Werbelinks in Browser - Pop-ups
 

Hallo!

Ich habe im Browser ständig irgendwelche Werbelinks, bei denen sich beim Berühren mit dem Mauszeiger ein Popup öffnet. Dies sieht so aus:

hxxp://img717.imageshack.us/img717/3949/werbelink.jpg

Hier poste ich, weil ich das Thema schon gegoogelt, sowie in Foren gesucht habe, jedoch mit keinem Erfolg. Ich habe bereitss spybot, malwarebytes, norton und adwarecleaner benutzt. Auch habe ich die Listen im Adblocker des Firefox erweitert.

Vielleicht könnt ihr mir helfen!

Um eine genauere Analyse zu ermöglichen, befolge bitte diesen Link:

An alle Hilfesuchenden! Was muss ich vor Eröffnung eines Themas beachten?

Hinweis: Poste die erstellten Logfiles hier in deinem Thema - erstelle kein neues!

Falls bereits installierte Antivirensoftware Funde gemeldet hat: Füge unbedingt die entsprechenden Logdateien bei!

Danke für die schnelle Antwort!

So, hier mal die benötigten Log-Files:

OTL.txt:OTL Logfile:
--- --- ---


Extras.txt:OTL Logfile:
--- --- ---

Schritt 1: aswMBR


Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

• Starte die aswMBR.exe - (aswMBR.exe Anleitung) Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
• Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen ) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
• Klicke auf Scan.
• Warte bitte bis Scan finished successfully im DOS Fenster steht.
• Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.




Schritt 2: Scan mit TDSS-Killer



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe.
• Drücke Start Scan
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

Es gibt leider ein Problem mit aswMBR. Der Scan-Button ist zwar da, jedoch steckt der scan seit fast zwei Stunden bei einer Datei. Ist das noch in Ordnung? Oder soll ich den Prozess beenden?

Lass aswMBR weg, poste das log vom TDSS-Killer! :)

ok :)

