32 - ok
18:56:18.0733 2808 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:56:18.0749 2808 clr_optimization_v2.0.50727_64 - ok
18:56:18.0842 2808 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:56:18.0842 2808 clr_optimization_v4.0.30319_32 - ok
18:56:18.0951 2808 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:56:18.0967 2808 clr_optimization_v4.0.30319_64 - ok
18:56:18.0983 2808 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:56:19.0029 2808 CmBatt - ok
18:56:19.0061 2808 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:56:19.0076 2808 cmdide - ok
18:56:19.0139 2808 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:56:19.0170 2808 CNG - ok
18:56:19.0248 2808 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:56:19.0248 2808 Compbatt - ok
18:56:19.0295 2808 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:56:19.0326 2808 CompositeBus - ok
18:56:19.0341 2808 COMSysApp - ok
18:56:19.0357 2808 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:56:19.0373 2808 crcdisk - ok
18:56:19.0435 2808 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:56:19.0466 2808 CryptSvc - ok
18:56:19.0513 2808 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:56:19.0544 2808 CSC - ok
18:56:19.0622 2808 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:56:19.0669 2808 CscService - ok
18:56:19.0747 2808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:56:19.0809 2808 DcomLaunch - ok
18:56:19.0872 2808 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:56:19.0919 2808 defragsvc - ok
18:56:19.0965 2808 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:56:20.0012 2808 DfsC - ok
18:56:20.0090 2808 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:56:20.0137 2808 Dhcp - ok
18:56:20.0184 2808 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:56:20.0231 2808 discache - ok
18:56:20.0277 2808 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:56:20.0277 2808 Disk - ok
18:56:20.0340 2808 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:56:20.0387 2808 Dnscache - ok
18:56:20.0433 2808 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:56:20.0496 2808 dot3svc - ok
18:56:20.0527 2808 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:56:20.0574 2808 DPS - ok
18:56:20.0621 2808 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:56:20.0652 2808 drmkaud - ok
18:56:20.0792 2808 [ E5B95C75557120881076C45CD146D72C ] DvmMDES C:\ASUS.SYS\config\DVMExportService.exe
18:56:20.0830 2808 DvmMDES ( UnsignedFile.Multi.Generic ) - warning
18:56:20.0830 2808 DvmMDES - detected UnsignedFile.Multi.Generic (1)
18:56:20.0918 2808 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:56:20.0996 2808 DXGKrnl - ok
18:56:21.0066 2808 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:56:21.0190 2808 EapHost - ok
18:56:21.0454 2808 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:56:21.0563 2808 ebdrv - ok
18:56:21.0701 2808 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:56:21.0717 2808 eeCtrl - ok
18:56:21.0779 2808 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:56:21.0842 2808 EFS - ok
18:56:21.0888 2808 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:56:21.0966 2808 ehRecvr - ok
18:56:21.0998 2808 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:56:22.0060 2808 ehSched - ok
18:56:22.0107 2808 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:56:22.0169 2808 elxstor - ok
18:56:22.0216 2808 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:56:22.0232 2808 EraserUtilRebootDrv - ok
18:56:22.0278 2808 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:56:22.0310 2808 ErrDev - ok
18:56:22.0356 2808 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:56:22.0419 2808 EventSystem - ok
18:56:22.0466 2808 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:56:22.0512 2808 exfat - ok
18:56:22.0544 2808 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:56:22.0590 2808 fastfat - ok
18:56:22.0700 2808 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:56:22.0793 2808 Fax - ok
18:56:22.0840 2808 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:56:22.0875 2808 fdc - ok
18:56:22.0903 2808 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:56:22.0961 2808 fdPHost - ok
18:56:22.0984 2808 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:56:23.0033 2808 FDResPub - ok
18:56:23.0050 2808 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:56:23.0074 2808 FileInfo - ok
18:56:23.0089 2808 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:56:23.0140 2808 Filetrace - ok
18:56:23.0158 2808 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:56:23.0177 2808 flpydisk - ok
18:56:23.0241 2808 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:56:23.0264 2808 FltMgr - ok
18:56:23.0347 2808 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:56:23.0447 2808 FontCache - ok
18:56:23.0498 2808 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:56:23.0521 2808 FontCache3.0.0.0 - ok
18:56:23.0548 2808 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:56:23.0557 2808 FsDepends - ok
18:56:23.0593 2808 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:56:23.0610 2808 Fs_Rec - ok
18:56:23.0657 2808 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:56:23.0672 2808 fvevol - ok
18:56:23.0698 2808 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:56:23.0720 2808 gagp30kx - ok
18:56:23.0770 2808 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:56:23.0832 2808 gpsvc - ok
18:56:23.0970 2808 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:56:23.0980 2808 gupdate - ok
18:56:24.0004 2808 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:56:24.0012 2808 gupdatem - ok
18:56:24.0025 2808 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:56:24.0065 2808 hcw85cir - ok
18:56:24.0127 2808 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:56:24.0174 2808 HdAudAddService - ok
18:56:24.0236 2808 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:56:24.0283 2808 HDAudBus - ok
18:56:24.0314 2808 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:56:24.0346 2808 HidBatt - ok
18:56:24.0377 2808 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:56:24.0392 2808 HidBth - ok
18:56:24.0408 2808 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:56:24.0439 2808 HidIr - ok
18:56:24.0470 2808 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:56:24.0517 2808 hidserv - ok
18:56:24.0564 2808 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:56:24.0580 2808 HidUsb - ok
18:56:24.0611 2808 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:56:24.0658 2808 hkmsvc - ok
18:56:24.0720 2808 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:56:24.0782 2808 HomeGroupListener - ok
18:56:24.0829 2808 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:56:24.0876 2808 HomeGroupProvider - ok
18:56:24.0938 2808 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:56:24.0938 2808 HpSAMD - ok
18:56:25.0063 2808 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:56:25.0110 2808 HTTP - ok
18:56:25.0157 2808 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:56:25.0157 2808 hwpolicy - ok
18:56:25.0219 2808 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:56:25.0219 2808 i8042prt - ok
18:56:25.0297 2808 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:56:25.0328 2808 iaStorV - ok
18:56:25.0469 2808 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:56:25.0484 2808 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:56:25.0484 2808 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:56:25.0547 2808 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:56:25.0578 2808 idsvc - ok
18:56:25.0750 2808 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120918.001\IDSvia64.sys
18:56:25.0765 2808 IDSVia64 - ok
18:56:25.0812 2808 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:56:25.0812 2808 iirsp - ok
18:56:25.0874 2808 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:56:25.0952 2808 IKEEXT - ok
18:56:26.0063 2808 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:56:26.0127 2808 IntcAzAudAddService - ok
18:56:26.0139 2808 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:56:26.0155 2808 intelide - ok
18:56:26.0165 2808 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:56:26.0174 2808 intelppm - ok
18:56:26.0197 2808 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:56:26.0255 2808 IPBusEnum - ok
18:56:26.0351 2808 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:56:26.0413 2808 IpFilterDriver - ok
18:56:26.0511 2808 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:56:26.0542 2808 iphlpsvc - ok
18:56:26.0597 2808 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:56:26.0608 2808 IPMIDRV - ok
18:56:26.0641 2808 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:56:26.0686 2808 IPNAT - ok
18:56:26.0719 2808 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:56:26.0755 2808 IRENUM - ok
18:56:26.0795 2808 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:56:26.0804 2808 isapnp - ok
18:56:26.0857 2808 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:56:26.0871 2808 iScsiPrt - ok
18:56:26.0887 2808 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:56:26.0896 2808 kbdclass - ok
18:56:26.0948 2808 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:56:26.0980 2808 kbdhid - ok
18:56:27.0009 2808 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:56:27.0018 2808 KeyIso - ok
18:56:27.0047 2808 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:56:27.0062 2808 KSecDD - ok
18:56:27.0093 2808 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:56:27.0109 2808 KSecPkg - ok
18:56:27.0109 2808 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:56:27.0156 2808 ksthunk - ok
18:56:27.0265 2808 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:56:27.0312 2808 KtmRm - ok
18:56:27.0390 2808 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:56:27.0437 2808 LanmanServer - ok
18:56:27.0499 2808 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:56:27.0530 2808 LanmanWorkstation - ok
18:56:27.0624 2808 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
18:56:27.0624 2808 lirsgt - ok
18:56:27.0639 2808 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:56:27.0702 2808 lltdio - ok
18:56:27.0764 2808 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:56:27.0842 2808 lltdsvc - ok
18:56:27.0858 2808 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:56:27.0905 2808 lmhosts - ok
18:56:27.0951 2808 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:56:27.0967 2808 LSI_FC - ok
18:56:28.0029 2808 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:56:28.0061 2808 LSI_SAS - ok
18:56:28.0123 2808 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:56:28.0139 2808 LSI_SAS2 - ok
18:56:28.0154 2808 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:56:28.0170 2808 LSI_SCSI - ok
18:56:28.0185 2808 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:56:28.0232 2808 luafv - ok
18:56:28.0310 2808 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:56:28.0326 2808 MBAMProtector - ok
18:56:28.0497 2808 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:56:28.0513 2808 MBAMScheduler - ok
18:56:28.0638 2808 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:56:28.0653 2808 MBAMService - ok
18:56:28.0700 2808 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:56:28.0731 2808 Mcx2Svc - ok
18:56:28.0763 2808 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:56:28.0778 2808 megasas - ok
18:56:28.0841 2808 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:56:28.0856 2808 MegaSR - ok
18:56:28.0898 2808 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:56:28.0949 2808 MMCSS - ok
18:56:28.0974 2808 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:56:29.0028 2808 Modem - ok
18:56:29.0059 2808 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:56:29.0095 2808 monitor - ok
18:56:29.0134 2808 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:56:29.0143 2808 mouclass - ok
18:56:29.0173 2808 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:56:29.0203 2808 mouhid - ok
18:56:29.0268 2808 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:56:29.0289 2808 mountmgr - ok
18:56:29.0360 2808 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:56:29.0369 2808 MozillaMaintenance - ok
18:56:29.0415 2808 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:56:29.0426 2808 mpio - ok
18:56:29.0438 2808 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:56:29.0462 2808 mpsdrv - ok
18:56:29.0564 2808 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:56:29.0602 2808 MpsSvc - ok
18:56:29.0638 2808 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:56:29.0675 2808 MRxDAV - ok
18:56:29.0730 2808 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:56:29.0757 2808 mrxsmb - ok
18:56:29.0805 2808 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:56:29.0839 2808 mrxsmb10 - ok
18:56:29.0874 2808 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:56:29.0889 2808 mrxsmb20 - ok
18:56:29.0936 2808 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:56:29.0936 2808 msahci - ok
18:56:29.0999 2808 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:56:29.0999 2808 msdsm - ok
18:56:30.0030 2808 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:56:30.0061 2808 MSDTC - ok
18:56:30.0092 2808 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:56:30.0123 2808 Msfs - ok
18:56:30.0123 2808 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:56:30.0201 2808 mshidkmdf - ok
18:56:30.0279 2808 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:56:30.0295 2808 msisadrv - ok
18:56:30.0326 2808 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:56:30.0373 2808 MSiSCSI - ok
18:56:30.0389 2808 msiserver - ok
18:56:30.0420 2808 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:56:30.0451 2808 MSKSSRV - ok