15:04:16.0655 6060 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:04:17.0089 6060 ============================================================
15:04:17.0089 6060 Current date / time: 2013/01/03 15:04:17.0089
15:04:17.0089 6060 SystemInfo:
15:04:17.0089 6060
15:04:17.0089 6060 OS Version: 6.1.7601 ServicePack: 1.0
15:04:17.0089 6060 Product type: Workstation
15:04:17.0089 6060 ComputerName: ROBERT_DELL
15:04:17.0089 6060 UserName: robert
15:04:17.0089 6060 Windows directory: C:\Windows
15:04:17.0089 6060 System windows directory: C:\Windows
15:04:17.0089 6060 Running under WOW64
15:04:17.0089 6060 Processor architecture: Intel x64
15:04:17.0089 6060 Number of processors: 4
15:04:17.0089 6060 Page size: 0x1000
15:04:17.0089 6060 Boot type: Normal boot
15:04:17.0089 6060 ============================================================
15:04:18.0100 6060 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:04:18.0113 6060 ============================================================
15:04:18.0113 6060 \Device\Harddisk0\DR0:
15:04:18.0114 6060 MBR partitions:
15:04:18.0114 6060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
15:04:18.0114 6060 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01EF0
15:04:18.0114 6060 ============================================================
15:04:18.0158 6060 C: <-> \Device\Harddisk0\DR0\Partition2
15:04:18.0158 6060 ============================================================
15:04:18.0158 6060 Initialize success
15:04:18.0158 6060 ============================================================
15:04:22.0514 5580 ============================================================
15:04:22.0514 5580 Scan started
15:04:22.0514 5580 Mode: Manual;
15:04:22.0514 5580 ============================================================
15:04:23.0262 5580 ================ Scan system memory ========================
15:04:23.0262 5580 System memory - ok
15:04:23.0263 5580 ================ Scan services =============================
15:04:23.0396 5580 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:04:23.0431 5580 1394ohci - ok
15:04:23.0472 5580 [ AEDB94A49236F5FF060C90E09E70281F ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
15:04:23.0496 5580 Acceler - ok
15:04:23.0531 5580 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:04:23.0560 5580 ACPI - ok
15:04:23.0578 5580 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:04:23.0596 5580 AcpiPmi - ok
15:04:23.0757 5580 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:04:23.0766 5580 AdobeARMservice - ok
15:04:23.0876 5580 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:04:23.0881 5580 AdobeFlashPlayerUpdateSvc - ok
15:04:23.0920 5580 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:04:23.0928 5580 adp94xx - ok
15:04:23.0954 5580 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:04:23.0959 5580 adpahci - ok
15:04:23.0978 5580 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:04:23.0997 5580 adpu320 - ok
15:04:24.0033 5580 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:04:24.0033 5580 AeLookupSvc - ok
15:04:24.0099 5580 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:04:24.0102 5580 AERTFilters - ok
15:04:24.0139 5580 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:04:24.0163 5580 AFD - ok
15:04:24.0204 5580 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:04:24.0222 5580 agp440 - ok
15:04:24.0263 5580 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:04:24.0279 5580 ALG - ok
15:04:24.0300 5580 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:04:24.0313 5580 aliide - ok
15:04:24.0316 5580 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:04:24.0328 5580 amdide - ok
15:04:24.0332 5580 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:04:24.0336 5580 AmdK8 - ok
15:04:24.0353 5580 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:04:24.0358 5580 AmdPPM - ok
15:04:24.0374 5580 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:04:24.0394 5580 amdsata - ok
15:04:24.0416 5580 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:04:24.0421 5580 amdsbs - ok
15:04:24.0431 5580 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:04:24.0433 5580 amdxata - ok
15:04:24.0474 5580 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
15:04:24.0501 5580 androidusb - ok
15:04:24.0544 5580 [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:04:24.0564 5580 ApfiltrService - ok
15:04:24.0605 5580 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:04:24.0608 5580 AppID - ok
15:04:24.0629 5580 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:04:24.0645 5580 AppIDSvc - ok
15:04:24.0663 5580 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:04:24.0664 5580 Appinfo - ok
15:04:24.0710 5580 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:04:24.0726 5580 AppMgmt - ok
15:04:24.0731 5580 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:04:24.0733 5580 arc - ok
15:04:24.0752 5580 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:04:24.0754 5580 arcsas - ok
15:04:24.0855 5580 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:04:24.0888 5580 aspnet_state - ok
15:04:24.0921 5580 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:04:24.0922 5580 AsyncMac - ok
15:04:24.0953 5580 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:04:24.0964 5580 atapi - ok
15:04:25.0018 5580 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:04:25.0027 5580 AudioEndpointBuilder - ok
15:04:25.0037 5580 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:04:25.0041 5580 AudioSrv - ok
15:04:25.0070 5580 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:04:25.0083 5580 AxInstSV - ok
15:04:25.0116 5580 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:04:25.0138 5580 b06bdrv - ok
15:04:25.0178 5580 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:04:25.0199 5580 b57nd60a - ok
15:04:25.0314 5580 [ 783F1C7ED6B39454A8D1028D4F30768D ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
15:04:25.0409 5580 BCM43XX - ok
15:04:25.0438 5580 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:04:25.0458 5580 BDESVC - ok
15:04:25.0483 5580 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:04:25.0485 5580 Beep - ok
15:04:25.0530 5580 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:04:25.0540 5580 BFE - ok
15:04:25.0763 5580 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\20121130.005\BHDrvx64.sys
15:04:25.0821 5580 BHDrvx64 - ok
15:04:25.0856 5580 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:04:25.0868 5580 BITS - ok
15:04:25.0884 5580 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:04:25.0886 5580 blbdrive - ok
15:04:25.0927 5580 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:04:25.0954 5580 bowser - ok
15:04:25.0979 5580 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:04:25.0980 5580 BrFiltLo - ok
15:04:25.0993 5580 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:04:26.0008 5580 BrFiltUp - ok
15:04:26.0063 5580 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:04:26.0066 5580 Browser - ok
15:04:26.0085 5580 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:04:26.0090 5580 Brserid - ok
15:04:26.0093 5580 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:04:26.0110 5580 BrSerWdm - ok
15:04:26.0115 5580 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:04:26.0132 5580 BrUsbMdm - ok
15:04:26.0136 5580 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:04:26.0137 5580 BrUsbSer - ok
15:04:26.0199 5580 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:04:26.0218 5580 BthEnum - ok
15:04:26.0237 5580 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:04:26.0239 5580 BTHMODEM - ok
15:04:26.0263 5580 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:04:26.0282 5580 BthPan - ok
15:04:26.0319 5580 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:04:26.0338 5580 BTHPORT - ok
15:04:26.0529 5580 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:04:26.0532 5580 bthserv - ok
15:04:26.0575 5580 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:04:26.0603 5580 BTHUSB - ok
15:04:26.0649 5580 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
15:04:26.0655 5580 BTWAMPFL - ok
15:04:26.0685 5580 [ F6135859A582A7294BA7A3336E08BAA1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:04:26.0700 5580 btwaudio - ok
15:04:26.0737 5580 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
15:04:26.0750 5580 btwavdt - ok
15:04:26.0799 5580 [ B7DEA77EE893806859072274EE8EC8FC ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:04:26.0810 5580 btwdins - ok
15:04:26.0830 5580 [ 9AD0FA253ED531D39FB2D74FE12A5FA9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:04:26.0832 5580 btwl2cap - ok
15:04:26.0844 5580 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:04:26.0857 5580 btwrchid - ok
15:04:26.0953 5580 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NAV C:\Windows\system32\drivers\NAVx64\1309000.009\ccSetx64.sys
15:04:26.0969 5580 ccSet_NAV - ok
15:04:27.0019 5580 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:04:27.0047 5580 cdfs - ok
15:04:27.0078 5580 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:04:27.0082 5580 cdrom - ok
15:04:27.0115 5580 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:04:27.0117 5580 CertPropSvc - ok
15:04:27.0129 5580 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:04:27.0141 5580 circlass - ok
15:04:27.0168 5580 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:04:27.0187 5580 CLFS - ok
15:04:27.0280 5580 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:04:27.0310 5580 clr_optimization_v2.0.50727_32 - ok
15:04:27.0349 5580 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:04:27.0380 5580 clr_optimization_v2.0.50727_64 - ok
15:04:27.0441 5580 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:04:27.0535 5580 clr_optimization_v4.0.30319_32 - ok
15:04:27.0556 5580 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:04:27.0622 5580 clr_optimization_v4.0.30319_64 - ok
15:04:27.0646 5580 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:04:27.0649 5580 CmBatt - ok
15:04:27.0672 5580 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:04:27.0674 5580 cmdide - ok
15:04:27.0727 5580 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:04:27.0749 5580 CNG - ok
15:04:27.0766 5580 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:04:27.0769 5580 Compbatt - ok
15:04:27.0782 5580 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:04:27.0784 5580 CompositeBus - ok
15:04:27.0795 5580 COMSysApp - ok
15:04:27.0809 5580 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:04:27.0821 5580 crcdisk - ok
15:04:27.0877 5580 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:04:27.0880 5580 CryptSvc - ok
15:04:27.0901 5580 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:04:27.0930 5580 CSC - ok
15:04:27.0959 5580 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:04:27.0968 5580 CscService - ok
15:04:28.0036 5580 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:04:28.0040 5580 CtClsFlt - ok
15:04:28.0393 5580 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:04:28.0408 5580 cvhsvc - ok
15:04:28.0451 5580 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:04:28.0459 5580 DcomLaunch - ok
15:04:28.0488 5580 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:04:28.0505 5580 defragsvc - ok
15:04:28.0538 5580 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:04:28.0555 5580 DfsC - ok
15:04:28.0595 5580 dgderdrv - ok
15:04:28.0621 5580 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:04:28.0626 5580 Dhcp - ok
15:04:28.0636 5580 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:04:28.0638 5580 discache - ok
15:04:28.0670 5580 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:04:28.0688 5580 Disk - ok
15:04:28.0731 5580 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:04:28.0751 5580 dmvsc - ok
15:04:28.0779 5580 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:04:28.0783 5580 Dnscache - ok
15:04:28.0802 5580 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:04:28.0808 5580 dot3svc - ok
15:04:28.0847 5580 [ C43618154FC0C8480F53B04BA7A2F371 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
15:04:28.0854 5580 DpHost - ok
15:04:28.0870 5580 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:04:28.0874 5580 DPS - ok
15:04:28.0899 5580 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:04:28.0915 5580 drmkaud - ok
15:04:28.0959 5580 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:04:28.0984 5580 DXGKrnl - ok
15:04:29.0036 5580 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:04:29.0039 5580 EapHost - ok
15:04:29.0124 5580 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:04:29.0199 5580 ebdrv - ok
15:04:29.0286 5580 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
15:04:29.0314 5580 eeCtrl - ok
15:04:29.0342 5580 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:04:29.0344 5580 EFS - ok
15:04:29.0407 5580 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:04:29.0431 5580 ehRecvr - ok
15:04:29.0460 5580 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:04:29.0496 5580 ehSched - ok
15:04:29.0534 5580 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:04:29.0556 5580 elxstor - ok
15:04:29.0606 5580 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:04:29.0610 5580 EraserUtilRebootDrv - ok
15:04:29.0613 5580 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:04:29.0614 5580 ErrDev - ok
15:04:29.0651 5580 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:04:29.0657 5580 EventSystem - ok
15:04:29.0673 5580 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:04:29.0676 5580 exfat - ok
15:04:29.0690 5580 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:04:29.0694 5580 fastfat - ok
15:04:29.0719 5580 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:04:29.0728 5580 Fax - ok
15:04:29.0741 5580 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:04:29.0742 5580 fdc - ok
15:04:29.0758 5580 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:04:29.0761 5580 fdPHost - ok
15:04:29.0771 5580 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:04:29.0773 5580 FDResPub - ok
15:04:29.0781 5580 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:04:29.0800 5580 FileInfo - ok
15:04:29.0818 5580 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:04:29.0820 5580 Filetrace - ok
15:04:29.0832 5580 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:04:29.0834 5580 flpydisk - ok
15:04:29.0850 5580 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:04:29.0856 5580 FltMgr - ok
15:04:29.0877 5580 [ F910874E4789DC95F37D2CF6285A85FA ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
15:04:29.0882 5580 FLxHCIc - ok
15:04:29.0903 5580 [ B957F9A14F696DBC0DC65497AAFD0CA4 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
15:04:29.0906 5580 FLxHCIh - ok
15:04:29.0968 5580 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:04:29.0982 5580 FontCache - ok
15:04:30.0030 5580 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:04:30.0042 5580 FontCache3.0.0.0 - ok
15:04:30.0070 5580 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:04:30.0073 5580 FsDepends - ok
15:04:30.0115 5580 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:04:30.0138 5580 Fs_Rec - ok
15:04:30.0164 5580 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:04:30.0185 5580 fvevol - ok
15:04:30.0210 5580 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:04:30.0224 5580 gagp30kx - ok
15:04:30.0335 5580 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:04:30.0345 5580 gpsvc - ok
15:04:30.0438 5580 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:04:30.0442 5580 gupdate - ok
15:04:30.0455 5580 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:04:30.0456 5580 gupdatem - ok
15:04:30.0474 5580 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:04:30.0489 5580 hcw85cir - ok
15:04:30.0519 5580 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:04:30.0539 5580 HDAudBus - ok
15:04:30.0543 5580 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:04:30.0545 5580 HidBatt - ok
15:04:30.0567 5580 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:04:30.0570 5580 HidBth - ok
15:04:30.0580 5580 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:04:30.0582 5580 HidIr - ok
15:04:30.0602 5580 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:04:30.0604 5580 hidserv - ok
15:04:30.0637 5580 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:04:30.0654 5580 HidUsb - ok
15:04:30.0689 5580 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:04:30.0693 5580 hkmsvc - ok
15:04:30.0704 5580 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:04:30.0709 5580 HomeGroupListener - ok
15:04:30.0734 5580 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:04:30.0739 5580 HomeGroupProvider - ok
15:04:30.0764 5580 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:04:30.0778 5580 HpSAMD - ok
15:04:30.0802 5580 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:04:30.0814 5580 HTTP - ok
15:04:30.0822 5580 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:04:30.0839 5580 hwpolicy - ok
15:04:30.0860 5580 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:04:30.0863 5580 i8042prt - ok
15:04:30.0895 5580 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:04:30.0897 5580 iaStor - ok
15:04:30.0915 5580 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:04:30.0922 5580 iaStorV - ok
15:04:30.0965 5580 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:04:30.0990 5580 idsvc - ok
15:04:31.0105 5580 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\20130102.001\IDSvia64.sys
15:04:31.0114 5580 IDSVia64 - ok
15:04:31.0320 5580 [ 0BD58366C86EF9DDC4F61AFED0CADA99 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:04:31.0534 5580 igfx - ok
15:04:31.0570 5580 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:04:31.0584 5580 iirsp - ok
15:04:31.0628 5580 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:04:31.0640 5580 IKEEXT - ok
15:04:31.0664 5580 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
15:04:31.0677 5580 Impcd - ok
15:04:31.0734 5580 [ 1B491F385EE96F9D9EE4CB430C8CD29E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:04:31.0810 5580 IntcAzAudAddService - ok
15:04:31.0840 5580 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:04:31.0854 5580 intelide - ok
15:04:31.0876 5580 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:04:31.0890 5580 intelppm - ok
15:04:31.0924 5580 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:04:31.0928 5580 IPBusEnum - ok