18:56:30.0529 2808 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:56:30.0576 2808 MSPCLOCK - ok
18:56:30.0591 2808 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:56:30.0638 2808 MSPQM - ok
18:56:30.0701 2808 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:56:30.0732 2808 MsRPC - ok
18:56:30.0732 2808 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:56:30.0747 2808 mssmbios - ok
18:56:30.0747 2808 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:56:30.0794 2808 MSTEE - ok
18:56:30.0841 2808 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:56:30.0872 2808 MTConfig - ok
18:56:30.0935 2808 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
18:56:30.0935 2808 MTsensor - ok
18:56:30.0950 2808 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:56:30.0966 2808 Mup - ok
18:56:31.0070 2808 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
18:56:31.0079 2808 N360 - ok
18:56:31.0186 2808 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:56:31.0249 2808 napagent - ok
18:56:31.0311 2808 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:56:31.0345 2808 NativeWifiP - ok
18:56:31.0460 2808 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120918.025\ENG64.SYS
18:56:31.0469 2808 NAVENG - ok
18:56:31.0538 2808 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120918.025\EX64.SYS
18:56:31.0622 2808 NAVEX15 - ok
18:56:31.0724 2808 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:56:31.0770 2808 NDIS - ok
18:56:31.0797 2808 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:56:31.0847 2808 NdisCap - ok
18:56:31.0875 2808 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:56:31.0921 2808 NdisTapi - ok
18:56:31.0985 2808 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:56:32.0042 2808 Ndisuio - ok
18:56:32.0107 2808 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:56:32.0153 2808 NdisWan - ok
18:56:32.0200 2808 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:56:32.0231 2808 NDProxy - ok
18:56:32.0247 2808 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:56:32.0294 2808 NetBIOS - ok
18:56:32.0341 2808 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:56:32.0387 2808 NetBT - ok
18:56:32.0419 2808 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:56:32.0434 2808 Netlogon - ok
18:56:32.0465 2808 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:56:32.0543 2808 Netman - ok
18:56:32.0590 2808 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:56:32.0653 2808 netprofm - ok
18:56:32.0684 2808 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:56:32.0699 2808 NetTcpPortSharing - ok
18:56:32.0715 2808 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:56:32.0731 2808 nfrd960 - ok
18:56:32.0777 2808 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:56:32.0840 2808 NlaSvc - ok
18:56:32.0871 2808 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:56:32.0887 2808 Npfs - ok
18:56:32.0949 2808 [ 95A2AB418251A3B2A2571CDE880B80D0 ] npusbio C:\Windows\system32\Drivers\npusbio_x64.sys
18:56:32.0965 2808 npusbio - ok
18:56:32.0980 2808 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:56:33.0027 2808 nsi - ok
18:56:33.0058 2808 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:56:33.0121 2808 nsiproxy - ok
18:56:33.0183 2808 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:56:33.0245 2808 Ntfs - ok
18:56:33.0245 2808 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:56:33.0292 2808 Null - ok
18:56:33.0323 2808 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
18:56:33.0401 2808 NVENETFD - ok
18:56:33.0479 2808 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:56:33.0542 2808 nvraid - ok
18:56:33.0604 2808 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:56:33.0635 2808 nvstor - ok
18:56:33.0807 2808 [ 0996A440D510904B79935A91155B0E4C ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
18:56:33.0807 2808 nvstor64 - ok
18:56:33.0854 2808 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:56:33.0869 2808 nv_agp - ok
18:56:33.0963 2808 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:56:33.0979 2808 odserv - ok
18:56:34.0025 2808 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:56:34.0057 2808 ohci1394 - ok
18:56:34.0103 2808 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:56:34.0103 2808 ose - ok
18:56:34.0166 2808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:56:34.0244 2808 p2pimsvc - ok
18:56:34.0275 2808 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:56:34.0306 2808 p2psvc - ok
18:56:34.0322 2808 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:56:34.0337 2808 Parport - ok
18:56:34.0369 2808 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:56:34.0384 2808 partmgr - ok
18:56:34.0447 2808 [ 48923E83DEB29BFFE63DC4BD220F6031 ] PayPen C:\Windows\system32\Drivers\PayPen.sys
18:56:34.0462 2808 PayPen - ok
18:56:34.0462 2808 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:56:34.0509 2808 PcaSvc - ok
18:56:34.0540 2808 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:56:34.0540 2808 pci - ok
18:56:34.0587 2808 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:56:34.0587 2808 pciide - ok
18:56:34.0603 2808 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:56:34.0618 2808 pcmcia - ok
18:56:34.0634 2808 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:56:34.0649 2808 pcw - ok
18:56:34.0665 2808 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:56:34.0727 2808 PEAUTH - ok
18:56:34.0790 2808 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:56:34.0883 2808 PeerDistSvc - ok
18:56:34.0918 2808 pendfu - ok
18:56:34.0986 2808 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:56:35.0021 2808 PerfHost - ok
18:56:35.0103 2808 [ 1E81496AFF9D7FA2B4C4032B746DE5B9 ] Ph3xIB64 C:\Windows\system32\DRIVERS\Ph3xIB64.sys
18:56:35.0151 2808 Ph3xIB64 - ok
18:56:35.0217 2808 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:56:35.0298 2808 pla - ok
18:56:35.0346 2808 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:56:35.0372 2808 PlugPlay - ok
18:56:35.0399 2808 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:56:35.0409 2808 PNRPAutoReg - ok
18:56:35.0429 2808 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:56:35.0440 2808 PNRPsvc - ok
18:56:35.0488 2808 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:56:35.0548 2808 PolicyAgent - ok
18:56:35.0586 2808 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:56:35.0635 2808 Power - ok
18:56:35.0696 2808 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:56:35.0721 2808 PptpMiniport - ok
18:56:35.0743 2808 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:56:35.0776 2808 Processor - ok
18:56:35.0837 2808 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:56:35.0854 2808 ProfSvc - ok
18:56:35.0862 2808 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:56:35.0871 2808 ProtectedStorage - ok
18:56:35.0902 2808 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:56:35.0949 2808 Psched - ok
18:56:36.0011 2808 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:56:36.0072 2808 ql2300 - ok
18:56:36.0091 2808 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:56:36.0102 2808 ql40xx - ok
18:56:36.0125 2808 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:56:36.0163 2808 QWAVE - ok
18:56:36.0186 2808 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:56:36.0218 2808 QWAVEdrv - ok
18:56:36.0245 2808 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:56:36.0294 2808 RasAcd - ok
18:56:36.0336 2808 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:56:36.0361 2808 RasAgileVpn - ok
18:56:36.0383 2808 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:56:36.0409 2808 RasAuto - ok
18:56:36.0455 2808 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:56:36.0500 2808 Rasl2tp - ok
18:56:36.0545 2808 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:56:36.0600 2808 RasMan - ok
18:56:36.0634 2808 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:56:36.0685 2808 RasPppoe - ok
18:56:36.0714 2808 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:56:36.0765 2808 RasSstp - ok
18:56:36.0812 2808 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:56:36.0858 2808 rdbss - ok
18:56:36.0885 2808 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:56:36.0922 2808 rdpbus - ok
18:56:36.0945 2808 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:56:36.0990 2808 RDPCDD - ok
18:56:37.0019 2808 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:56:37.0046 2808 RDPDR - ok
18:56:37.0061 2808 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:56:37.0111 2808 RDPENCDD - ok
18:56:37.0137 2808 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:56:37.0161 2808 RDPREFMP - ok
18:56:37.0203 2808 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:56:37.0252 2808 RDPWD - ok
18:56:37.0294 2808 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:56:37.0306 2808 rdyboost - ok
18:56:37.0333 2808 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:56:37.0382 2808 RemoteAccess - ok
18:56:37.0421 2808 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:56:37.0474 2808 RemoteRegistry - ok
18:56:37.0542 2808 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:56:37.0574 2808 RFCOMM - ok
18:56:37.0608 2808 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:56:37.0654 2808 RpcEptMapper - ok
18:56:37.0689 2808 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:56:37.0705 2808 RpcLocator - ok
18:56:37.0731 2808 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:56:37.0759 2808 RpcSs - ok
18:56:37.0779 2808 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:56:37.0841 2808 rspndr - ok
18:56:37.0904 2808 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:56:37.0935 2808 RTL8167 - ok
18:56:37.0966 2808 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:56:38.0028 2808 s3cap - ok
18:56:38.0044 2808 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:56:38.0044 2808 SamSs - ok
18:56:38.0091 2808 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:56:38.0091 2808 sbp2port - ok
18:56:38.0122 2808 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:56:38.0153 2808 SCardSvr - ok
18:56:38.0200 2808 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:56:38.0247 2808 scfilter - ok
18:56:38.0340 2808 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:56:38.0403 2808 Schedule - ok
18:56:38.0434 2808 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:56:38.0465 2808 SCPolicySvc - ok
18:56:38.0496 2808 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:56:38.0559 2808 SDRSVC - ok
18:56:38.0574 2808 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:56:38.0621 2808 secdrv - ok
18:56:38.0652 2808 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:56:38.0699 2808 seclogon - ok
18:56:38.0746 2808 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:56:38.0793 2808 SENS - ok
18:56:38.0840 2808 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:56:38.0871 2808 SensrSvc - ok
18:56:38.0902 2808 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:56:38.0918 2808 Serenum - ok
18:56:38.0949 2808 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:56:38.0980 2808 Serial - ok
18:56:39.0011 2808 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:56:39.0011 2808 sermouse - ok
18:56:39.0058 2808 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:56:39.0074 2808 SessionEnv - ok
18:56:39.0120 2808 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:56:39.0152 2808 sffdisk - ok
18:56:39.0183 2808 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:56:39.0214 2808 sffp_mmc - ok
18:56:39.0230 2808 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:56:39.0261 2808 sffp_sd - ok
18:56:39.0292 2808 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:56:39.0323 2808 sfloppy - ok
18:56:39.0354 2808 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:56:39.0417 2808 SharedAccess - ok
18:56:39.0464 2808 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:56:39.0526 2808 ShellHWDetection - ok
18:56:39.0557 2808 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:56:39.0557 2808 SiSRaid2 - ok
18:56:39.0588 2808 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:56:39.0588 2808 SiSRaid4 - ok
18:56:39.0620 2808 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:56:39.0666 2808 Smb - ok
18:56:39.0713 2808 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:56:39.0729 2808 SNMPTRAP - ok
18:56:39.0729 2808 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:56:39.0744 2808 spldr - ok
18:56:39.0791 2808 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:56:39.0838 2808 Spooler - ok
18:56:39.0932 2808 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:56:40.0041 2808 sppsvc - ok
18:56:40.0056 2808 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:56:40.0103 2808 sppuinotify - ok
18:56:40.0228 2808 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
18:56:40.0244 2808 SRTSP - ok
18:56:40.0259 2808 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
18:56:40.0259 2808 SRTSPX - ok
18:56:40.0306 2808 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:56:40.0368 2808 srv - ok
18:56:40.0415 2808 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:56:40.0462 2808 srv2 - ok
18:56:40.0493 2808 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:56:40.0524 2808 srvnet - ok
18:56:40.0587 2808 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
18:56:40.0649 2808 ssadbus - ok
18:56:40.0680 2808 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:56:40.0727 2808 ssadmdfl - ok
18:56:40.0758 2808 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
18:56:40.0790 2808 ssadmdm - ok
18:56:40.0852 2808 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
18:56:40.0883 2808 ssadserd - ok
18:56:40.0919 2808 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:56:40.0967 2808 SSDPSRV - ok
18:56:40.0995 2808 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:56:41.0022 2808 SstpSvc - ok
18:56:41.0053 2808 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:56:41.0062 2808 stexstor - ok
18:56:41.0121 2808 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:56:41.0175 2808 stisvc - ok
18:56:41.0213 2808 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:56:41.0222 2808 storflt - ok
18:56:41.0246 2808 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
18:56:41.0302 2808 StorSvc - ok
18:56:41.0319 2808 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:56:41.0328 2808 storvsc - ok
18:56:41.0366 2808 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:56:41.0374 2808 swenum - ok
18:56:41.0400 2808 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:56:41.0462 2808 swprv - ok
18:56:41.0532 2808 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
18:56:41.0556 2808 SymDS - ok
18:56:41.0619 2808 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
18:56:41.0667 2808 SymEFA - ok
18:56:41.0723 2808 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:56:41.0733 2808 SymEvent - ok
18:56:41.0782 2808 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
18:56:41.0792 2808 SymIRON - ok
18:56:41.0868 2808 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
18:56:41.0883 2808 SymNetS - ok
18:56:41.0949 2808 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:56:42.0027 2808 SysMain - ok
18:56:42.0073 2808 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:56:42.0105 2808 TabletInputService - ok
18:56:42.0183 2808 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:56:42.0229 2808 TapiSrv - ok
18:56:42.0276 2808 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:56:42.0323 2808 TBS - ok
18:56:42.0385 2808 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:56:42.0448 2808 Tcpip - ok
18:56:42.0510 2808 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:56:42.0526 2808 TCPIP6 - ok
18:56:42.0573 2808 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:56:42.0604 2808 tcpipreg - ok
18:56:42.0619 2808 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:56:42.0682 2808 TDPIPE - ok
18:56:42.0729 2808 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:56:42.0744 2808 TDTCP - ok
18:56:42.0807 2808 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:56:42.0838 2808 tdx - ok
18:56:42.0885 2808 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:56:42.0885 2808 TermDD - ok
18:56:42.0947 2808 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:56:42.0978 2808 TermService - ok
18:56:42.0994 2808 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:56:43.0025 2808 Themes - ok
18:56:43.0072 2808 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:56:43.0103 2808 THREADORDER - ok
18:56:43.0181 2808 [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:56:43.0197 2808 TOSHIBA Bluetooth Service - ok
18:56:43.0228 2808 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
18:56:43.0243 2808 tosporte - ok
18:56:43.0275 2808 [ 0ADC36861F0D11A916EF78995272FDB7 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
18:56:43.0290 2808 tosrfbd - ok
18:56:43.0290 2808 [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
18:56:43.0306 2808 tosrfbnp - ok
18:56:43.0337 2808 [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
18:56:43.0337 2808 Tosrfcom - ok
18:56:43.0353 2808 [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
18:56:43.0368 2808 Tosrfhid - ok
18:56:43.0384 2808 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
18:56:43.0384 2808 tosrfnds - ok
18:56:43.0399 2808 [ E1E045240C1184FA6628F3C7E7FF85D8 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
18:56:43.0415 2808 TosRfSnd - ok
18:56:43.0446 2808 [ DA7AA562448E29CA895895920BFF8946 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
18:56:43.0446 2808 Tosrfusb - ok
18:56:43.0477 2808 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:56:43.0540 2808 TrkWks - ok
18:56:43.0602 2808 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:56:43.0649 2808 TrustedInstaller - ok
18:56:43.0696 2808 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:56:43.0711 2808 tssecsrv - ok
18:56:43.0774 2808 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:56:43.0821 2808 TsUsbFlt - ok
18:56:43.0883 2808 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:56:43.0977 2808 tunnel - ok
18:56:44.0008 2808 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:56:44.0055 2808 uagp35 - ok
18:56:44.0148 2808 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:56:44.0179 2808 udfs - ok
18:56:44.0195 2808 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:56:44.0226 2808 UI0Detect - ok
18:56:44.0257 2808 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:56:44.0273 2808 uliagpkx - ok
18:56:44.0320 2808 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:56:44.0351 2808 umbus - ok
18:56:44.0367 2808 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:56:44.0382 2808 UmPass - ok
18:56:44.0429 2808 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:56:44.0460 2808 UmRdpService - ok
18:56:44.0476 2808 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:56:44.0507 2808 upnphost - ok
18:56:44.0554 2808 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:56:44.0616 2808 usbccgp - ok
18:56:44.0647 2808 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:56:44.0679 2808 usbcir - ok
18:56:44.0710 2808 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:56:44.0741 2808 usbehci - ok
18:56:44.0772 2808 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:56:44.0819 2808 usbhub - ok
18:56:44.0850 2808 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:56:44.0881 2808 usbohci - ok
18:56:44.0928 2808 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:56:44.0928 2808 usbprint - ok
18:56:44.0975 2808 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:56:44.0991 2808 usbscan - ok
18:56:45.0037 2808 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:56:45.0084 2808 USBSTOR - ok
18:56:45.0115 2808 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:56:45.0147 2808 usbuhci - ok
18:56:45.0162 2808 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:56:45.0209 2808 UxSms - ok
18:56:45.0240 2808 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:56:45.0240 2808 VaultSvc - ok
18:56:45.0287 2808 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:56:45.0303 2808 vdrvroot - ok
18:56:45.0349 2808 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:56:45.0396 2808 vds - ok
18:56:45.0443 2808 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:56:45.0459 2808 vga - ok
18:56:45.0474 2808 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:56:45.0521 2808 VgaSave - ok
18:56:45.0568 2808 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:56:45.0568 2808 vhdmp - ok
18:56:45.0615 2808 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:56:45.0630 2808 viaide - ok
18:56:45.0661 2808 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:56:45.0677 2808 vmbus - ok
18:56:45.0708 2808 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:56:45.0739 2808 VMBusHID - ok
18:56:45.0771 2808 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:56:45.0771 2808 volmgr - ok
18:56:45.0817 2808 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:56:45.0833 2808 volmgrx - ok
18:56:45.0849 2808 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:56:45.0864 2808 volsnap - ok
18:56:45.0895 2808 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:56:45.0911 2808 vsmraid - ok
18:56:45.0989 2808 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:56:46.0095 2808 VSS - ok
18:56:46.0119 2808 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:56:46.0153 2808 vwifibus - ok
18:56:46.0212 2808 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:56:46.0251 2808 W32Time - ok
18:56:46.0265 2808 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:56:46.0297 2808 WacomPen - ok
18:56:46.0353 2808 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:56:46.0409 2808 WANARP - ok
18:56:46.0435 2808 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:56:46.0459 2808 Wanarpv6 - ok
18:56:46.0545 2808 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:56:46.0595 2808 WatAdminSvc - ok
18:56:46.0663 2808 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:56:46.0756 2808 wbengine - ok
18:56:46.0775 2808 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:56:46.0790 2808 WbioSrvc - ok
18:56:46.0835 2808 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:56:46.0883 2808 wcncsvc - ok
18:56:46.0908 2808 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:56:46.0930 2808 WcsPlugInService - ok
18:56:46.0952 2808 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:56:46.0961 2808 Wd - ok
18:56:46.0987 2808 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:56:47.0016 2808 Wdf01000 - ok
18:56:47.0035 2808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:56:47.0129 2808 WdiServiceHost - ok
18:56:47.0129 2808 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:56:47.0145 2808 WdiSystemHost - ok
18:56:47.0207 2808 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:56:47.0238 2808 WebClient - ok
18:56:47.0269 2808 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:56:47.0316 2808 Wecsvc - ok
18:56:47.0332 2808 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:56:47.0379 2808 wercplsupport - ok
18:56:47.0425 2808 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:56:47.0472 2808 WerSvc - ok
18:56:47.0503 2808 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:56:47.0535 2808 WfpLwf - ok
18:56:47.0550 2808 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:56:47.0550 2808 WIMMount - ok
18:56:47.0566 2808 WinDefend - ok
18:56:47.0566 2808 WinHttpAutoProxySvc - ok
18:56:47.0613 2808 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:56:47.0628 2808 Winmgmt - ok
18:56:47.0706 2808 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:56:47.0784 2808 WinRM - ok
18:56:47.0815 2808 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:56:47.0847 2808 WinUsb - ok
18:56:47.0909 2808 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:56:47.0971 2808 Wlansvc - ok
18:56:48.0112 2808 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:56:48.0174 2808 wlidsvc - ok
18:56:48.0221 2808 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:56:48.0252 2808 WmiAcpi - ok
18:56:48.0283 2808 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:56:48.0315 2808 wmiApSrv - ok
18:56:48.0361 2808 WMPNetworkSvc - ok
18:56:48.0361 2808 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:56:48.0393 2808 WPCSvc - ok
18:56:48.0424 2808 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:56:48.0471 2808 WPDBusEnum - ok
18:56:48.0502 2808 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:56:48.0549 2808 ws2ifsl - ok
18:56:48.0580 2808 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:56:48.0611 2808 wscsvc - ok
18:56:48.0611 2808 WSearch - ok
18:56:48.0705 2808 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:56:48.0767 2808 wuauserv - ok
18:56:48.0798 2808 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:56:48.0829 2808 WudfPf - ok
18:56:48.0892 2808 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:56:48.0939 2808 WUDFRd - ok
18:56:48.0985 2808 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:56:49.0017 2808 wudfsvc - ok
18:56:49.0032 2808 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:56:49.0048 2808 WwanSvc - ok
18:56:49.0063 2808 ================ Scan global ===============================
18:56:49.0095 2808 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:56:49.0126 2808 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:56:49.0204 2808 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:56:49.0235 2808 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:56:49.0251 2808 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:56:49.0266 2808 [Global] - ok
18:56:49.0266 2808 ================ Scan MBR ==================================
18:56:49.0282 2808 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:56:49.0531 2808 \Device\Harddisk0\DR0 - ok
18:56:49.0531 2808 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:56:49.0594 2808 \Device\Harddisk1\DR1 - ok
18:56:49.0594 2808 ================ Scan VBR ==================================
18:56:49.0594 2808 [ CC1DD58C3716E012356507B9A37C8DD1 ] \Device\Harddisk0\DR0\Partition1
18:56:49.0594 2808 \Device\Harddisk0\DR0\Partition1 - ok
18:56:49.0594 2808 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
18:56:49.0594 2808 \Device\Harddisk1\DR1\Partition1 - ok
18:56:49.0594 2808 [ 520B4EE6481BEABE71527B90A3B512CA ] \Device\Harddisk1\DR1\Partition2
18:56:49.0594 2808 \Device\Harddisk1\DR1\Partition2 - ok
18:56:49.0594 2808 ============================================================
18:56:49.0594 2808 Scan finished
18:56:49.0594 2808 ============================================================
18:56:49.0609 2792 Detected object count: 2
18:56:49.0609 2792 Actual detected object count: 2
|
|
20.09.2012, 10:08
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Log ist unvollständig, die untere Zusammenfassung fehlt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.09.2012, 19:06
| #21 |
| | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Ich hab den Scan widerholt. Hier ist das neue log: Code:
ATTFilter 20:03:27.0650 1576 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:03:27.0743 1576 ============================================================
20:03:27.0743 1576 Current date / time: 2012/09/21 20:03:27.0743
20:03:27.0743 1576 SystemInfo:
20:03:27.0743 1576
20:03:27.0743 1576 OS Version: 6.1.7601 ServicePack: 1.0
20:03:27.0743 1576 Product type: Workstation
20:03:27.0743 1576 ComputerName: ROBERTOBUCHER
20:03:27.0743 1576 UserName: Roberto Bucher
20:03:27.0743 1576 Windows directory: C:\Windows
20:03:27.0743 1576 System windows directory: C:\Windows
20:03:27.0743 1576 Running under WOW64