15:04:31.0940 5580 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:04:31.0943 5580 IpFilterDriver - ok
15:04:31.0981 5580 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:04:31.0999 5580 iphlpsvc - ok
15:04:32.0011 5580 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:04:32.0014 5580 IPMIDRV - ok
15:04:32.0028 5580 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:04:32.0033 5580 IPNAT - ok
15:04:32.0048 5580 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:04:32.0064 5580 IRENUM - ok
15:04:32.0097 5580 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:04:32.0114 5580 isapnp - ok
15:04:32.0197 5580 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:04:32.0244 5580 iScsiPrt - ok
15:04:32.0301 5580 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:04:32.0321 5580 kbdclass - ok
15:04:32.0392 5580 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:04:32.0417 5580 kbdhid - ok
15:04:32.0504 5580 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:04:32.0505 5580 KeyIso - ok
15:04:32.0563 5580 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:04:32.0574 5580 KSecDD - ok
15:04:32.0608 5580 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:04:32.0630 5580 KSecPkg - ok
15:04:32.0709 5580 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:04:32.0730 5580 ksthunk - ok
15:04:32.0775 5580 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:04:32.0801 5580 KtmRm - ok
15:04:32.0965 5580 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:04:32.0971 5580 LanmanServer - ok
15:04:33.0048 5580 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:04:33.0051 5580 LanmanWorkstation - ok
15:04:33.0116 5580 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:04:33.0129 5580 lltdio - ok
15:04:33.0206 5580 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:04:33.0210 5580 lltdsvc - ok
15:04:33.0224 5580 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:04:33.0226 5580 lmhosts - ok
15:04:33.0287 5580 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:04:33.0292 5580 LMS - ok
15:04:33.0316 5580 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:04:33.0332 5580 LSI_FC - ok
15:04:33.0361 5580 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:04:33.0377 5580 LSI_SAS - ok
15:04:33.0396 5580 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:04:33.0398 5580 LSI_SAS2 - ok
15:04:33.0406 5580 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:04:33.0409 5580 LSI_SCSI - ok
15:04:33.0428 5580 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:04:33.0442 5580 luafv - ok
15:04:33.0467 5580 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:04:33.0480 5580 Mcx2Svc - ok
15:04:33.0499 5580 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:04:33.0501 5580 megasas - ok
15:04:33.0514 5580 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:04:33.0519 5580 MegaSR - ok
15:04:33.0538 5580 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:04:33.0553 5580 MEIx64 - ok
15:04:33.0579 5580 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:04:33.0580 5580 MMCSS - ok
15:04:33.0594 5580 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:04:33.0597 5580 Modem - ok
15:04:33.0616 5580 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:04:33.0635 5580 monitor - ok
15:04:33.0652 5580 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:04:33.0670 5580 mouclass - ok
15:04:33.0695 5580 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:04:33.0697 5580 mouhid - ok
15:04:33.0719 5580 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:04:33.0722 5580 mountmgr - ok
15:04:33.0767 5580 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:04:33.0792 5580 MozillaMaintenance - ok
15:04:33.0809 5580 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:04:33.0813 5580 mpio - ok
15:04:33.0825 5580 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:04:33.0841 5580 mpsdrv - ok
15:04:33.0879 5580 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:04:33.0891 5580 MpsSvc - ok
15:04:33.0896 5580 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:04:33.0898 5580 MRxDAV - ok
15:04:33.0921 5580 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:04:33.0925 5580 mrxsmb - ok
15:04:33.0937 5580 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:04:33.0943 5580 mrxsmb10 - ok
15:04:33.0957 5580 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:04:33.0960 5580 mrxsmb20 - ok
15:04:33.0976 5580 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:04:33.0993 5580 msahci - ok
15:04:34.0026 5580 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:04:34.0030 5580 msdsm - ok
15:04:34.0043 5580 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:04:34.0047 5580 MSDTC - ok
15:04:34.0064 5580 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:04:34.0078 5580 Msfs - ok
15:04:34.0188 5580 [ 54819FC5C79E4B2C6E896F9DE440494D ] msftesql$CSSQL05 c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
15:04:34.0190 5580 msftesql$CSSQL05 - ok
15:04:34.0215 5580 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:04:34.0226 5580 mshidkmdf - ok
15:04:34.0244 5580 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:04:34.0261 5580 msisadrv - ok
15:04:34.0296 5580 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:04:34.0326 5580 MSiSCSI - ok
15:04:34.0329 5580 msiserver - ok
15:04:34.0354 5580 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:04:34.0356 5580 MSKSSRV - ok
15:04:34.0375 5580 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:04:34.0377 5580 MSPCLOCK - ok
15:04:34.0388 5580 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:04:34.0390 5580 MSPQM - ok
15:04:34.0407 5580 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:04:34.0426 5580 MsRPC - ok
15:04:34.0446 5580 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:04:34.0448 5580 mssmbios - ok
15:04:34.0471 5580 MSSQL$CSSQL05 - ok
15:04:34.0519 5580 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:04:34.0541 5580 MSSQLServerADHelper - ok
15:04:34.0557 5580 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:04:34.0559 5580 MSTEE - ok
15:04:34.0571 5580 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:04:34.0573 5580 MTConfig - ok
15:04:34.0587 5580 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:04:34.0607 5580 Mup - ok
15:04:34.0645 5580 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:04:34.0654 5580 napagent - ok
15:04:34.0678 5580 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:04:34.0683 5580 NativeWifiP - ok
15:04:34.0770 5580 [ F2840DBFE9322F35557219AE82CC4597 ] NAV C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
15:04:34.0774 5580 NAV - ok
15:04:34.0859 5580 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20130102.023\ENG64.SYS
15:04:34.0865 5580 NAVENG - ok
15:04:34.0927 5580 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20130102.023\EX64.SYS
15:04:34.0961 5580 NAVEX15 - ok
15:04:35.0006 5580 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:04:35.0032 5580 NDIS - ok
15:04:35.0069 5580 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:04:35.0070 5580 NdisCap - ok
15:04:35.0081 5580 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:04:35.0101 5580 NdisTapi - ok
15:04:35.0128 5580 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:04:35.0130 5580 Ndisuio - ok
15:04:35.0146 5580 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:04:35.0162 5580 NdisWan - ok
15:04:35.0176 5580 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:04:35.0178 5580 NDProxy - ok
15:04:35.0197 5580 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:04:35.0199 5580 NetBIOS - ok
15:04:35.0209 5580 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:04:35.0213 5580 NetBT - ok
15:04:35.0238 5580 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:04:35.0239 5580 Netlogon - ok
15:04:35.0284 5580 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:04:35.0288 5580 Netman - ok
15:04:35.0320 5580 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:04:35.0374 5580 NetMsmqActivator - ok
15:04:35.0379 5580 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:04:35.0380 5580 NetPipeActivator - ok
15:04:35.0406 5580 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:04:35.0423 5580 netprofm - ok
15:04:35.0429 5580 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:04:35.0430 5580 NetTcpActivator - ok
15:04:35.0434 5580 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:04:35.0435 5580 NetTcpPortSharing - ok
15:04:35.0468 5580 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
15:04:35.0487 5580 netvsc - ok
15:04:35.0514 5580 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:04:35.0530 5580 nfrd960 - ok
15:04:35.0580 5580 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:04:35.0586 5580 NlaSvc - ok
15:04:35.0601 5580 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:04:35.0603 5580 Npfs - ok
15:04:35.0625 5580 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:04:35.0627 5580 nsi - ok
15:04:35.0638 5580 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:04:35.0652 5580 nsiproxy - ok
15:04:35.0706 5580 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:04:35.0757 5580 Ntfs - ok
15:04:35.0858 5580 [ 4E6E6BE52EF05E666CC7D6D99C2C426A ] ntrtscan c:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe
15:04:35.0891 5580 ntrtscan - ok