20:03:27.0743 1576 Processor architecture: Intel x64
20:03:27.0743 1576 Number of processors: 6
20:03:27.0743 1576 Page size: 0x1000
20:03:27.0743 1576 Boot type: Normal boot
20:03:27.0743 1576 ============================================================
20:03:30.0583 1576 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:03:30.0583 1576 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:03:30.0614 1576 ============================================================
20:03:30.0614 1576 \Device\Harddisk0\DR0:
20:03:30.0614 1576 MBR partitions:
20:03:30.0614 1576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
20:03:30.0614 1576 \Device\Harddisk1\DR1:
20:03:30.0614 1576 GPT partitions:
20:03:30.0614 1576 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C88BB10F-D891-4913-901F-EFDCAC6BA2C1}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
20:03:30.0614 1576 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0DDBE58B-3115-4B38-969F-B040F5625273}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
20:03:30.0614 1576 MBR partitions:
20:03:30.0614 1576 ============================================================
20:03:30.0629 1576 C: <-> \Device\Harddisk0\DR0\Partition1
20:03:30.0676 1576 K: <-> \Device\Harddisk1\DR1\Partition2
20:03:30.0676 1576 ============================================================
20:03:30.0676 1576 Initialize success
20:03:30.0676 1576 ============================================================
20:03:56.0477 2476 ============================================================
20:03:56.0477 2476 Scan started
20:03:56.0477 2476 Mode: Manual; SigCheck; TDLFS;
20:03:56.0477 2476 ============================================================
20:03:57.0039 2476 ================ Scan system memory ========================
20:03:57.0039 2476 System memory - ok
20:03:57.0039 2476 ================ Scan services =============================
20:03:57.0226 2476 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:03:57.0335 2476 1394ohci - ok
20:03:57.0445 2476 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:03:57.0523 2476 ACPI - ok
20:03:57.0632 2476 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:03:57.0975 2476 AcpiPmi - ok
20:03:58.0193 2476 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:03:58.0193 2476 AdobeARMservice - ok
20:03:58.0443 2476 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:03:58.0459 2476 AdobeFlashPlayerUpdateSvc - ok
20:03:58.0568 2476 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:03:58.0630 2476 adp94xx - ok
20:03:58.0708 2476 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:03:58.0755 2476 adpahci - ok
20:03:58.0802 2476 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:03:58.0864 2476 adpu320 - ok
20:03:58.0911 2476 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:03:59.0192 2476 AeLookupSvc - ok
20:03:59.0285 2476 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:03:59.0426 2476 AFD - ok
20:03:59.0519 2476 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:03:59.0535 2476 agp440 - ok
20:03:59.0597 2476 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:03:59.0738 2476 ALG - ok
20:03:59.0785 2476 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:03:59.0800 2476 aliide - ok
20:03:59.0909 2476 [ 5C8C9AAB596582AFFD94939917D8FB13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:04:00.0190 2476 AMD External Events Utility - ok
20:04:00.0253 2476 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:04:00.0268 2476 amdide - ok
20:04:00.0315 2476 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:04:00.0471 2476 AmdK8 - ok
20:04:00.0845 2476 [ 538B0A6E89ACA1929668F9EB95D3C0BC ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:04:01.0079 2476 amdkmdag - ok
20:04:01.0204 2476 [ 977286B382FE0920F379A69C351A7AF4 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:04:01.0298 2476 amdkmdap - ok
20:04:01.0376 2476 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:04:01.0438 2476 AmdPPM - ok
20:04:01.0516 2476 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:04:01.0579 2476 amdsata - ok
20:04:01.0657 2476 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:04:01.0703 2476 amdsbs - ok
20:04:01.0781 2476 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:04:01.0781 2476 amdxata - ok
20:04:01.0891 2476 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
20:04:01.0984 2476 androidusb - ok
20:04:02.0093 2476 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:04:02.0390 2476 AppID - ok
20:04:02.0452 2476 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:04:02.0530 2476 AppIDSvc - ok
20:04:02.0593 2476 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:04:02.0717 2476 Appinfo - ok
20:04:02.0827 2476 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:04:02.0983 2476 AppMgmt - ok
20:04:03.0076 2476 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:04:03.0123 2476 arc - ok
20:04:03.0170 2476 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:04:03.0185 2476 arcsas - ok
20:04:03.0279 2476 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:04:03.0373 2476 AsyncMac - ok
20:04:03.0435 2476 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:04:03.0451 2476 atapi - ok
20:04:03.0575 2476 [ CBE5F8B3E54198F5DFE403A55A95DE08 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
20:04:03.0591 2476 AtiHDAudioService - ok
20:04:03.0763 2476 [ 538B0A6E89ACA1929668F9EB95D3C0BC ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:04:03.0841 2476 atikmdag - ok
20:04:03.0903 2476 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
20:04:03.0903 2476 atksgt - ok
20:04:03.0981 2476 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:04:04.0059 2476 AudioEndpointBuilder - ok
20:04:04.0090 2476 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:04:04.0121 2476 AudioSrv - ok
20:04:04.0168 2476 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:04:04.0246 2476 AxInstSV - ok
20:04:04.0293 2476 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:04:04.0355 2476 b06bdrv - ok
20:04:04.0387 2476 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:04:04.0449 2476 b57nd60a - ok
20:04:04.0496 2476 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:04:04.0558 2476 BDESVC - ok
20:04:04.0558 2476 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:04:04.0621 2476 Beep - ok
20:04:04.0699 2476 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:04:04.0745 2476 BFE - ok
20:04:04.0948 2476 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120919.001\BHDrvx64.sys
20:04:04.0995 2476 BHDrvx64 - ok
20:04:05.0026 2476 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:04:05.0104 2476 BITS - ok
20:04:05.0135 2476 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:04:05.0167 2476 blbdrive - ok
20:04:05.0229 2476 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:04:05.0307 2476 bowser - ok
20:04:05.0354 2476 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:04:05.0619 2476 BrFiltLo - ok
20:04:05.0650 2476 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:04:05.0666 2476 BrFiltUp - ok
20:04:05.0713 2476 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:04:05.0759 2476 Browser - ok
20:04:05.0837 2476 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:04:05.0947 2476 Brserid - ok
20:04:05.0947 2476 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:04:05.0978 2476 BrSerWdm - ok
20:04:06.0009 2476 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:04:06.0040 2476 BrUsbMdm - ok
20:04:06.0071 2476 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:04:06.0071 2476 BrUsbSer - ok
20:04:06.0118 2476 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:04:06.0165 2476 BthEnum - ok
20:04:06.0196 2476 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:04:06.0227 2476 BTHMODEM - ok
20:04:06.0259 2476 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:04:06.0305 2476 BthPan - ok
20:04:06.0415 2476 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:04:06.0539 2476 BTHPORT - ok
20:04:06.0571 2476 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:04:06.0664 2476 bthserv - ok
20:04:06.0742 2476 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:04:06.0805 2476 BTHUSB - ok
20:04:06.0929 2476 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
20:04:06.0929 2476 ccSet_N360 - ok
20:04:06.0976 2476 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:04:07.0023 2476 cdfs - ok
20:04:07.0070 2476 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:04:07.0101 2476 cdrom - ok
20:04:07.0163 2476 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:04:07.0226 2476 CertPropSvc - ok
20:04:07.0257 2476 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:04:07.0257 2476 circlass - ok
20:04:07.0304 2476 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:04:07.0319 2476 CLFS - ok
20:04:07.0382 2476 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:04:07.0397 2476 clr_optimization_v2.0.50727_32 - ok
20:04:07.0444 2476 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:04:07.0444 2476 clr_optimization_v2.0.50727_64 - ok
20:04:07.0538 2476 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:04:07.0538 2476 clr_optimization_v4.0.30319_32 - ok
20:04:07.0600 2476 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:04:07.0616 2476 clr_optimization_v4.0.30319_64 - ok
20:04:07.0631 2476 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:04:07.0678 2476 CmBatt - ok
20:04:07.0709 2476 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:04:07.0709 2476 cmdide - ok
20:04:07.0772 2476 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:04:07.0803 2476 CNG - ok
20:04:07.0834 2476 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:04:07.0834 2476 Compbatt - ok
20:04:07.0881 2476 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:04:07.0912 2476 CompositeBus - ok
20:04:07.0928 2476 COMSysApp - ok
20:04:07.0943 2476 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:04:07.0959 2476 crcdisk - ok
20:04:08.0006 2476 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:04:08.0037 2476 CryptSvc - ok
20:04:08.0084 2476 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
20:04:08.0115 2476 CSC - ok
20:04:08.0177 2476 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
20:04:08.0224 2476 CscService - ok
20:04:08.0271 2476 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:04:08.0333 2476 DcomLaunch - ok
20:04:08.0396 2476 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:04:08.0443 2476 defragsvc - ok
20:04:08.0505 2476 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:04:08.0552 2476 DfsC - ok
20:04:08.0614 2476 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:04:08.0677 2476 Dhcp - ok
20:04:08.0708 2476 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:04:08.0755 2476 discache - ok
20:04:08.0801 2476 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:04:08.0801 2476 Disk - ok
20:04:08.0848 2476 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:04:08.0911 2476 Dnscache - ok
20:04:08.0957 2476 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:04:09.0004 2476 dot3svc - ok
20:04:09.0051 2476 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:04:09.0098 2476 DPS - ok
20:04:09.0129 2476 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:04:09.0160 2476 drmkaud - ok
20:04:09.0238 2476 [ E5B95C75557120881076C45CD146D72C ] DvmMDES C:\ASUS.SYS\config\DVMExportService.exe
20:04:09.0285 2476 DvmMDES ( UnsignedFile.Multi.Generic ) - warning
20:04:09.0285 2476 DvmMDES - detected UnsignedFile.Multi.Generic (1)
20:04:09.0332 2476 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:04:09.0379 2476 DXGKrnl - ok
20:04:09.0410 2476 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:04:09.0457 2476 EapHost - ok
20:04:09.0535 2476 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:04:09.0644 2476 ebdrv - ok
20:04:09.0753 2476 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:04:09.0769 2476 eeCtrl - ok
20:04:09.0815 2476 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:04:09.0878 2476 EFS - ok
20:04:09.0925 2476 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:04:09.0987 2476 ehRecvr - ok
20:04:10.0018 2476 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:04:10.0081 2476 ehSched - ok
20:04:10.0127 2476 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:04:10.0159 2476 elxstor - ok
20:04:10.0221 2476 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:04:10.0221 2476 EraserUtilRebootDrv - ok
20:04:10.0252 2476 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:04:10.0283 2476 ErrDev - ok
20:04:10.0330 2476 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:04:10.0393 2476 EventSystem - ok
20:04:10.0408 2476 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:04:10.0455 2476 exfat - ok
20:04:10.0486 2476 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:04:10.0533 2476 fastfat - ok
20:04:10.0595 2476 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:04:10.0673 2476 Fax - ok
20:04:10.0689 2476 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:04:10.0689 2476 fdc - ok
20:04:10.0705 2476 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:04:10.0751 2476 fdPHost - ok
20:04:10.0783 2476 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:04:10.0829 2476 FDResPub - ok
20:04:10.0861 2476 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:04:10.0861 2476 FileInfo - ok
20:04:10.0861 2476 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:04:10.0907 2476 Filetrace - ok
20:04:10.0923 2476 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:04:10.0939 2476 flpydisk - ok
20:04:10.0985 2476 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:04:11.0001 2476 FltMgr - ok
20:04:11.0048 2476 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:04:11.0126 2476 FontCache - ok
20:04:11.0173 2476 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:04:11.0188 2476 FontCache3.0.0.0 - ok