15:04:35.0900 5580 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:04:35.0902 5580 Null - ok
15:04:35.0921 5580 [ D584ABB6A308933A5F72B46C9E5A783F ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
15:04:35.0923 5580 nusb3hub - ok
15:04:35.0940 5580 [ 345B9C04E2036DA4346E3249A5BDFD06 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
15:04:35.0944 5580 nusb3xhc - ok
15:04:36.0001 5580 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:04:36.0019 5580 NVHDA - ok
15:04:36.0061 5580 [ D980B1551DD0C8BDC3B07D617B4D42A6 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
15:04:36.0076 5580 nvkflt - ok
15:04:36.0282 5580 [ 386FB2E1EF51495629089231957B7D9A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:04:36.0477 5580 nvlddmkm - ok
15:04:36.0494 5580 [ E0CABFD2564CB064EAA5789CD6960C4A ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
15:04:36.0496 5580 nvpciflt - ok
15:04:36.0531 5580 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:04:36.0535 5580 nvraid - ok
15:04:36.0551 5580 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:04:36.0563 5580 nvstor - ok
15:04:36.0599 5580 [ 4DC87CDA61D7B185E79618581F46B85A ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys
15:04:36.0606 5580 NvStUSB - ok
15:04:36.0651 5580 [ 3947AD5D03E6ABCCE037801162FDB90D ] nvsvc C:\Windows\system32\nvvsvc.exe
15:04:36.0678 5580 nvsvc - ok
15:04:36.0754 5580 [ C5B3BB5DC9C62700C4A72C2A89CA1D58 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:04:36.0799 5580 nvUpdatusService - ok
15:04:36.0822 5580 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:04:36.0824 5580 nv_agp - ok
15:04:36.0840 5580 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:04:36.0843 5580 ohci1394 - ok
15:04:36.0897 5580 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:04:36.0922 5580 ose - ok
15:04:37.0112 5580 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:04:37.0220 5580 osppsvc - ok
15:04:37.0248 5580 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:04:37.0253 5580 p2pimsvc - ok
15:04:37.0272 5580 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:04:37.0280 5580 p2psvc - ok
15:04:37.0296 5580 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:04:37.0309 5580 Parport - ok
15:04:37.0345 5580 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:04:37.0360 5580 partmgr - ok
15:04:37.0383 5580 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:04:37.0388 5580 PcaSvc - ok
15:04:37.0410 5580 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:04:37.0414 5580 pci - ok
15:04:37.0433 5580 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:04:37.0436 5580 pciide - ok
15:04:37.0454 5580 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:04:37.0459 5580 pcmcia - ok
15:04:37.0471 5580 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:04:37.0474 5580 pcw - ok
15:04:37.0497 5580 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:04:37.0505 5580 PEAUTH - ok
15:04:37.0542 5580 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:04:37.0567 5580 PeerDistSvc - ok
15:04:37.0616 5580 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:04:37.0633 5580 PerfHost - ok
15:04:37.0682 5580 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:04:37.0725 5580 pla - ok
15:04:37.0763 5580 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:04:37.0771 5580 PlugPlay - ok
15:04:37.0779 5580 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:04:37.0793 5580 PNRPAutoReg - ok
15:04:37.0816 5580 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:04:37.0818 5580 PNRPsvc - ok
15:04:37.0842 5580 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:04:37.0849 5580 PolicyAgent - ok
15:04:37.0938 5580 postgresql-8.4 - ok
15:04:37.0961 5580 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
15:04:37.0966 5580 Power - ok
15:04:37.0993 5580 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:04:37.0995 5580 PptpMiniport - ok
15:04:38.0011 5580 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:04:38.0014 5580 Processor - ok
15:04:38.0047 5580 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:04:38.0052 5580 ProfSvc - ok
15:04:38.0062 5580 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:04:38.0063 5580 ProtectedStorage - ok
15:04:38.0088 5580 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:04:38.0091 5580 Psched - ok
15:04:38.0122 5580 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:04:38.0137 5580 PxHlpa64 - ok
15:04:38.0177 5580 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:04:38.0222 5580 ql2300 - ok
15:04:38.0248 5580 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:04:38.0251 5580 ql40xx - ok
15:04:38.0280 5580 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:04:38.0302 5580 QWAVE - ok
15:04:38.0324 5580 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:04:38.0338 5580 QWAVEdrv - ok
15:04:38.0355 5580 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:04:38.0357 5580 RasAcd - ok
15:04:38.0366 5580 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:04:38.0368 5580 RasAgileVpn - ok
15:04:38.0379 5580 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:04:38.0396 5580 RasAuto - ok
15:04:38.0418 5580 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:04:38.0421 5580 Rasl2tp - ok
15:04:38.0440 5580 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:04:38.0461 5580 RasMan - ok
15:04:38.0480 5580 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:04:38.0483 5580 RasPppoe - ok
15:04:38.0492 5580 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:04:38.0495 5580 RasSstp - ok
15:04:38.0514 5580 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:04:38.0519 5580 rdbss - ok
15:04:38.0534 5580 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:04:38.0536 5580 rdpbus - ok
15:04:38.0547 5580 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:04:38.0563 5580 RDPCDD - ok
15:04:38.0598 5580 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:04:38.0610 5580 RDPDR - ok
15:04:38.0630 5580 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:04:38.0632 5580 RDPENCDD - ok
15:04:38.0648 5580 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:04:38.0650 5580 RDPREFMP - ok
15:04:38.0687 5580 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:04:38.0704 5580 RDPWD - ok
15:04:38.0730 5580 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:04:38.0734 5580 rdyboost - ok
15:04:38.0746 5580 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:04:38.0766 5580 RemoteAccess - ok
15:04:38.0802 5580 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:04:38.0807 5580 RemoteRegistry - ok
15:04:38.0833 5580 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:04:38.0846 5580 RFCOMM - ok
15:04:38.0975 5580 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:04:39.0031 5580 RoxMediaDB12OEM - ok
15:04:39.0061 5580 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:04:39.0082 5580 RoxWatch12 - ok
15:04:39.0108 5580 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:04:39.0110 5580 RpcEptMapper - ok
15:04:39.0131 5580 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:04:39.0143 5580 RpcLocator - ok
15:04:39.0165 5580 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:04:39.0168 5580 RpcSs - ok
15:04:39.0196 5580 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:04:39.0208 5580 rspndr - ok
15:04:39.0251 5580 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:04:39.0269 5580 RSUSBSTOR - ok
15:04:39.0305 5580 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:04:39.0314 5580 RTL8167 - ok
15:04:39.0337 5580 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:04:39.0356 5580 s3cap - ok
15:04:39.0372 5580 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:04:39.0373 5580 SamSs - ok
15:04:39.0392 5580 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:04:39.0408 5580 sbp2port - ok
15:04:39.0437 5580 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:04:39.0442 5580 SCardSvr - ok
15:04:39.0456 5580 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:04:39.0458 5580 scfilter - ok
15:04:39.0482 5580 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:04:39.0495 5580 Schedule - ok
15:04:39.0509 5580 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:04:39.0510 5580 SCPolicySvc - ok
15:04:39.0522 5580 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:04:39.0542 5580 SDRSVC - ok
15:04:39.0575 5580 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:04:39.0577 5580 secdrv - ok
15:04:39.0585 5580 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:04:39.0602 5580 seclogon - ok
15:04:39.0616 5580 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:04:39.0618 5580 SENS - ok
15:04:39.0625 5580 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:04:39.0628 5580 SensrSvc - ok
15:04:39.0650 5580 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:04:39.0663 5580 Serenum - ok
15:04:39.0667 5580 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:04:39.0677 5580 Serial - ok
15:04:39.0701 5580 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:04:39.0702 5580 sermouse - ok
15:04:39.0719 5580 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:04:39.0722 5580 SessionEnv - ok
15:04:39.0725 5580 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:04:39.0741 5580 sffdisk - ok
15:04:39.0744 5580 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:04:39.0745 5580 sffp_mmc - ok
15:04:39.0760 5580 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:04:39.0778 5580 sffp_sd - ok
15:04:39.0783 5580 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:04:39.0805 5580 sfloppy - ok
15:04:39.0836 5580 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:04:39.0846 5580 Sftfs - ok
15:04:39.0944 5580 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:04:39.0952 5580 sftlist - ok
15:04:39.0970 5580 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:04:39.0993 5580 Sftplay - ok
15:04:40.0006 5580 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:04:40.0027 5580 Sftredir - ok
15:04:40.0041 5580 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:04:40.0057 5580 Sftvol - ok
15:04:40.0077 5580 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:04:40.0081 5580 sftvsa - ok
15:04:40.0112 5580 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:04:40.0135 5580 SharedAccess - ok
15:04:40.0158 5580 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:04:40.0172 5580 ShellHWDetection - ok
15:04:40.0189 5580 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:04:40.0192 5580 SiSRaid2 - ok
15:04:40.0217 5580 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:04:40.0219 5580 SiSRaid4 - ok
15:04:40.0272 5580 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:04:40.0297 5580 SkypeUpdate - ok
15:04:40.0318 5580 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:04:40.0320 5580 Smb - ok
15:04:40.0346 5580 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:04:40.0349 5580 SNMPTRAP - ok
15:04:40.0362 5580 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:04:40.0373 5580 spldr - ok
15:04:40.0409 5580 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:04:40.0418 5580 Spooler - ok
15:04:40.0476 5580 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:04:40.0531 5580 sppsvc - ok
15:04:40.0547 5580 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:04:40.0551 5580 sppuinotify - ok
15:04:40.0611 5580 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:04:40.0615 5580 SQLBrowser - ok
15:04:40.0682 5580 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:04:40.0687 5580 SQLWriter - ok
15:04:40.0784 5580 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NAVx64\1309000.009\SRTSP64.SYS
15:04:40.0811 5580 SRTSP - ok
15:04:40.0829 5580 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NAVx64\1309000.009\SRTSPX64.SYS
15:04:40.0842 5580 SRTSPX - ok
15:04:40.0879 5580 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:04:40.0900 5580 srv - ok
15:04:40.0919 5580 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:04:40.0926 5580 srv2 - ok
15:04:40.0939 5580 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:04:40.0942 5580 srvnet - ok
15:04:41.0014 5580 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
15:04:41.0030 5580 ssadbus - ok
15:04:41.0077 5580 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:04:41.0089 5580 ssadmdfl - ok
15:04:41.0112 5580 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
15:04:41.0132 5580 ssadmdm - ok
15:04:41.0147 5580 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
15:04:41.0151 5580 sscdbus - ok
15:04:41.0176 5580 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
15:04:41.0179 5580 sscdmdfl - ok
15:04:41.0195 5580 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
15:04:41.0200 5580 sscdmdm - ok
15:04:41.0232 5580 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:04:41.0237 5580 SSDPSRV - ok
15:04:41.0246 5580 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:04:41.0259 5580 SstpSvc - ok
15:04:41.0298 5580 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
15:04:41.0301 5580 stdcfltn - ok
15:04:41.0348 5580 [ B69E79470474A8BEF06BE2130D0210A8 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:04:41.0355 5580 Stereo Service - ok
15:04:41.0370 5580 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:04:41.0384 5580 stexstor - ok
15:04:41.0407 5580 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:04:41.0417 5580 stisvc - ok
15:04:41.0463 5580 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:04:41.0496 5580 stllssvr - ok
15:04:41.0523 5580 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:04:41.0526 5580 StorSvc - ok
15:04:41.0544 5580 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:04:41.0561 5580 storvsc - ok
15:04:41.0644 5580 [ DA8DA61CB3289AE3840D35C3C73317A3 ] svcGenericHost c:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe
15:04:41.0647 5580 svcGenericHost - ok
15:04:41.0671 5580 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:04:41.0689 5580 swenum - ok
15:04:41.0716 5580 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:04:41.0724 5580 swprv - ok
15:04:41.0775 5580 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NAVx64\1309000.009\SYMDS64.SYS
15:04:41.0806 5580 SymDS - ok
15:04:41.0860 5580 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NAVx64\1309000.009\SYMEFA64.SYS
15:04:41.0894 5580 SymEFA - ok
15:04:41.0925 5580 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
15:04:41.0940 5580 SymEvent - ok
15:04:41.0976 5580 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NAVx64\1309000.009\Ironx64.SYS
15:04:41.0979 5580 SymIRON - ok
15:04:41.0996 5580 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NAVx64\1309000.009\SYMNETS.SYS
15:04:42.0025 5580 SymNetS - ok
15:04:42.0057 5580 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:04:42.0069 5580 SynthVid - ok
15:04:42.0122 5580 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:04:42.0153 5580 SysMain - ok
15:04:42.0163 5580 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:04:42.0176 5580 TabletInputService - ok
15:04:42.0202 5580 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:04:42.0226 5580 TapiSrv - ok
15:04:42.0241 5580 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:04:42.0266 5580 TBS - ok
15:04:42.0325 5580 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:04:42.0387 5580 Tcpip - ok
15:04:42.0424 5580 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:04:42.0432 5580 TCPIP6 - ok
15:04:42.0467 5580 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:04:42.0470 5580 tcpipreg - ok
15:04:42.0494 5580 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:04:42.0510 5580 TDPIPE - ok
15:04:42.0534 5580 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:04:42.0548 5580 TDTCP - ok
15:04:42.0569 5580 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:04:42.0572 5580 tdx - ok
15:04:42.0587 5580 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:04:42.0590 5580 TermDD - ok
15:04:42.0622 5580 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:04:42.0634 5580 TermService - ok
15:04:42.0643 5580 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:04:42.0646 5580 Themes - ok
15:04:42.0671 5580 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:04:42.0672 5580 THREADORDER - ok
15:04:42.0721 5580 [ 5602F33CCC295C7C80E9DB2B2C5CEB06 ] TmFilter c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys
15:04:42.0756 5580 TmFilter - ok
15:04:42.0800 5580 [ BAC43306908F70E878BFE01F3A9079CA ] tmlisten c:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe
15:04:42.0825 5580 tmlisten - ok
15:04:42.0866 5580 [ B5C00FC8786A237937C33AABEE68CA26 ] tmlwf C:\Windows\system32\DRIVERS\tmlwf.sys
15:04:42.0870 5580 tmlwf - ok
15:04:42.0893 5580 [ 48D09383511757645C0A828622EF5AB3 ] TmPfw c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPfw.exe
15:04:42.0904 5580 TmPfw - ok
15:04:42.0916 5580 [ AA78D4E62E335EAD1C200875D7DAC9FA ] TmPreFilter c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys
15:04:42.0930 5580 TmPreFilter - ok
15:04:42.0958 5580 [ A4B0E0D9CB7AAED795BF880C3EDAA08F ] TmProxy c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe
15:04:42.0964 5580 TmProxy - ok
15:04:42.0975 5580 [ A42E6780C52B248AF54C6010A9A93384 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
15:04:42.0993 5580 tmtdi - ok
15:04:43.0023 5580 [ 5D38C32A4B093BC8190CF3FB9078C9CD ] tmwfp C:\Windows\system32\DRIVERS\tmwfp.sys
15:04:43.0029 5580 tmwfp - ok
15:04:43.0049 5580 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:04:43.0053 5580 TrkWks - ok
15:04:43.0089 5580 [ 8DE922CD4FEA6F83B10805DF965B9A08 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
15:04:43.0111 5580 truecrypt - ok
15:04:43.0158 5580 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:04:43.0178 5580 TrustedInstaller - ok
15:04:43.0202 5580 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:04:43.0205 5580 tssecsrv - ok
15:04:43.0216 5580 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:04:43.0218 5580 TsUsbFlt - ok
15:04:43.0228 5580 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:04:43.0229 5580 TsUsbGD - ok
15:04:43.0260 5580 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:04:43.0279 5580 tunnel - ok
15:04:43.0314 5580 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
15:04:43.0329 5580 TurboB - ok
15:04:43.0360 5580 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
15:04:43.0380 5580 TurboBoost - ok
15:04:43.0400 5580 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:04:43.0403 5580 uagp35 - ok
15:04:43.0420 5580 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:04:43.0426 5580 udfs - ok