20:04:11.0204 2476 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:04:11.0219 2476 FsDepends - ok
20:04:11.0251 2476 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:04:11.0266 2476 Fs_Rec - ok
20:04:11.0313 2476 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:04:11.0329 2476 fvevol - ok
20:04:11.0344 2476 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:04:11.0344 2476 gagp30kx - ok
20:04:11.0407 2476 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:04:11.0469 2476 gpsvc - ok
20:04:11.0578 2476 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:04:11.0578 2476 gupdate - ok
20:04:11.0609 2476 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:04:11.0609 2476 gupdatem - ok
20:04:11.0625 2476 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:04:11.0687 2476 hcw85cir - ok
20:04:11.0734 2476 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:04:11.0765 2476 HdAudAddService - ok
20:04:11.0843 2476 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:04:11.0875 2476 HDAudBus - ok
20:04:11.0906 2476 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:04:11.0937 2476 HidBatt - ok
20:04:11.0968 2476 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:04:11.0968 2476 HidBth - ok
20:04:11.0984 2476 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:04:12.0015 2476 HidIr - ok
20:04:12.0046 2476 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:04:12.0093 2476 hidserv - ok
20:04:12.0155 2476 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:04:12.0155 2476 HidUsb - ok
20:04:12.0202 2476 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:04:12.0233 2476 hkmsvc - ok
20:04:12.0280 2476 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:04:12.0343 2476 HomeGroupListener - ok
20:04:12.0389 2476 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:04:12.0421 2476 HomeGroupProvider - ok
20:04:12.0452 2476 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:04:12.0467 2476 HpSAMD - ok
20:04:12.0530 2476 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:04:12.0592 2476 HTTP - ok
20:04:12.0623 2476 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:04:12.0623 2476 hwpolicy - ok
20:04:12.0639 2476 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:04:12.0655 2476 i8042prt - ok
20:04:12.0717 2476 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:04:12.0733 2476 iaStorV - ok
20:04:12.0842 2476 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:04:12.0842 2476 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:04:12.0842 2476 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:04:12.0920 2476 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:04:12.0951 2476 idsvc - ok
20:04:13.0045 2476 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120920.002\IDSvia64.sys
20:04:13.0060 2476 IDSVia64 - ok
20:04:13.0107 2476 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:04:13.0107 2476 iirsp - ok
20:04:13.0138 2476 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:04:13.0201 2476 IKEEXT - ok
20:04:13.0294 2476 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:04:13.0357 2476 IntcAzAudAddService - ok
20:04:13.0372 2476 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:04:13.0372 2476 intelide - ok
20:04:13.0388 2476 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:04:13.0403 2476 intelppm - ok
20:04:13.0419 2476 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:04:13.0481 2476 IPBusEnum - ok
20:04:13.0513 2476 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:04:13.0559 2476 IpFilterDriver - ok
20:04:13.0606 2476 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:04:13.0653 2476 iphlpsvc - ok
20:04:13.0684 2476 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:04:13.0700 2476 IPMIDRV - ok
20:04:13.0715 2476 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:04:13.0762 2476 IPNAT - ok
20:04:13.0793 2476 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:04:13.0871 2476 IRENUM - ok
20:04:13.0903 2476 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:04:13.0918 2476 isapnp - ok
20:04:13.0949 2476 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:04:13.0965 2476 iScsiPrt - ok
20:04:13.0996 2476 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:04:14.0012 2476 kbdclass - ok
20:04:14.0074 2476 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:04:14.0105 2476 kbdhid - ok
20:04:14.0137 2476 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:04:14.0152 2476 KeyIso - ok
20:04:14.0183 2476 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:04:14.0199 2476 KSecDD - ok
20:04:14.0230 2476 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:04:14.0246 2476 KSecPkg - ok
20:04:14.0261 2476 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:04:14.0308 2476 ksthunk - ok
20:04:14.0355 2476 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:04:14.0417 2476 KtmRm - ok
20:04:14.0495 2476 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:04:14.0527 2476 LanmanServer - ok
20:04:14.0573 2476 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:04:14.0620 2476 LanmanWorkstation - ok
20:04:14.0698 2476 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
20:04:14.0714 2476 lirsgt - ok
20:04:14.0729 2476 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:04:14.0776 2476 lltdio - ok
20:04:14.0823 2476 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:04:14.0870 2476 lltdsvc - ok
20:04:14.0885 2476 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:04:14.0917 2476 lmhosts - ok
20:04:14.0948 2476 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:04:14.0948 2476 LSI_FC - ok
20:04:14.0963 2476 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:04:14.0979 2476 LSI_SAS - ok
20:04:14.0979 2476 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:04:14.0995 2476 LSI_SAS2 - ok
20:04:15.0026 2476 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:04:15.0026 2476 LSI_SCSI - ok
20:04:15.0041 2476 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:04:15.0088 2476 luafv - ok
20:04:15.0166 2476 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:04:15.0182 2476 MBAMProtector - ok
20:04:15.0260 2476 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:04:15.0275 2476 MBAMScheduler - ok
20:04:15.0338 2476 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:04:15.0353 2476 MBAMService - ok
20:04:15.0416 2476 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:04:15.0447 2476 Mcx2Svc - ok
20:04:15.0463 2476 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:04:15.0478 2476 megasas - ok
20:04:15.0494 2476 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:04:15.0509 2476 MegaSR - ok
20:04:15.0525 2476 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:04:15.0572 2476 MMCSS - ok
20:04:15.0587 2476 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:04:15.0634 2476 Modem - ok
20:04:15.0665 2476 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:04:15.0712 2476 monitor - ok
20:04:15.0743 2476 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:04:15.0759 2476 mouclass - ok
20:04:15.0790 2476 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:04:15.0821 2476 mouhid - ok
20:04:15.0853 2476 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:04:15.0868 2476 mountmgr - ok
20:04:15.0946 2476 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:04:15.0946 2476 MozillaMaintenance - ok
20:04:15.0962 2476 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:04:15.0977 2476 mpio - ok
20:04:16.0009 2476 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:04:16.0024 2476 mpsdrv - ok
20:04:16.0087 2476 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:04:16.0149 2476 MpsSvc - ok
20:04:16.0180 2476 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:04:16.0227 2476 MRxDAV - ok
20:04:16.0258 2476 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:04:16.0289 2476 mrxsmb - ok
20:04:16.0321 2476 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:04:16.0352 2476 mrxsmb10 - ok
20:04:16.0399 2476 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:04:16.0414 2476 mrxsmb20 - ok
20:04:16.0445 2476 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:04:16.0461 2476 msahci - ok
20:04:16.0492 2476 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:04:16.0508 2476 msdsm - ok
20:04:16.0539 2476 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:04:16.0555 2476 MSDTC - ok
20:04:16.0601 2476 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:04:16.0617 2476 Msfs - ok
20:04:16.0633 2476 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:04:16.0679 2476 mshidkmdf - ok
20:04:16.0711 2476 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:04:16.0726 2476 msisadrv - ok
20:04:16.0757 2476 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:04:16.0804 2476 MSiSCSI - ok
20:04:16.0804 2476 msiserver - ok
20:04:16.0851 2476 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:04:16.0882 2476 MSKSSRV - ok
20:04:16.0913 2476 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:04:16.0960 2476 MSPCLOCK - ok
20:04:16.0991 2476 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:04:17.0038 2476 MSPQM - ok
20:04:17.0085 2476 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:04:17.0101 2476 MsRPC - ok
20:04:17.0116 2476 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:04:17.0116 2476 mssmbios - ok
20:04:17.0132 2476 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:04:17.0179 2476 MSTEE - ok
20:04:17.0179 2476 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:04:17.0194 2476 MTConfig - ok
20:04:17.0257 2476 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
20:04:17.0272 2476 MTsensor - ok
20:04:17.0288 2476 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:04:17.0303 2476 Mup - ok
20:04:17.0397 2476 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
20:04:17.0397 2476 N360 - ok
20:04:17.0459 2476 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:04:17.0522 2476 napagent - ok
20:04:17.0553 2476 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:04:17.0584 2476 NativeWifiP - ok
20:04:17.0693 2476 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120921.002\ENG64.SYS
20:04:17.0709 2476 NAVENG - ok
20:04:17.0771 2476 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120921.002\EX64.SYS
20:04:17.0787 2476 NAVEX15 - ok
20:04:17.0849 2476 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:04:17.0881 2476 NDIS - ok
20:04:17.0912 2476 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:04:17.0959 2476 NdisCap - ok
20:04:17.0990 2476 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:04:18.0037 2476 NdisTapi - ok
20:04:18.0099 2476 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:04:18.0146 2476 Ndisuio - ok
20:04:18.0193 2476 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:04:18.0239 2476 NdisWan - ok
20:04:18.0271 2476 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:04:18.0317 2476 NDProxy - ok
20:04:18.0333 2476 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:04:18.0380 2476 NetBIOS - ok
20:04:18.0427 2476 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:04:18.0458 2476 NetBT - ok
20:04:18.0489 2476 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:04:18.0505 2476 Netlogon - ok
20:04:18.0536 2476 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:04:18.0598 2476 Netman - ok
20:04:18.0629 2476 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:04:18.0692 2476 netprofm - ok
20:04:18.0723 2476 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:04:18.0739 2476 NetTcpPortSharing - ok
20:04:18.0754 2476 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:04:18.0770 2476 nfrd960 - ok
20:04:18.0817 2476 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:04:18.0848 2476 NlaSvc - ok
20:04:18.0863 2476 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:04:18.0895 2476 Npfs - ok
20:04:18.0941 2476 [ 95A2AB418251A3B2A2571CDE880B80D0 ] npusbio C:\Windows\system32\Drivers\npusbio_x64.sys
20:04:18.0957 2476 npusbio - ok
20:04:18.0973 2476 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:04:19.0019 2476 nsi - ok
20:04:19.0051 2476 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:04:19.0097 2476 nsiproxy - ok
20:04:19.0160 2476 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:04:19.0222 2476 Ntfs - ok
20:04:19.0222 2476 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:04:19.0269 2476 Null - ok
20:04:19.0300 2476 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:04:19.0347 2476 NVENETFD - ok
20:04:19.0409 2476 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:04:19.0425 2476 nvraid - ok
20:04:19.0456 2476 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:04:19.0472 2476 nvstor - ok
20:04:19.0503 2476 [ 0996A440D510904B79935A91155B0E4C ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
20:04:19.0519 2476 nvstor64 - ok
20:04:19.0565 2476 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:04:19.0565 2476 nv_agp - ok
20:04:19.0784 2476 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:04:19.0799 2476 odserv - ok
20:04:19.0846 2476 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:04:19.0893 2476 ohci1394 - ok
20:04:20.0002 2476 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:04:20.0002 2476 ose - ok
20:04:20.0143 2476 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:04:20.0236 2476 p2pimsvc - ok
20:04:20.0392 2476 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:04:20.0408 2476 p2psvc - ok
20:04:20.0439 2476 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:04:20.0455 2476 Parport - ok
20:04:20.0517 2476 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:04:20.0548 2476 partmgr - ok
20:04:20.0657 2476 [ 48923E83DEB29BFFE63DC4BD220F6031 ] PayPen C:\Windows\system32\Drivers\PayPen.sys
20:04:20.0673 2476 PayPen - ok
20:04:20.0673 2476 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:04:20.0720 2476 PcaSvc - ok
20:04:20.0751 2476 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:04:20.0751 2476 pci - ok
20:04:20.0798 2476 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:04:20.0813 2476 pciide - ok
20:04:20.0829 2476 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:04:20.0845 2476 pcmcia - ok
20:04:20.0860 2476 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:04:20.0876 2476 pcw - ok
20:04:20.0891 2476 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:04:20.0954 2476 PEAUTH - ok
20:04:21.0016 2476 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:04:21.0110 2476 PeerDistSvc - ok
20:04:21.0125 2476 pendfu - ok
20:04:21.0203 2476 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:04:21.0235 2476 PerfHost - ok
20:04:21.0313 2476 [ 1E81496AFF9D7FA2B4C4032B746DE5B9 ] Ph3xIB64 C:\Windows\system32\DRIVERS\Ph3xIB64.sys
20:04:21.0359 2476 Ph3xIB64 - ok
20:04:21.0422 2476 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:04:21.0500 2476 pla - ok
20:04:21.0547 2476 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:04:21.0578 2476 PlugPlay - ok
20:04:21.0609 2476 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:04:21.0609 2476 PNRPAutoReg - ok
20:04:21.0640 2476 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:04:21.0640 2476 PNRPsvc - ok
20:04:21.0687 2476 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:04:21.0749 2476 PolicyAgent - ok
20:04:21.0796 2476 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:04:21.0843 2476 Power - ok
20:04:21.0905 2476 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:04:21.0921 2476 PptpMiniport - ok
20:04:21.0952 2476 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:04:21.0983 2476 Processor - ok
20:04:22.0015 2476 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:04:22.0030 2476 ProfSvc - ok
20:04:22.0046 2476 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:04:22.0046 2476 ProtectedStorage - ok
20:04:22.0093 2476 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:04:22.0139 2476 Psched - ok
20:04:22.0186 2476 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:04:22.0249 2476 ql2300 - ok
20:04:22.0264 2476 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:04:22.0264 2476 ql40xx - ok
20:04:22.0280 2476 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:04:22.0327 2476 QWAVE - ok
20:04:22.0342 2476 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:04:22.0373 2476 QWAVEdrv - ok
20:04:22.0405 2476 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:04:22.0451 2476 RasAcd - ok
20:04:22.0498 2476 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:04:22.0529 2476 RasAgileVpn - ok
20:04:22.0545 2476 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:04:22.0576 2476 RasAuto - ok
20:04:22.0607 2476 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:04:22.0654 2476 Rasl2tp - ok
20:04:22.0717 2476 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:04:22.0763 2476 RasMan - ok
20:04:22.0810 2476 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:04:22.0841 2476 RasPppoe - ok
20:04:22.0873 2476 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:04:22.0919 2476 RasSstp - ok
20:04:22.0982 2476 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:04:23.0013 2476 rdbss - ok
20:04:23.0044 2476 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:04:23.0091 2476 rdpbus - ok
20:04:23.0107 2476 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:04:23.0153 2476 RDPCDD - ok
20:04:23.0185 2476 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:04:23.0216 2476 RDPDR - ok
20:04:23.0231 2476 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:04:23.0278 2476 RDPENCDD - ok
20:04:23.0309 2476 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:04:23.0325 2476 RDPREFMP - ok
20:04:23.0372 2476 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:04:23.0403 2476 RDPWD - ok
20:04:23.0450 2476 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:04:23.0465 2476 rdyboost - ok
20:04:23.0481 2476 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:04:23.0528 2476 RemoteAccess - ok
20:04:23.0575 2476 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:04:23.0621 2476 RemoteRegistry - ok
20:04:23.0684 2476 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:04:23.0715 2476 RFCOMM - ok
20:04:23.0746 2476 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:04:23.0793 2476 RpcEptMapper - ok
20:04:23.0824 2476 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:04:23.0840 2476 RpcLocator - ok
20:04:23.0855 2476 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:04:23.0887 2476 RpcSs - ok
20:04:23.0918 2476 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:04:23.0965 2476 rspndr - ok
20:04:24.0027 2476 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:04:24.0058 2476 RTL8167 - ok
20:04:24.0089 2476 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:04:24.0152 2476 s3cap - ok
20:04:24.0167 2476 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:04:24.0167 2476 SamSs - ok
20:04:24.0214 2476 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:04:24.0230 2476 sbp2port - ok
20:04:24.0245 2476 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:04:24.0292 2476 SCardSvr - ok
20:04:24.0323 2476 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:04:24.0370 2476 scfilter - ok
20:04:24.0433 2476 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:04:24.0495 2476 Schedule - ok
20:04:24.0542 2476 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:04:24.0557 2476 SCPolicySvc - ok
20:04:24.0589 2476 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:04:24.0651 2476 SDRSVC - ok
20:04:24.0667 2476 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:04:24.0698 2476 secdrv - ok
20:04:24.0745 2476 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:04:24.0791 2476 seclogon - ok
20:04:24.0823 2476 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:04:24.0869 2476 SENS - ok
20:04:24.0901 2476 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:04:24.0932 2476 SensrSvc - ok
20:04:24.0963 2476 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:04:24.0979 2476 Serenum - ok
20:04:24.0994 2476 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:04:25.0025 2476 Serial - ok
20:04:25.0088 2476 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:04:25.0103 2476 sermouse - ok
20:04:25.0135 2476 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:04:25.0166 2476 SessionEnv - ok
20:04:25.0213 2476 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:04:25.0244 2476 sffdisk - ok
20:04:25.0259 2476 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:04:25.0291 2476 sffp_mmc - ok
20:04:25.0322 2476 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:04:25.0353 2476 sffp_sd - ok
20:04:25.0384 2476 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:04:25.0384 2476 sfloppy - ok
20:04:25.0415 2476 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:04:25.0478 2476 SharedAccess - ok
20:04:25.0540 2476 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:04:25.0603 2476 ShellHWDetection - ok
20:04:25.0634 2476 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:04:25.0634 2476 SiSRaid2 - ok
20:04:25.0649 2476 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:04:25.0665 2476 SiSRaid4 - ok
20:04:25.0696 2476 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:04:25.0743 2476 Smb - ok
20:04:25.0790 2476 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:04:25.0790 2476 SNMPTRAP - ok
20:04:25.0821 2476 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:04:25.0837 2476 spldr - ok
20:04:25.0868 2476 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:04:25.0915 2476 Spooler - ok
20:04:26.0024 2476 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:04:26.0133 2476 sppsvc - ok
20:04:26.0195 2476 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:04:26.0242 2476 sppuinotify - ok
20:04:26.0367 2476 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
20:04:26.0383 2476 SRTSP - ok
20:04:26.0398 2476 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
20:04:26.0398 2476 SRTSPX - ok
20:04:26.0445 2476 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:04:26.0507 2476 srv - ok
20:04:26.0570 2476 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:04:26.0617 2476 srv2 - ok
20:04:26.0632 2476 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:04:26.0663 2476 srvnet - ok
20:04:26.0819 2476 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:04:26.0913 2476 ssadbus - ok
20:04:26.0975 2476 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:04:27.0022 2476 ssadmdfl - ok
20:04:27.0053 2476 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:04:27.0085 2476 ssadmdm - ok
20:04:27.0147 2476 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:04:27.0163 2476 ssadserd - ok
20:04:27.0194 2476 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:04:27.0241 2476 SSDPSRV - ok
20:04:27.0272 2476 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:04:27.0303 2476 SstpSvc - ok
20:04:27.0319 2476 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:04:27.0319 2476 stexstor - ok
20:04:27.0381 2476 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:04:27.0443 2476 stisvc - ok
20:04:27.0475 2476 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:04:27.0490 2476 storflt - ok
20:04:27.0506 2476 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
20:04:27.0568 2476 StorSvc - ok
20:04:27.0584 2476 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:04:27.0584 2476 storvsc - ok
20:04:27.0631 2476 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:04:27.0631 2476 swenum - ok
20:04:27.0662 2476 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:04:27.0724 2476 swprv - ok
20:04:27.0787 2476 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
20:04:27.0818 2476 SymDS - ok
20:04:27.0880 2476 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
20:04:27.0927 2476 SymEFA - ok
20:04:27.0989 2476 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:04:27.0989 2476 SymEvent - ok
20:04:28.0052 2476 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
20:04:28.0052 2476 SymIRON - ok
20:04:28.0114 2476 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
20:04:28.0130 2476 SymNetS - ok
20:04:28.0208 2476 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:04:28.0286 2476 SysMain - ok
20:04:28.0333 2476 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:04:28.0364 2476 TabletInputService - ok
20:04:28.0411 2476 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:04:28.0457 2476 TapiSrv - ok
20:04:28.0504 2476 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:04:28.0551 2476 TBS - ok
20:04:28.0613 2476 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:04:28.0676 2476 Tcpip - ok
20:04:28.0738 2476 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:04:28.0754 2476 TCPIP6 - ok
20:04:28.0801 2476 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:04:28.0832 2476 tcpipreg - ok
20:04:28.0863 2476 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:04:28.0910 2476 TDPIPE - ok
20:04:28.0957 2476 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:04:28.0988 2476 TDTCP - ok
20:04:29.0035 2476 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:04:29.0050 2476 tdx - ok
20:04:29.0097 2476 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:04:29.0113 2476 TermDD - ok
20:04:29.0159 2476 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:04:29.0237 2476 TermService - ok
20:04:29.0253 2476 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:04:29.0315 2476 Themes - ok
20:04:29.0362 2476 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:04:29.0378 2476 THREADORDER - ok
20:04:29.0471 2476 [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
20:04:29.0471 2476 TOSHIBA Bluetooth Service - ok
20:04:29.0518 2476 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
20:04:29.0518 2476 tosporte - ok
20:04:29.0565 2476 [ 0ADC36861F0D11A916EF78995272FDB7 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
20:04:29.0581 2476 tosrfbd - ok
20:04:29.0581 2476 [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
20:04:29.0596 2476 tosrfbnp - ok
20:04:29.0612 2476 [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
20:04:29.0612 2476 Tosrfcom - ok
20:04:29.0627 2476 [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
20:04:29.0643 2476 Tosrfhid - ok
20:04:29.0659 2476 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
20:04:29.0659 2476 tosrfnds - ok
20:04:29.0674 2476 [ E1E045240C1184FA6628F3C7E7FF85D8 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
20:04:29.0690 2476 TosRfSnd - ok
20:04:29.0721 2476 [ DA7AA562448E29CA895895920BFF8946 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
20:04:29.0737 2476 Tosrfusb - ok
20:04:29.0768 2476 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:04:29.0815 2476 TrkWks - ok
20:04:29.0877 2476 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:04:29.0924 2476 TrustedInstaller - ok
20:04:29.0971 2476 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:04:29.0986 2476 tssecsrv - ok
20:04:30.0049 2476 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:04:30.0095 2476 TsUsbFlt - ok
20:04:30.0158 2476 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:04:30.0205 2476 tunnel - ok
20:04:30.0236 2476 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:04:30.0251 2476 uagp35 - ok
20:04:30.0298 2476 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:04:30.0329 2476 udfs - ok
20:04:30.0345 2476 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:04:30.0376 2476 UI0Detect - ok
20:04:30.0392 2476 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:04:30.0407 2476 uliagpkx - ok
20:04:30.0454 2476 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:04:30.0485 2476 umbus - ok
20:04:30.0517 2476 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:04:30.0532 2476 UmPass - ok
20:04:30.0563 2476 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
20:04:30.0595 2476 UmRdpService - ok