15:04:43.0443 5580 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:04:43.0446 5580 UI0Detect - ok
15:04:43.0465 5580 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:04:43.0468 5580 uliagpkx - ok
15:04:43.0480 5580 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:04:43.0482 5580 umbus - ok
15:04:43.0493 5580 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:04:43.0495 5580 UmPass - ok
15:04:43.0523 5580 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:04:43.0529 5580 UmRdpService - ok
15:04:43.0631 5580 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:04:43.0674 5580 UNS - ok
15:04:43.0695 5580 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:04:43.0702 5580 upnphost - ok
15:04:43.0725 5580 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:04:43.0743 5580 usbccgp - ok
15:04:43.0774 5580 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:04:43.0789 5580 usbcir - ok
15:04:43.0808 5580 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:04:43.0824 5580 usbehci - ok
15:04:43.0862 5580 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:04:43.0883 5580 usbhub - ok
15:04:43.0903 5580 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:04:43.0916 5580 usbohci - ok
15:04:43.0939 5580 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:04:43.0953 5580 usbprint - ok
15:04:43.0986 5580 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:04:44.0001 5580 usbscan - ok
15:04:44.0016 5580 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:04:44.0018 5580 USBSTOR - ok
15:04:44.0041 5580 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:04:44.0043 5580 usbuhci - ok
15:04:44.0062 5580 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:04:44.0066 5580 usbvideo - ok
15:04:44.0105 5580 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
15:04:44.0125 5580 usb_rndisx - ok
15:04:44.0157 5580 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:04:44.0160 5580 UxSms - ok
15:04:44.0173 5580 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:04:44.0174 5580 VaultSvc - ok
15:04:44.0229 5580 [ 20BF96C13DB4BA085D98F4700F3B05FE ] vcsFPService C:\Windows\system32\vcsFPService.exe
15:04:44.0332 5580 vcsFPService - ok
15:04:44.0362 5580 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:04:44.0378 5580 vdrvroot - ok
15:04:44.0404 5580 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:04:44.0413 5580 vds - ok
15:04:44.0437 5580 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:04:44.0452 5580 vga - ok
15:04:44.0468 5580 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:04:44.0470 5580 VgaSave - ok
15:04:44.0485 5580 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:04:44.0489 5580 vhdmp - ok
15:04:44.0501 5580 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:04:44.0503 5580 viaide - ok
15:04:44.0530 5580 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:04:44.0545 5580 VMBusHID - ok
15:04:44.0565 5580 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:04:44.0567 5580 volmgr - ok
15:04:44.0583 5580 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:04:44.0588 5580 volmgrx - ok
15:04:44.0606 5580 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:04:44.0624 5580 volsnap - ok
15:04:44.0707 5580 [ AD4BA28B99BCFBFF40A550872A652A33 ] VSApiNt c:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys
15:04:44.0775 5580 VSApiNt - ok
15:04:44.0797 5580 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:04:44.0801 5580 vsmraid - ok
15:04:44.0845 5580 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:04:44.0877 5580 VSS - ok
15:04:44.0891 5580 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:04:44.0910 5580 vwifibus - ok
15:04:44.0929 5580 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:04:44.0931 5580 vwififlt - ok
15:04:44.0981 5580 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:04:44.0983 5580 vwifimp - ok
15:04:45.0006 5580 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:04:45.0012 5580 W32Time - ok
15:04:45.0028 5580 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:04:45.0031 5580 WacomPen - ok
15:04:45.0047 5580 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:04:45.0050 5580 WANARP - ok
15:04:45.0053 5580 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:04:45.0054 5580 Wanarpv6 - ok
15:04:45.0111 5580 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:04:45.0153 5580 WatAdminSvc - ok
15:04:45.0194 5580 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:04:45.0252 5580 wbengine - ok
15:04:45.0269 5580 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:04:45.0286 5580 WbioSrvc - ok
15:04:45.0308 5580 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:04:45.0316 5580 wcncsvc - ok
15:04:45.0325 5580 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:04:45.0340 5580 WcsPlugInService - ok
15:04:45.0371 5580 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:04:45.0385 5580 Wd - ok
15:04:45.0422 5580 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:04:45.0444 5580 Wdf01000 - ok
15:04:45.0460 5580 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:04:45.0463 5580 WdiServiceHost - ok
15:04:45.0466 5580 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:04:45.0468 5580 WdiSystemHost - ok
15:04:45.0482 5580 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:04:45.0506 5580 WebClient - ok
15:04:45.0535 5580 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:04:45.0568 5580 Wecsvc - ok
15:04:45.0583 5580 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:04:45.0586 5580 wercplsupport - ok
15:04:45.0610 5580 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:04:45.0611 5580 WerSvc - ok
15:04:45.0626 5580 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:04:45.0645 5580 WfpLwf - ok
15:04:45.0671 5580 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:04:45.0673 5580 WIMMount - ok
15:04:45.0687 5580 WinDefend - ok
15:04:45.0694 5580 WinHttpAutoProxySvc - ok
15:04:45.0738 5580 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:04:45.0742 5580 Winmgmt - ok
15:04:45.0788 5580 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:04:45.0832 5580 WinRM - ok
15:04:45.0854 5580 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
15:04:45.0874 5580 WinUSB - ok
15:04:45.0904 5580 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:04:45.0917 5580 Wlansvc - ok
15:04:45.0955 5580 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:04:45.0968 5580 wlcrasvc - ok
15:04:46.0065 5580 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:04:46.0102 5580 wlidsvc - ok
15:04:46.0111 5580 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:04:46.0113 5580 WmiAcpi - ok
15:04:46.0137 5580 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:04:46.0141 5580 wmiApSrv - ok
15:04:46.0155 5580 WMPNetworkSvc - ok
15:04:46.0190 5580 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:04:46.0205 5580 WPCSvc - ok
15:04:46.0220 5580 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:04:46.0226 5580 WPDBusEnum - ok
15:04:46.0239 5580 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:04:46.0242 5580 ws2ifsl - ok
15:04:46.0252 5580 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:04:46.0255 5580 wscsvc - ok
15:04:46.0287 5580 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:04:46.0299 5580 WSDPrintDevice - ok
15:04:46.0329 5580 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
15:04:46.0343 5580 WSDScan - ok
15:04:46.0346 5580 WSearch - ok
15:04:46.0410 5580 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:04:46.0449 5580 wuauserv - ok
15:04:46.0483 5580 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:04:46.0485 5580 WudfPf - ok
15:04:46.0515 5580 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:04:46.0535 5580 WUDFRd - ok
15:04:46.0562 5580 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:04:46.0565 5580 wudfsvc - ok
15:04:46.0586 5580 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:04:46.0619 5580 WwanSvc - ok
15:04:46.0650 5580 ================ Scan global ===============================
15:04:46.0669 5580 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:04:46.0702 5580 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:04:46.0711 5580 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:04:46.0730 5580 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:04:46.0759 5580 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:04:46.0765 5580 [Global] - ok
15:04:46.0766 5580 ================ Scan MBR ==================================
15:04:46.0775 5580 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:04:47.0038 5580 \Device\Harddisk0\DR0 - ok
15:04:47.0038 5580 ================ Scan VBR ==================================
15:04:47.0041 5580 [ FED2F78B76F3E2669F4551B288782F5C ] \Device\Harddisk0\DR0\Partition1
15:04:47.0043 5580 \Device\Harddisk0\DR0\Partition1 - ok
15:04:47.0063 5580 [ 8BB9E90A2B4737751E2867FE3831B9F6 ] \Device\Harddisk0\DR0\Partition2
15:04:47.0064 5580 \Device\Harddisk0\DR0\Partition2 - ok
15:04:47.0065 5580 ============================================================
15:04:47.0065 5580 Scan finished
15:04:47.0065 5580 ============================================================
15:04:47.0072 5364 Detected object count: 0
15:04:47.0072 5364 Actual detected object count: 0