20:04:30.0626 2476 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:04:30.0657 2476 upnphost - ok
20:04:30.0704 2476 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:04:30.0751 2476 usbccgp - ok
20:04:30.0813 2476 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:04:30.0844 2476 usbcir - ok
20:04:30.0875 2476 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:04:30.0891 2476 usbehci - ok
20:04:30.0938 2476 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:04:30.0985 2476 usbhub - ok
20:04:31.0016 2476 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:04:31.0047 2476 usbohci - ok
20:04:31.0078 2476 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:04:31.0094 2476 usbprint - ok
20:04:31.0141 2476 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:04:31.0156 2476 usbscan - ok
20:04:31.0187 2476 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:04:31.0234 2476 USBSTOR - ok
20:04:31.0281 2476 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:04:31.0297 2476 usbuhci - ok
20:04:31.0312 2476 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:04:31.0359 2476 UxSms - ok
20:04:31.0390 2476 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:04:31.0390 2476 VaultSvc - ok
20:04:31.0437 2476 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:04:31.0453 2476 vdrvroot - ok
20:04:31.0499 2476 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:04:31.0562 2476 vds - ok
20:04:31.0609 2476 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:04:31.0609 2476 vga - ok
20:04:31.0624 2476 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:04:31.0671 2476 VgaSave - ok
20:04:31.0702 2476 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:04:31.0718 2476 vhdmp - ok
20:04:31.0749 2476 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:04:31.0765 2476 viaide - ok
20:04:31.0796 2476 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:04:31.0811 2476 vmbus - ok
20:04:31.0843 2476 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:04:31.0874 2476 VMBusHID - ok
20:04:31.0905 2476 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:04:31.0905 2476 volmgr - ok
20:04:31.0952 2476 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:04:31.0967 2476 volmgrx - ok
20:04:31.0983 2476 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:04:31.0999 2476 volsnap - ok
20:04:32.0030 2476 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:04:32.0045 2476 vsmraid - ok
20:04:32.0108 2476 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:04:32.0201 2476 VSS - ok
20:04:32.0217 2476 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:04:32.0264 2476 vwifibus - ok
20:04:32.0311 2476 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:04:32.0342 2476 W32Time - ok
20:04:32.0357 2476 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:04:32.0389 2476 WacomPen - ok
20:04:32.0435 2476 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:04:32.0482 2476 WANARP - ok
20:04:32.0513 2476 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:04:32.0529 2476 Wanarpv6 - ok
20:04:32.0607 2476 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:04:32.0654 2476 WatAdminSvc - ok
20:04:32.0732 2476 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:04:32.0825 2476 wbengine - ok
20:04:32.0841 2476 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:04:32.0857 2476 WbioSrvc - ok
20:04:32.0903 2476 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:04:32.0935 2476 wcncsvc - ok
20:04:32.0966 2476 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:04:32.0981 2476 WcsPlugInService - ok
20:04:33.0013 2476 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:04:33.0013 2476 Wd - ok
20:04:33.0044 2476 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:04:33.0075 2476 Wdf01000 - ok
20:04:33.0091 2476 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:04:33.0184 2476 WdiServiceHost - ok
20:04:33.0184 2476 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:04:33.0200 2476 WdiSystemHost - ok
20:04:33.0247 2476 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:04:33.0278 2476 WebClient - ok
20:04:33.0309 2476 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:04:33.0356 2476 Wecsvc - ok
20:04:33.0387 2476 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:04:33.0434 2476 wercplsupport - ok
20:04:33.0465 2476 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:04:33.0512 2476 WerSvc - ok
20:04:33.0559 2476 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:04:33.0574 2476 WfpLwf - ok
20:04:33.0590 2476 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:04:33.0590 2476 WIMMount - ok
20:04:33.0605 2476 WinDefend - ok
20:04:33.0605 2476 WinHttpAutoProxySvc - ok
20:04:33.0652 2476 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:04:33.0683 2476 Winmgmt - ok
20:04:33.0746 2476 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:04:33.0824 2476 WinRM - ok
20:04:33.0871 2476 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:04:33.0902 2476 WinUsb - ok
20:04:33.0949 2476 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:04:34.0011 2476 Wlansvc - ok
20:04:34.0151 2476 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:04:34.0214 2476 wlidsvc - ok
20:04:34.0261 2476 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:04:34.0292 2476 WmiAcpi - ok
20:04:34.0323 2476 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:04:34.0354 2476 wmiApSrv - ok
20:04:34.0401 2476 WMPNetworkSvc - ok
20:04:34.0401 2476 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:04:34.0432 2476 WPCSvc - ok
20:04:34.0464 2476 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:04:34.0495 2476 WPDBusEnum - ok
20:04:34.0526 2476 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:04:34.0573 2476 ws2ifsl - ok
20:04:34.0604 2476 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:04:34.0635 2476 wscsvc - ok
20:04:34.0651 2476 WSearch - ok
20:04:34.0729 2476 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:04:34.0807 2476 wuauserv - ok
20:04:34.0822 2476 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:04:34.0869 2476 WudfPf - ok
20:04:34.0932 2476 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:04:34.0978 2476 WUDFRd - ok
20:04:35.0025 2476 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:04:35.0041 2476 wudfsvc - ok
20:04:35.0056 2476 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:04:35.0072 2476 WwanSvc - ok
20:04:35.0103 2476 ================ Scan global ===============================
20:04:35.0119 2476 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:04:35.0150 2476 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:04:35.0166 2476 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:04:35.0181 2476 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:04:35.0212 2476 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:04:35.0212 2476 [Global] - ok
20:04:35.0212 2476 ================ Scan MBR ==================================
20:04:35.0228 2476 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:04:35.0462 2476 \Device\Harddisk0\DR0 - ok
20:04:35.0462 2476 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:04:35.0524 2476 \Device\Harddisk1\DR1 - ok
20:04:35.0524 2476 ================ Scan VBR ==================================
20:04:35.0524 2476 [ CC1DD58C3716E012356507B9A37C8DD1 ] \Device\Harddisk0\DR0\Partition1
20:04:35.0524 2476 \Device\Harddisk0\DR0\Partition1 - ok
20:04:35.0524 2476 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
20:04:35.0524 2476 \Device\Harddisk1\DR1\Partition1 - ok
20:04:35.0524 2476 [ 520B4EE6481BEABE71527B90A3B512CA ] \Device\Harddisk1\DR1\Partition2
20:04:35.0524 2476 \Device\Harddisk1\DR1\Partition2 - ok
20:04:35.0524 2476 ============================================================
20:04:35.0524 2476 Scan finished
20:04:35.0524 2476 ============================================================
20:04:35.0540 2040 Detected object count: 2
20:04:35.0540 2040 Actual detected object count: 2
20:04:46.0257 2040 DvmMDES ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:46.0257 2040 DvmMDES ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:46.0257 2040 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:46.0257 2040 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
21.09.2012, 21:33
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.09.2012, 19:37
| #23 |
| | Ihr Computer wurde gesterrt - Entsperren Sie mit UkashCode:
ATTFilter ComboFix 12-09-24.03 - Roberto Bucher 25.09.2012 20:18:54.1.6 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.41.1031.18.8190.6259 [GMT 2:00]
ausgeführt von:: c:\users\Manu\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\SysWow64\log.html
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-25 bis 2012-09-25 ))))))))))))))))))))))))))))))
.
.
2012-09-25 18:23 . 2012-09-25 18:23 -------- d-----w- c:\users\Marc\AppData\Local\temp
2012-09-25 18:23 . 2012-09-25 18:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-18 16:42 . 2012-09-18 16:42 -------- d-----w- C:\_OTL
2012-09-16 08:03 . 2012-09-16 08:04 -------- d-----w- c:\users\Roberto
2012-09-15 12:24 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-09-15 12:24 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-09-14 18:06 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-14 18:06 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-14 18:06 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-14 18:06 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-14 18:06 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-14 18:06 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-14 18:06 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-13 17:54 . 2012-09-13 17:54 -------- d-----w- c:\program files (x86)\ESET
2012-09-12 15:34 . 2012-09-12 15:34 -------- d-----w- c:\users\Manu\AppData\Roaming\Malwarebytes
2012-09-11 19:18 . 2012-09-11 19:18 -------- d-----w- c:\users\Roberto Bucher\AppData\Roaming\Malwarebytes
2012-09-11 19:18 . 2012-09-11 19:18 -------- d-----w- c:\programdata\Malwarebytes
2012-09-11 19:18 . 2012-09-11 19:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-11 19:18 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-30 14:44 . 2012-09-18 16:54 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-08-29 19:26 . 2012-08-29 19:26 -------- d-----w- c:\users\Roberto Bucher\AppData\Local\Macromedia
2012-08-28 18:43 . 2008-09-25 15:00 309248 ----a-w- c:\windows\system32\CNAP2LMD.DLL
2012-08-28 18:43 . 2007-12-17 22:41 1257472 ----a-w- c:\windows\system32\CNAP1NSD.DLL
2012-08-28 18:43 . 2008-09-29 15:00 566784 ----a-w- c:\windows\system32\CNAC8EMD.DLL
2012-08-26 19:14 . 2012-08-26 19:14 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-08-26 19:14 . 2012-08-26 19:14 -------- d-----w- c:\program files\Symantec
2012-08-26 19:14 . 2012-08-26 19:14 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-08-26 19:12 . 2012-08-27 14:35 -------- d-----w- c:\windows\system32\drivers\N360x64
2012-08-26 19:12 . 2012-08-26 19:12 -------- d-----w- c:\program files (x86)\Norton 360
2012-08-26 19:11 . 2012-08-26 19:11 -------- d-----w- c:\program files (x86)\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-14 18:06 . 2011-01-16 19:34 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-29 19:19 . 2012-05-20 09:42 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-29 19:19 . 2011-07-04 15:55 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-18 18:15 . 2012-08-16 12:16 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 20:07 . 2012-08-16 12:21 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-04 22:16 . 2012-08-16 12:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-16 12:16 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-16 12:16 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-16 12:16 41984 ----a-w- c:\windows\SysWow64\browcli.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-29 250568]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-13 114144]
R3 npusbio;npusbio;c:\windows\system32\Drivers\npusbio_x64.sys [2009-12-17 45600]
R3 pendfu;PenDfu (pendfu.sys);c:\windows\system32\Drivers\pendfu.sys [x]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys [2009-06-10 1627520]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-14 1255736]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [2011-08-15 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [2012-08-31 1385120]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120922.001\IDSvia64.sys [2012-09-01 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [2011-11-16 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS [2011-11-16 405624]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 203264]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-10-16 319488]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe [2012-06-16 138272]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 7767040]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 279040]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-26 138912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 PayPen;PayPen;c:\windows\system32\Drivers\PayPen.sys [2008-01-14 20840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 19:19]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 19:34]
.
2012-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15 19:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bluewin.ch/index.html.de
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Roberto Bucher\AppData\Roaming\Mozilla\Firefox\Profiles\ap5eb59f.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Stöck Wyys Stich Platinum - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.3.0.14\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-25 20:25:44
ComboFix-quarantined-files.txt 2012-09-25 18:25
.
Vor Suchlauf: 10 Verzeichnis(se), 181'866'688'512 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 181'344'337'920 Bytes frei
.
- - End Of File - - 78564E1FC428ADC0598F489893F36A5B
|
|
26.09.2012, 10:03
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.10.2012, 19:23
| #25 |
| | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash GMER: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-02 19:45:21
Windows 6.1.7601 Service Pack 1
Running: gfmucpeb.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd508796
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd508796 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 20:07:37 on 02.10.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Unable to get information Scanner Settings [ ] Rootkits detection (hidden registry) [ ] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - ? - C:\Windows\Tasks\Adobe Flash Player Updater.job (File is exclusively opened, access blocked) "GoogleUpdateTaskMachineCore.job" - ? - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job (File is exclusively opened, access blocked) "GoogleUpdateTaskMachineUA.job" - ? - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job (File is exclusively opened, access blocked) [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "BHDrvx64" (BHDrvx64) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120928.001\BHDrvx64.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys "IDSVia64" (IDSVia64) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120929.001\IDSvia64.sys "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "NAVENG" (NAVENG) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121002.001\ENG64.SYS "NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121002.001\EX64.SYS "Norton 360 Settings Manager" (ccSet_N360) - "Symantec Corporation" - C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys "npusbio" (npusbio) - ? - C:\Windows\System32\Drivers\npusbio_x64.sys "PayPen" (PayPen) - ? - C:\Windows\System32\Drivers\PayPen.sys (File signed by Microsoft | File found, but it contains no detailed information) "PenDfu (pendfu.sys)" (pendfu) - ? - C:\Windows\System32\Drivers\pendfu.sys (File not found) "Symantec Data Store" (SymDS) - "Symantec Corporation" - C:\Windows\System32\drivers\N360x64\0603000.00E\SYMDS64.SYS "Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys "Symantec Extended File Attributes" (SymEFA) - "Symantec Corporation" - C:\Windows\System32\drivers\N360x64\0603000.00E\SYMEFA64.SYS "Symantec Iron Driver" (SymIRON) - "Symantec Corporation" - C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS "Symantec Network Security WFP Driver" (SymNetS) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS "Symantec Real Time Storage Protection (PEL) x64" (SRTSPX) - "Symantec Corporation" - C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS "Symantec Real Time Storage Protection x64" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS "SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {45C6AFA5-2C13-402f-BC5D-45CC8172EF6B} "Bluetooth" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 10.5.1" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.5.1" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "Norton Toolbar" - "Symantec Corporation" - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "Norton Identity Protection" - "Symantec Corporation" - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll {6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Norton Vulnerability Protection" - "Symantec Corporation" - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Toshiba Bluetooth Monitor" - "TOSHIBA CORPORATION." - C:\Windows\system32\tbtmon.dll "VSP1:" - "Visagesoft" - C:\Windows\system32\vsmon1.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "DeviceVM Meta Data Export Service" (DvmMDES) - "DeviceVM, Inc." - C:\ASUS.SYS\config\DVMExportService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Norton 360" (N360) - "Symantec Corporation" - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "TOSHIBA Bluetooth Service" (TOSHIBA Bluetooth Service) - "TOSHIBA CORPORATION" - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 20:07:37 on 02.10.2012 OS: Windows 7 Service Pack 1 (Build 7601), 64-bit Default Browser: Unable to get information Scanner Settings [ ] Rootkits detection (hidden registry) [ ] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - ? - C:\Windows\Tasks\Adobe Flash Player Updater.job (File is exclusively opened, access blocked) "GoogleUpdateTaskMachineCore.job" - ? - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job (File is exclusively opened, access blocked) "GoogleUpdateTaskMachineUA.job" - ? - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job (File is exclusively opened, access blocked) [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "BHDrvx64" (BHDrvx64) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120928.001\BHDrvx64.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys "IDSVia64" (IDSVia64) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120929.001\IDSvia64.sys "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "NAVENG" (NAVENG) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121002.001\ENG64.SYS "NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121002.001\EX64.SYS "Norton 360 Settings Manager" (ccSet_N360) - "Symantec Corporation" - C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys "npusbio" (npusbio) - ? - C:\Windows\System32\Drivers\npusbio_x64.sys "PayPen" (PayPen) - ? - C:\Windows\System32\Drivers\PayPen.sys (File signed by Microsoft | File found, but it contains no detailed information) "PenDfu (pendfu.sys)" (pendfu) - ? - C:\Windows\System32\Drivers\pendfu.sys (File not found) "Symantec Data Store" (SymDS) - "Symantec Corporation" - C:\Windows\System32\drivers\N360x64\0603000.00E\SYMDS64.SYS "Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys "Symantec Extended File Attributes" (SymEFA) - "Symantec Corporation" - C:\Windows\System32\drivers\N360x64\0603000.00E\SYMEFA64.SYS "Symantec Iron Driver" (SymIRON) - "Symantec Corporation" - C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS "Symantec Network Security WFP Driver" (SymNetS) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS "Symantec Real Time Storage Protection (PEL) x64" (SRTSPX) - "Symantec Corporation" - C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS "Symantec Real Time Storage Protection x64" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS "SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {45C6AFA5-2C13-402f-BC5D-45CC8172EF6B} "Bluetooth" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 10.5.1" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.5.1" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "Norton Toolbar" - "Symantec Corporation" - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "Norton Identity Protection" - "Symantec Corporation" - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll {6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Norton Vulnerability Protection" - "Symantec Corporation" - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Toshiba Bluetooth Monitor" - "TOSHIBA CORPORATION." - C:\Windows\system32\tbtmon.dll "VSP1:" - "Visagesoft" - C:\Windows\system32\vsmon1.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "DeviceVM Meta Data Export Service" (DvmMDES) - "DeviceVM, Inc." - C:\ASUS.SYS\config\DVMExportService.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Norton 360" (N360) - "Symantec Corporation" - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "TOSHIBA Bluetooth Service" (TOSHIBA Bluetooth Service) - "TOSHIBA CORPORATION" - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
02.10.2012, 20:42
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Statt aswMBR hast du OSAM doppelt gepostet Code:
ATTFilter C:\Windows\System32\Drivers\PayPen.sys
C:\Windows\System32\Drivers\pendfu.sys
Wenn eine Datei schon ausgewerte sein sollte, bitte eine weitere Auswertung starten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.10.2012, 16:32
| #27 |
| | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Sorry das war mein Fehler Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-02 20:08:42
-----------------------------
20:08:42.628 OS Version: Windows x64 6.1.7601 Service Pack 1
20:08:42.628 Number of processors: 6 586 0xA00
20:08:42.629 ComputerName: ROBERTOBUCHER UserName:
20:08:44.509 Initialize success
20:09:58.593 AVAST engine defs: 12100200
20:10:04.566 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
20:10:04.567 Disk 0 Vendor: WDC_WD2500JS-60NCB1 10.02E02 Size: 238475MB BusType: 3
20:10:04.569 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-7
20:10:04.571 Disk 1 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
20:10:04.580 Disk 0 MBR read successfully
20:10:04.582 Disk 0 MBR scan
20:10:04.585 Disk 0 Windows 7 default MBR code
20:10:04.588 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238472 MB offset 63
20:10:04.610 Disk 0 scanning C:\Windows\system32\drivers
20:10:17.971 Service scanning
20:10:40.711 Modules scanning
20:10:40.728 Disk 0 trace - called modules:
20:10:40.743 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
20:10:41.070 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007c8e060]
20:10:41.074 3 CLASSPNP.SYS[fffff88001b2543f] -> nt!IofCallDriver -> [0xfffffa80075aadb0]
20:10:41.077 5 ACPI.sys[fffff88000e747a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa800762f680]
20:10:42.071 AVAST engine scan C:\Windows
20:10:45.069 AVAST engine scan C:\Windows\system32
20:13:32.949 AVAST engine scan C:\Windows\system32\drivers
20:13:47.658 AVAST engine scan C:\Users\Roberto Bucher
20:14:42.368 AVAST engine scan C:\ProgramData
20:16:38.166 Scan finished successfully
20:17:04.635 Disk 0 MBR has been saved successfully to "C:\Users\Roberto Bucher\Desktop\MBR.dat"
20:17:04.639 The log file has been saved successfully to "C:\Users\Roberto Bucher\Desktop\aswMBR.txt"
|
|
17.10.2012, 17:36
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Was ist mit den Auswertungen bei VT?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.10.2012, 20:40
| #29 |
| | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash als erstes das Pendfu.sys Code:
ATTFilter *
* Community
* Statistics
* Dokumentation
* FAQ
* About
* Join our community
* Sign in
SHA256:
e0ca26bc3cd8c4a68d85719f7d5089a02f7900398edac2738a63c511d01747cf
File name:
pendfu.sys
Detection ratio:
0 / 42
Analysis date:
2012-10-17 15:52:42 UTC ( 0 Minuten ago )
0
0
More details
* Analysis
* Comments
* Votes
* Additional information
Antivirus
Result
Update
Agnitum
-
20121016
AhnLab-V3
-
20121017
AntiVir
-
20121017
Antiy-AVL
-
20121017
Avast
-
20121017
AVG
-
20121017
BitDefender
-
20121017
ByteHero
-
20121016
CAT-QuickHeal
-
20121017
ClamAV
-
20121017
Commtouch
-
20121017
Comodo
-
20121017
DrWeb
-
20121017
eSafe
-
20121017
ESET-NOD32
-
20121017
F-Prot
-
20121017
F-Secure
-
20121017
Fortinet
-
20121017
GData
-
20121017
Ikarus
-
20121017
Jiangmin
-
20121017
K7AntiVirus
-
20121016
Kaspersky
-
20121017
Kingsoft
-
20121008
McAfee
-
20121017
McAfee-GW-Edition
-
20121017
Microsoft
-
20121017
MicroWorld-eScan
-
20121017
Norman
-
20121017
nProtect
-
20121017
Panda
-
20121017
Rising
-
20121017
Sophos
-
20121017
SUPERAntiSpyware
-
20121017
Symantec
-
20121017
TheHacker
-
20121016
TotalDefense
-
20121017
TrendMicro
-
20121017
TrendMicro-HouseCall
-
20121017
VBA32
-
20121016
VIPRE
-
20121017
ViRobot
-
20121017
Blog*|*Twitter*|*contact@virustotal.com*|*Google groups*|*ToS*|*Privacy policy
Code:
ATTFilter
*
* Community
* Statistics
* Dokumentation
* FAQ
* About
* Join our community
* Sign in
SHA256:
9c716cfba6e6144d39d5ef8f4785d053a395da9e9217f50e89db78bb1708c73c
File name:
PayPen.sys
Detection ratio:
0 / 42
Analysis date:
2012-10-17 19:15:24 UTC ( 0 Minuten ago )
0
0
More details
* Analysis
* Comments
* Votes
* Additional information
Antivirus
Result
Update
Agnitum
-
20121017
AhnLab-V3
-
20121017
AntiVir
-
20121017
Antiy-AVL
-
20121017
Avast
-
20121017
AVG
-
20121017
BitDefender
-
20121017
ByteHero
-
20121016
CAT-QuickHeal
-
20121017
ClamAV
-
20121017
Commtouch
-
20121017
Comodo
-
20121017
DrWeb
-
20121017
eSafe
-
20121017
ESET-NOD32
-
20121017
F-Prot
-
20121017
F-Secure
-
20121017
Fortinet
-
20121017
GData
-
20121017
Ikarus
-
20121017
Jiangmin
-
20121017
K7AntiVirus
-
20121017
Kaspersky
-
20121017
Kingsoft
-
20121008
McAfee
-
20121017
McAfee-GW-Edition
-
20121017
Microsoft
-
20121017
MicroWorld-eScan
-
20121017
Norman
-
20121017
nProtect
-
20121017
Panda
-
20121017
Rising
-
20121017
Sophos
-
20121017
SUPERAntiSpyware
-
20121017
Symantec
-
20121017
TheHacker
-
20121016
TotalDefense
-
20121017
TrendMicro
-
20121017
TrendMicro-HouseCall
-
20121017
VBA32
-
20121016
VIPRE
-
20121017
ViRobot
-
20121017
Blog*|*Twitter*|*contact@virustotal.com*|*Google groups*|*ToS*|*Privacy policy
|
|
17.10.2012, 21:18
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash ok sry, die Dateien sind legit, wollte aber sichergehen  Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash |
| adobe, autorun, bho, canon, computer, error, excel, explorer, fehler, firefox, flash player, format, google, google earth, install.exe, intranet, langs, logfile, mozilla, office 2007, realtek, registry, rundll, security, senden, software, svchost.exe, symantec, teamspeak, trojaner, windows, yontoo |
Linear-Darstellung