Gestern ist mir noch aufgefallen, dass auf manchen Seiten klein "Ads bei Browse to Save" steht. Vielleicht hängt es auch damit zusammen...

Schritt 1: Software deinstallieren

• Klicke Start-->Systemsteuerung.
• Öffne Programme und Funktionen.
• Suche und deinstalliere folgende Einträge:
  
  Zitat:

  VaudiX

• Schließe das Fenster.

Schritt 2: adwCleaner




Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Löschen.
• Bestätige jeweils mit Ok.
• Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Schritt 3: Neues OTL-Log

• Doppelklick auf die OTL.exe
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in den Thread.

OTL Logfile:
--- --- ---


OTL Logfile:
--- --- ---

Schritt 1: Fix mit OTL

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Kopiere nun den Inhalt in die http://larusso.trojaner-board.de/Images/otlfix.jpg Textbox.

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
  ( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
  Kopiere nun den Inhalt hier in Deinen Thread

Schritt 2: MBAM



Downloade Dir bitte Malwarebytes

• Installiere das Programm in den vorgegebenen Pfad.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
• Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.
• Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
• Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
• Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
• Nachträglich kannst du den Bericht unter "Log Dateien" finden.

keine Funde durch Malwarebytes

Sieht alles sehr gut aus! Ich glaube er hats geschafft. :)

Vielen Dank für die kompetente Hilfe!!!

Sieht ganz gut aus - kontrollieren wir alles nochmal! :)


Schritt 1: MBAM vollständig


Downloade Dir bitte Malwarebytes

• Installiere das Programm in den vorgegebenen Pfad.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
• Wenn das Update beendet wurde, aktiviere Vollständigen Scan durchführen und drücke auf Scannen. (Hinweis: Alle Festplatten anhaken!)
• Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
• Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
• Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
• Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Schritt 2: ESET


ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3: adwCleaner



Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Löschen.
• Bestätige jeweils mit Ok.
• Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:AdwCleaner[S1].txt.

Hallo! Sorry, hab irgendwie komplett auf den Beitrag hier vergessen...

Ich kann leider die für den zweiten Schritt erforderliche Datei nicht finden. - esetsmartinstaller_enu.exe

Hier mal die beiden anderen Log-Files: