Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Auf commerzbanking Aufforderung, 100 TAN einzugeben...

Auf commerzbanking Aufforderung, 100 TAN einzugeben...


Plagegeister aller Art und deren Bekämpfung: Auf commerzbanking Aufforderung, 100 TAN einzugeben...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 12.05.2012, 22:03   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auf commerzbanking Aufforderung, 100 TAN einzugeben... - Standard

Auf commerzbanking Aufforderung, 100 TAN einzugeben...


Zitat:
da jetzt privat genutztes Gerät und meine Frau Bilder etc. darauf hat.
Euch ist aber schon klar, dass man diese Daten sichert wenn sie angeblich so wichtig sind? Wurde noch nie was gesichert auf ein externes Medium?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 12.05.2012, 22:13   #17
panther77
 
Auf commerzbanking Aufforderung, 100 TAN einzugeben... - Standard

Auf commerzbanking Aufforderung, 100 TAN einzugeben...


Das ist uns klar - natürlich haben wir Sicherungen gemacht. Als Computerlaie ist es aber halt nicht so, dass man von jedem Bild was man ggf. auf dem PC hat, sofort eine Sicherung macht. Sollten wir sicher in der Zukunft verbessern. Viele Grüße, panther
__________________
Alt 12.05.2012, 22:48   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auf commerzbanking Aufforderung, 100 TAN einzugeben... - Standard

Auf commerzbanking Aufforderung, 100 TAN einzugeben...


Naja sofort geht auch nicht, aber man könnte durchaus mal überlegen, ob man einmal im Monat eine Gesamtsicherung macht (per Image) und wichtigere Dokumente sofort sichert, also nicht nur auf den PC speichert, sondern wichtiges Zeug sofort dann auch gleich mit auf die ext. Platte kopiert

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideShutdownScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 5800
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O15 - HKLM\..Trusted Domains: cmsd.de ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: cmsd.de ([evserver01.ad] * in Local intranet)
O15 - HKLM\..Trusted Domains: cms-hs.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: db.com ([*.db-direct] * in Local intranet)
O15 - HKLM\..Trusted Domains: db.com ([db-direct] * in Local intranet)
O15 - HKLM\..Trusted Domains: isc-srv-07 ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: xnt-srv-40 ([]* in Local intranet)
O15 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\..Trusted Domains: cmsd.de ([]* in Local intranet)
O15 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\..Trusted Domains: cmsd.de ([evserver01.ad] * in Local intranet)
O15 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\..Trusted Domains: cms-hs.com ([]* in Local intranet)
O15 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\..Trusted Domains: db.com ([*.db-direct] * in Local intranet)
O15 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\..Trusted Domains: db.com ([db-direct] * in Local intranet)
O15 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\..Trusted Domains: isc-srv-07 ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2517247458-4188068555-2801990222-8292\..Trusted Domains: xnt-srv-40 ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ad.cmsd.de
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE31423-A26F-49BB-836F-E176F9919FEA}: DhcpNameServer = 10.54.90.101 10.110.90.103
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.03.04 13:57:48 | 000,000,000 | ---- | M] () - M:\Autorenvertrag-Vegleich.docx -- [ NTFS ]
[2012.04.24 17:29:49 | 000,000,000 | ---D | C] -- C:\Users\stpo\AppData\Roaming\Uvneyhy
[2012.04.24 17:29:49 | 000,000,000 | ---D | C] -- C:\Users\stpo\AppData\Roaming\Dyvigop
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
__________________
Alt 13.05.2012, 16:10   #19
panther77
 
Auf commerzbanking Aufforderung, 100 TAN einzugeben... - Standard

Auf commerzbanking Aufforderung, 100 TAN einzugeben...


Hallo Arne, danke. Anbei das Log:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\disablecad not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\SoftwareSASGeneration not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideShutdownScripts not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\MaxGPOScriptWait not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideFastUserSwitching not found.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\PhishingFilter\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\PhishingFilter\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\PhishingFilter\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\PhishingFilter\ not found.
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\Software\Policies\Microsoft\Internet Explorer\Main\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\Software\Policies\Microsoft\Internet Explorer\PhishingFilter\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cmsd.de\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cmsd.de\evserver01.ad\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cms-hs.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\db.com\*.db-direct\ not found.
Invalid CLSID key: *.db-direct
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\db.com\db-direct\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isc-srv-07\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\xnt-srv-40\ not found.
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cmsd.de\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cmsd.de\evserver01.ad\ not found.
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cms-hs.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\db.com\*.db-direct\ deleted successfully.
Invalid CLSID key: *.db-direct
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\db.com\db-direct\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isc-srv-07\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2517247458-4188068555-2801990222-8292\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\xnt-srv-40\ deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\Domain| /E : value set successfully!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6DE31423-A26F-49BB-836F-E176F9919FEA}\\DhcpNameServer| /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File C:\autoexec.bat not found.
File M:\Autorenvertrag-Vegleich.docx not found.
C:\Users\stpo\AppData\Roaming\Uvneyhy folder moved successfully.
C:\Users\stpo\AppData\Roaming\Dyvigop folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 6603353 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: barainst
->Temp folder emptied: 84013647 bytes
->Temporary Internet Files folder emptied: 128966 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: skdi
->Temp folder emptied: 64580 bytes
->Temporary Internet Files folder emptied: 72833 bytes
->Flash cache emptied: 422 bytes

User: stpo
->Temp folder emptied: 74430894 bytes
->Temporary Internet Files folder emptied: 156058800 bytes
->Java cache emptied: 42682836 bytes
->Flash cache emptied: 3184 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36446897 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 382,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: barainst

User: Default

User: Default User

User: Public

User: skdi
->Flash cache emptied: 0 bytes

User: stpo
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.42.3 log created on 05132012_165813

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Alt 13.05.2012, 16:21   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auf commerzbanking Aufforderung, 100 TAN einzugeben... - Standard

Auf commerzbanking Aufforderung, 100 TAN einzugeben...


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!


__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.05.2012, 19:14   #21
panther77
 
Auf commerzbanking Aufforderung, 100 TAN einzugeben... - Standard

Auf commerzbanking Aufforderung, 100 TAN einzugeben...


Hallo Arne:

Hier der report! Danke

220:02:10.0546 4936 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:02:10.0841 4936 ============================================================
20:02:10.0841 4936 Current date / time: 2012/05/13 20:02:10.0841
20:02:10.0841 4936 SystemInfo:
20:02:10.0841 4936
20:02:10.0841 4936 OS Version: 6.1.7601 ServicePack: 1.0
20:02:10.0841 4936 Product type: Workstation
20:02:10.0841 4936 ComputerName: SNB0373
20:02:10.0842 4936 UserName: stpo
20:02:10.0842 4936 Windows directory: C:\Windows
20:02:10.0842 4936 System windows directory: C:\Windows
20:02:10.0842 4936 Processor architecture: Intel x86
20:02:10.0842 4936 Number of processors: 4
20:02:10.0842 4936 Page size: 0x1000
20:02:10.0842 4936 Boot type: Normal boot
20:02:10.0842 4936 ============================================================
20:02:13.0071 4936 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:02:13.0072 4936 ============================================================
20:02:13.0072 4936 \Device\Harddisk0\DR0:
20:02:13.0072 4936 MBR partitions:
20:02:13.0072 4936 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xEDDDD8D
20:02:13.0072 4936 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xEDDE000, BlocksNum 0x96000
20:02:13.0072 4936 ============================================================
20:02:13.0073 4936 C: <-> \Device\Harddisk0\DR0\Partition0
20:02:13.0073 4936 ============================================================
20:02:13.0073 4936 Initialize success
20:02:13.0073 4936 ============================================================
20:02:42.0147 2512 ============================================================
20:02:42.0147 2512 Scan started
20:02:42.0147 2512 Mode: Manual; SigCheck; TDLFS;
20:02:42.0147 2512 ============================================================
20:02:44.0131 2512 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
20:02:44.0256 2512 1394ohci - ok
20:02:44.0283 2512 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
20:02:44.0314 2512 ACPI - ok
20:02:44.0322 2512 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
20:02:44.0363 2512 AcpiPmi - ok
20:02:44.0380 2512 AcPrfMgrSvc (deeccadbd25f65d65293a09721b3a447) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
20:02:44.0402 2512 AcPrfMgrSvc - ok
20:02:44.0423 2512 AcSvc (a7753804c6c66c9c80f4e29659fd721c) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
20:02:44.0447 2512 AcSvc - ok
20:02:44.0476 2512 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
20:02:44.0515 2512 adp94xx - ok
20:02:44.0535 2512 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
20:02:44.0568 2512 adpahci - ok
20:02:44.0580 2512 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
20:02:44.0605 2512 adpu320 - ok
20:02:44.0618 2512 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
20:02:44.0706 2512 AeLookupSvc - ok
20:02:44.0730 2512 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
20:02:44.0768 2512 AFD - ok
20:02:44.0776 2512 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
20:02:44.0797 2512 agp440 - ok
20:02:44.0809 2512 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
20:02:44.0831 2512 aic78xx - ok
20:02:44.0841 2512 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
20:02:44.0872 2512 ALG - ok
20:02:44.0878 2512 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
20:02:44.0898 2512 aliide - ok
20:02:44.0910 2512 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
20:02:44.0932 2512 amdagp - ok
20:02:44.0938 2512 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
20:02:44.0959 2512 amdide - ok
20:02:44.0968 2512 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
20:02:44.0997 2512 AmdK8 - ok
20:02:45.0009 2512 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
20:02:45.0038 2512 AmdPPM - ok
20:02:45.0049 2512 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
20:02:45.0071 2512 amdsata - ok
20:02:45.0084 2512 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
20:02:45.0110 2512 amdsbs - ok
20:02:45.0116 2512 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
20:02:45.0135 2512 amdxata - ok
20:02:45.0145 2512 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
20:02:45.0205 2512 AppID - ok
20:02:45.0212 2512 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
20:02:45.0273 2512 AppIDSvc - ok
20:02:45.0281 2512 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
20:02:45.0341 2512 Appinfo - ok
20:02:45.0354 2512 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
20:02:45.0384 2512 AppMgmt - ok
20:02:45.0393 2512 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
20:02:45.0415 2512 arc - ok
20:02:45.0426 2512 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
20:02:45.0448 2512 arcsas - ok
20:02:45.0469 2512 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:02:45.0491 2512 aspnet_state - ok
20:02:45.0497 2512 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
20:02:45.0585 2512 AsyncMac - ok
20:02:45.0591 2512 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
20:02:45.0609 2512 atapi - ok
20:02:45.0645 2512 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
20:02:45.0718 2512 AudioEndpointBuilder - ok
20:02:45.0730 2512 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
20:02:45.0802 2512 Audiosrv - ok
20:02:45.0812 2512 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
20:02:45.0849 2512 AxInstSV - ok
20:02:45.0878 2512 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
20:02:45.0918 2512 b06bdrv - ok
20:02:45.0936 2512 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:02:45.0969 2512 b57nd60x - ok
20:02:46.0326 2512 BARAAGNT (dfd2de4ca14d419b8af57002b19b8bd2) C:\Program Files\bsAG\BMA\bma.exe
20:02:46.0611 2512 BARAAGNT - ok
20:02:46.0653 2512 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
20:02:46.0678 2512 BDESVC - ok
20:02:46.0686 2512 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
20:02:46.0737 2512 Beep - ok
20:02:46.0769 2512 BFCRX (3392d5468a859f6b915be8a6b9d3f886) C:\Windows\system32\BFCRX.exe
20:02:46.0800 2512 BFCRX - ok
20:02:46.0829 2512 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
20:02:46.0890 2512 BFE - ok
20:02:46.0919 2512 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
20:02:46.0984 2512 BITS - ok
20:02:46.0994 2512 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
20:02:47.0017 2512 blbdrive - ok
20:02:47.0024 2512 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
20:02:47.0045 2512 bowser - ok
20:02:47.0054 2512 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
20:02:47.0080 2512 BrFiltLo - ok
20:02:47.0084 2512 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
20:02:47.0111 2512 BrFiltUp - ok
20:02:47.0120 2512 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
20:02:47.0170 2512 Browser - ok
20:02:47.0186 2512 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
20:02:47.0218 2512 Brserid - ok
20:02:47.0225 2512 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
20:02:47.0252 2512 BrSerWdm - ok
20:02:47.0261 2512 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:02:47.0286 2512 BrUsbMdm - ok
20:02:47.0299 2512 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
20:02:47.0321 2512 BrUsbSer - ok
20:02:47.0332 2512 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
20:02:47.0361 2512 BTHMODEM - ok
20:02:47.0380 2512 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
20:02:47.0452 2512 bthserv - ok
20:02:47.0489 2512 btwdins (0e3ee2bc0ec56bfe869fcde3e5806684) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
20:02:47.0516 2512 btwdins - ok
20:02:47.0526 2512 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
20:02:47.0580 2512 cdfs - ok
20:02:47.0592 2512 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
20:02:47.0615 2512 cdrom - ok
20:02:47.0625 2512 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
20:02:47.0679 2512 CertPropSvc - ok
20:02:47.0692 2512 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
20:02:47.0716 2512 circlass - ok
20:02:47.0730 2512 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
20:02:47.0758 2512 CLFS - ok
20:02:47.0768 2512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:02:47.0784 2512 clr_optimization_v2.0.50727_32 - ok
20:02:47.0797 2512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:02:47.0822 2512 clr_optimization_v4.0.30319_32 - ok
20:02:47.0828 2512 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
20:02:47.0851 2512 CmBatt - ok
20:02:47.0856 2512 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
20:02:47.0870 2512 cmdide - ok
20:02:47.0889 2512 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
20:02:47.0924 2512 CNG - ok
20:02:47.0930 2512 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
20:02:47.0945 2512 Compbatt - ok
20:02:47.0951 2512 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:02:47.0977 2512 CompositeBus - ok
20:02:47.0982 2512 COMSysApp - ok
20:02:47.0989 2512 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
20:02:48.0007 2512 crcdisk - ok
20:02:48.0023 2512 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
20:02:48.0072 2512 CryptSvc - ok
20:02:48.0089 2512 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
20:02:48.0111 2512 CSC - ok
20:02:48.0135 2512 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
20:02:48.0163 2512 CscService - ok
20:02:48.0198 2512 DcaSvc (aabd987910d1ea8770ab62160020aed7) C:\Program Files\DirectAccess Connectivity Assistant\DcaSvc.exe
20:02:48.0210 2512 DcaSvc - ok
20:02:48.0231 2512 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
20:02:48.0275 2512 DcomLaunch - ok
20:02:48.0300 2512 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
20:02:48.0348 2512 defragsvc - ok
20:02:48.0360 2512 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
20:02:48.0397 2512 DfsC - ok
20:02:48.0411 2512 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
20:02:48.0457 2512 Dhcp - ok
20:02:48.0463 2512 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
20:02:48.0503 2512 discache - ok
20:02:48.0511 2512 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
20:02:48.0522 2512 Disk - ok
20:02:48.0547 2512 DMService (4e82a6c63af27769d116eab576e5357e) C:\Windows\DOWNLO~1\DMService.exe
20:02:48.0575 2512 DMService - ok
20:02:48.0583 2512 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys
20:02:48.0603 2512 dmvsc - ok
20:02:48.0623 2512 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
20:02:48.0645 2512 Dnscache - ok
20:02:48.0658 2512 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
20:02:48.0703 2512 dot3svc - ok
20:02:48.0717 2512 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
20:02:53.0139 2512 DPS - ok
20:02:53.0149 2512 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
20:02:53.0184 2512 drmkaud - ok
20:02:53.0224 2512 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
20:02:53.0276 2512 DXGKrnl - ok
20:02:53.0305 2512 e1cexpress (890a46fb3d58667be559cee1a0252049) C:\Windows\system32\DRIVERS\e1c6232.sys
20:02:53.0358 2512 e1cexpress - ok
20:02:53.0377 2512 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
20:02:53.0444 2512 EapHost - ok
20:02:55.0378 2512 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
20:02:55.0494 2512 ebdrv - ok
20:02:55.0529 2512 ecnssndis (e922bc274fbd736b41020872c8aac390) C:\Windows\system32\Drivers\wwanuss.sys
20:02:55.0542 2512 ecnssndis - ok
20:02:55.0551 2512 ecnssndisfltr (15ca5cd73a30398c89247b3c5e933044) C:\Windows\system32\Drivers\wwanussf.sys
20:02:55.0571 2512 ecnssndisfltr - ok
20:02:55.0577 2512 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
20:02:55.0608 2512 EFS - ok
20:02:55.0635 2512 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
20:02:55.0674 2512 elxstor - ok
20:02:55.0681 2512 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
20:02:55.0707 2512 ErrDev - ok
20:02:57.0510 2512 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
20:02:57.0583 2512 EventSystem - ok
20:02:57.0597 2512 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
20:02:57.0664 2512 exfat - ok
20:02:57.0679 2512 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
20:02:57.0756 2512 fastfat - ok
20:02:57.0771 2512 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys
20:02:57.0800 2512 fdc - ok
20:02:57.0824 2512 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
20:02:57.0904 2512 fdPHost - ok
20:02:57.0912 2512 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
20:02:57.0988 2512 FDResPub - ok
20:02:57.0997 2512 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
20:02:58.0026 2512 FileInfo - ok
20:02:58.0048 2512 FileOpenManagerSvc (acedb7769f9043e869e252153487cc5c) C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe
20:02:58.0073 2512 FileOpenManagerSvc - ok
20:02:58.0081 2512 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
20:02:58.0136 2512 Filetrace - ok
20:02:58.0142 2512 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys
20:02:58.0163 2512 flpydisk - ok
20:02:58.0177 2512 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
20:02:58.0201 2512 FltMgr - ok
20:02:58.0242 2512 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
20:02:58.0290 2512 FontCache - ok
20:02:58.0298 2512 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:02:58.0312 2512 FontCache3.0.0.0 - ok
20:02:58.0321 2512 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
20:02:58.0340 2512 FsDepends - ok
20:02:58.0347 2512 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
20:02:58.0368 2512 Fs_Rec - ok
20:02:58.0383 2512 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
20:02:58.0415 2512 fvevol - ok
20:02:58.0424 2512 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
20:02:58.0442 2512 gagp30kx - ok
20:02:58.0512 2512 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
20:02:58.0588 2512 gpsvc - ok
20:02:58.0597 2512 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
20:02:58.0622 2512 hcw85cir - ok
20:02:58.0643 2512 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
20:02:58.0679 2512 HdAudAddService - ok
20:02:58.0692 2512 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:02:58.0723 2512 HDAudBus - ok
20:02:58.0731 2512 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
20:02:58.0756 2512 HidBatt - ok
20:02:58.0765 2512 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
20:02:58.0789 2512 HidBth - ok
20:02:58.0796 2512 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
20:02:58.0820 2512 HidIr - ok
20:02:58.0827 2512 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
20:02:58.0884 2512 hidserv - ok
20:02:58.0891 2512 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
20:02:58.0911 2512 HidUsb - ok
20:02:58.0919 2512 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
20:02:58.0981 2512 hkmsvc - ok
20:02:58.0996 2512 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
20:02:59.0021 2512 HomeGroupListener - ok
20:02:59.0035 2512 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
20:02:59.0062 2512 HomeGroupProvider - ok
20:02:59.0070 2512 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
20:02:59.0089 2512 HpSAMD - ok
20:02:59.0113 2512 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
20:02:59.0165 2512 HTTP - ok
20:02:59.0171 2512 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
20:02:59.0184 2512 hwpolicy - ok
20:02:59.0193 2512 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
20:02:59.0216 2512 i8042prt - ok
20:02:59.0236 2512 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
20:02:59.0261 2512 iaStorV - ok
20:02:59.0267 2512 IBMPMDRV (fa3d0a6da7bb7968efe5c5bc267f0e55) C:\Windows\system32\DRIVERS\ibmpmdrv.sys
20:02:59.0280 2512 IBMPMDRV - ok
20:02:59.0286 2512 IBMPMSVC (495f184a29b80b51735bcee91d84fe8f) C:\Windows\system32\ibmpmsvc.exe
20:02:59.0296 2512 IBMPMSVC - ok
20:02:59.0337 2512 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:02:59.0374 2512 idsvc - ok
20:02:59.0837 2512 igfx (5bcac9ee17f90d03e5ff4f9bb7d2f4b8) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:03:00.0225 2512 igfx - ok
20:03:00.0267 2512 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
20:03:00.0284 2512 iirsp - ok
20:03:00.0319 2512 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
20:03:00.0384 2512 IKEEXT - ok
20:03:00.0392 2512 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
20:03:00.0408 2512 intelide - ok
20:03:00.0417 2512 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
20:03:00.0440 2512 intelppm - ok
20:03:00.0447 2512 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
20:03:00.0502 2512 IPBusEnum - ok
20:03:00.0511 2512 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:03:00.0563 2512 IpFilterDriver - ok
20:03:00.0591 2512 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
20:03:00.0652 2512 iphlpsvc - ok
20:03:00.0659 2512 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
20:03:00.0682 2512 IPMIDRV - ok
20:03:00.0691 2512 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
20:03:00.0744 2512 IPNAT - ok
20:03:00.0751 2512 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
20:03:00.0779 2512 IRENUM - ok
20:03:00.0785 2512 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
20:03:00.0802 2512 isapnp - ok
20:03:00.0817 2512 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
20:03:00.0841 2512 iScsiPrt - ok
20:03:00.0848 2512 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:03:00.0868 2512 kbdclass - ok
20:03:00.0875 2512 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
20:03:00.0904 2512 kbdhid - ok
20:03:00.0910 2512 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:03:00.0939 2512 KeyIso - ok
20:03:00.0947 2512 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
20:03:00.0968 2512 KSecDD - ok
20:03:00.0981 2512 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
20:03:01.0007 2512 KSecPkg - ok
20:03:01.0032 2512 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
20:03:01.0106 2512 KtmRm - ok
20:03:01.0116 2512 l36wgps (72a3ce3231ec9376379a287b01c35fb3) C:\Windows\system32\DRIVERS\l36wgps.sys
20:03:01.0136 2512 l36wgps - ok
20:03:01.0153 2512 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
20:03:01.0220 2512 LanmanServer - ok
20:03:01.0231 2512 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
20:03:01.0296 2512 LanmanWorkstation - ok
20:03:01.0309 2512 LENOVO.MICMUTE (128158d8b1df639bf3e3fdbcbb64cdac) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
20:03:01.0323 2512 LENOVO.MICMUTE - ok
20:03:01.0328 2512 lenovo.smi (9aac267a225f3caebb9e633f7eb16e4b) C:\Windows\system32\DRIVERS\smiif32.sys
20:03:01.0345 2512 lenovo.smi - ok
20:03:01.0355 2512 Lenovo.VIRTSCRLSVC (6f2cc57eb5836d2ac9bd37f3554d55f8) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
20:03:01.0371 2512 Lenovo.VIRTSCRLSVC - ok
20:03:01.0381 2512 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
20:03:01.0444 2512 lltdio - ok
20:03:01.0459 2512 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
20:03:01.0529 2512 lltdsvc - ok
20:03:01.0535 2512 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
20:03:01.0596 2512 lmhosts - ok
20:03:01.0610 2512 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
20:03:01.0634 2512 LSI_FC - ok
20:03:01.0646 2512 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
20:03:01.0670 2512 LSI_SAS - ok
20:03:01.0680 2512 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
20:03:01.0701 2512 LSI_SAS2 - ok
20:03:01.0711 2512 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
20:03:01.0734 2512 LSI_SCSI - ok
20:03:01.0745 2512 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
20:03:01.0812 2512 luafv - ok
20:03:01.0821 2512 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
20:03:01.0839 2512 MBAMProtector - ok
20:03:01.0884 2512 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:03:01.0925 2512 MBAMService - ok
20:03:01.0952 2512 Mbm3CBus (156221985713bc553a83155f46504d3a) C:\Windows\system32\DRIVERS\Mbm3CBus.sys
20:03:01.0983 2512 Mbm3CBus - ok
20:03:02.0010 2512 Mbm3DevMt (8587a80d67aa29da86714dd88e26f534) C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
20:03:02.0042 2512 Mbm3DevMt - ok
20:03:02.0050 2512 Mbm3mdfl (cace1d5a3dea9e30c6274df618696bce) C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
20:03:02.0068 2512 Mbm3mdfl - ok
20:03:02.0096 2512 Mbm3Mdm (250a475e88b016b4ffb3ac011d626307) C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
20:03:02.0128 2512 Mbm3Mdm - ok
20:03:02.0156 2512 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
20:03:02.0176 2512 MDM ( UnsignedFile.Multi.Generic ) - warning
20:03:02.0176 2512 MDM - detected UnsignedFile.Multi.Generic (1)
20:03:02.0184 2512 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
20:03:02.0204 2512 megasas - ok
20:03:02.0223 2512 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
20:03:02.0252 2512 MegaSR - ok
20:03:02.0262 2512 MEI (d86ac00883b9c98b570e7643aaf8e554) C:\Windows\system32\DRIVERS\HECI.sys
20:03:02.0285 2512 MEI - ok
20:03:02.0293 2512 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:03:02.0360 2512 MMCSS - ok
20:03:02.0367 2512 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
20:03:02.0429 2512 Modem - ok
20:03:02.0436 2512 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
20:03:02.0467 2512 monitor - ok
20:03:02.0475 2512 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
20:03:02.0495 2512 mouclass - ok
20:03:02.0503 2512 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
20:03:02.0531 2512 mouhid - ok
20:03:02.0541 2512 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
20:03:02.0563 2512 mountmgr - ok
20:03:02.0568 2512 MpFilter - ok
20:03:02.0584 2512 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
20:03:02.0608 2512 mpio - ok
20:03:02.0616 2512 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
20:03:02.0676 2512 mpsdrv - ok
20:03:02.0709 2512 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
20:03:02.0789 2512 MpsSvc - ok
20:03:02.0800 2512 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
20:03:02.0837 2512 MRxDAV - ok
20:03:02.0849 2512 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:03:02.0877 2512 mrxsmb - ok
20:03:02.0895 2512 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:03:02.0927 2512 mrxsmb10 - ok
20:03:02.0937 2512 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:03:02.0965 2512 mrxsmb20 - ok
20:03:02.0973 2512 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
20:03:02.0992 2512 msahci - ok
20:03:03.0004 2512 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
20:03:03.0028 2512 msdsm - ok
20:03:03.0040 2512 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
20:03:03.0076 2512 MSDTC - ok
20:03:03.0090 2512 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
20:03:03.0151 2512 Msfs - ok
20:03:03.0157 2512 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
20:03:03.0219 2512 mshidkmdf - ok
20:03:03.0225 2512 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
20:03:03.0243 2512 msisadrv - ok
20:03:03.0255 2512 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
20:03:03.0320 2512 MSiSCSI - ok
20:03:03.0326 2512 msiserver - ok
20:03:03.0335 2512 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
20:03:03.0398 2512 MSKSSRV - ok
20:03:03.0404 2512 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
20:03:03.0467 2512 MSPCLOCK - ok
20:03:03.0473 2512 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
20:03:03.0535 2512 MSPQM - ok
20:03:03.0552 2512 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
20:03:03.0577 2512 MsRPC - ok
20:03:03.0589 2512 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
20:03:03.0609 2512 mssmbios - ok
20:03:03.0615 2512 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
20:03:03.0677 2512 MSTEE - ok
20:03:03.0683 2512 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
20:03:03.0711 2512 MTConfig - ok
20:03:03.0718 2512 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
20:03:03.0739 2512 Mup - ok
20:03:03.0747 2512 mv2 (4cb5d3a5902a92606408a36865a04d53) C:\Windows\system32\DRIVERS\mv2.sys
20:03:03.0767 2512 mv2 - ok
20:03:03.0793 2512 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
20:03:03.0865 2512 napagent - ok
20:03:03.0888 2512 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
20:03:03.0930 2512 NativeWifiP - ok
20:03:03.0971 2512 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
20:03:04.0021 2512 NDIS - ok
20:03:04.0029 2512 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
20:03:04.0092 2512 NdisCap - ok
20:03:04.0098 2512 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
20:03:04.0157 2512 NdisTapi - ok
20:03:04.0166 2512 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
20:03:04.0227 2512 Ndisuio - ok
20:03:04.0238 2512 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
20:03:04.0302 2512 NdisWan - ok
20:03:04.0310 2512 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
20:03:04.0370 2512 NDProxy - ok
20:03:04.0380 2512 Net Driver HPZ12 (f7c14f5077bf2bc476c348b88a7f74e2) C:\Windows\system32\HPZinw12.dll
20:03:04.0393 2512 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:03:04.0393 2512 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:03:04.0401 2512 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
20:03:04.0465 2512 NetBIOS - ok
20:03:04.0479 2512 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
20:03:04.0543 2512 NetBT - ok
20:03:04.0552 2512 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:03:04.0579 2512 Netlogon - ok
20:03:04.0603 2512 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
20:03:04.0676 2512 Netman - ok
20:03:04.0694 2512 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:03:04.0718 2512 NetMsmqActivator - ok
20:03:04.0725 2512 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:03:04.0745 2512 NetPipeActivator - ok
20:03:04.0771 2512 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
20:03:04.0848 2512 netprofm - ok
20:03:04.0855 2512 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:03:04.0873 2512 NetTcpActivator - ok
20:03:04.0880 2512 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:03:04.0899 2512 NetTcpPortSharing - ok
20:03:05.0254 2512 NETwNs32 (9c23121705590d54db8a8c6033c782d9) C:\Windows\system32\DRIVERS\NETwNs32.sys
20:03:05.0528 2512 NETwNs32 - ok
20:03:05.0575 2512 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
20:03:05.0596 2512 nfrd960 - ok
20:03:05.0616 2512 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
20:03:05.0684 2512 NlaSvc - ok
20:03:05.0691 2512 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
20:03:05.0756 2512 Npfs - ok
20:03:05.0762 2512 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
20:03:05.0829 2512 nsi - ok
20:03:05.0835 2512 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
20:03:05.0898 2512 nsiproxy - ok
20:03:05.0963 2512 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
20:03:06.0033 2512 Ntfs - ok
20:03:06.0080 2512 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
20:03:06.0141 2512 Null - ok
20:03:06.0151 2512 nusb3hub (f0cbf252811bc5fc49e7ecca3ee9519f) C:\Windows\system32\DRIVERS\nusb3hub.sys
20:03:06.0174 2512 nusb3hub - ok
20:03:06.0187 2512 nusb3xhc (bdc5ff9b669b5475e3a6e47e5608205c) C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:03:06.0213 2512 nusb3xhc - ok
20:03:06.0224 2512 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
20:03:06.0249 2512 nvraid - ok
20:03:06.0263 2512 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
20:03:06.0288 2512 nvstor - ok
20:03:06.0299 2512 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
20:03:06.0322 2512 nv_agp - ok
20:03:06.0352 2512 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:03:06.0388 2512 odserv - ok
20:03:06.0398 2512 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
20:03:06.0427 2512 ohci1394 - ok
20:03:06.0440 2512 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:03:06.0463 2512 ose - ok
20:03:06.0490 2512 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:03:06.0526 2512 p2pimsvc - ok
20:03:06.0548 2512 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
20:03:06.0587 2512 p2psvc - ok
20:03:06.0598 2512 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys
20:03:06.0628 2512 Parport - ok
20:03:06.0637 2512 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
20:03:06.0658 2512 partmgr - ok
20:03:06.0664 2512 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys
20:03:06.0692 2512 Parvdm - ok
20:03:06.0705 2512 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
20:03:06.0746 2512 PcaSvc - ok
20:03:06.0764 2512 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
20:03:06.0789 2512 pci - ok
20:03:06.0796 2512 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
20:03:06.0815 2512 pciide - ok
20:03:06.0829 2512 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
20:03:06.0856 2512 pcmcia - ok
20:03:06.0864 2512 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
20:03:06.0884 2512 pcw - ok
20:03:06.0920 2512 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
20:03:07.0000 2512 PEAUTH - ok
20:03:07.0055 2512 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
20:03:07.0116 2512 PeerDistSvc - ok
20:03:07.0212 2512 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
20:03:07.0322 2512 pla - ok
20:03:07.0376 2512 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
20:03:07.0415 2512 PlugPlay - ok
20:03:07.0425 2512 Pml Driver HPZ12 (e638656001c52a1faa34f92e6d3a086b) C:\Windows\system32\HPZipm12.dll
20:03:07.0438 2512 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:03:07.0438 2512 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:03:07.0445 2512 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
20:03:07.0474 2512 PNRPAutoReg - ok
20:03:07.0496 2512 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:03:07.0530 2512 PNRPsvc - ok
20:03:07.0555 2512 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
20:03:07.0626 2512 PolicyAgent - ok
20:03:07.0642 2512 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
20:03:07.0709 2512 Power - ok
20:03:07.0721 2512 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
20:03:07.0785 2512 PptpMiniport - ok
20:03:07.0794 2512 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
20:03:07.0822 2512 Processor - ok
20:03:07.0837 2512 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
20:03:07.0903 2512 ProfSvc - ok
20:03:07.0910 2512 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:03:07.0937 2512 ProtectedStorage - ok
20:03:07.0947 2512 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
20:03:08.0013 2512 Psched - ok
20:03:08.0089 2512 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
20:03:08.0168 2512 ql2300 - ok
20:03:08.0213 2512 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
20:03:08.0237 2512 ql40xx - ok
20:03:08.0253 2512 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
20:03:08.0298 2512 QWAVE - ok
20:03:08.0305 2512 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
20:03:08.0341 2512 QWAVEdrv - ok
20:03:08.0347 2512 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
20:03:08.0410 2512 RasAcd - ok
20:03:08.0418 2512 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:03:08.0477 2512 RasAgileVpn - ok
20:03:08.0487 2512 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
20:03:08.0556 2512 RasAuto - ok
20:03:08.0566 2512 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:03:08.0632 2512 Rasl2tp - ok
20:03:08.0655 2512 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
20:03:08.0724 2512 RasMan - ok
20:03:08.0735 2512 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
20:03:08.0800 2512 RasPppoe - ok
20:03:08.0811 2512 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
20:03:08.0872 2512 RasSstp - ok
20:03:08.0892 2512 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
20:03:08.0957 2512 rdbss - ok
20:03:08.0963 2512 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
20:03:08.0995 2512 rdpbus - ok
20:03:09.0000 2512 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:03:09.0056 2512 RDPCDD - ok
20:03:09.0072 2512 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
20:03:09.0103 2512 RDPDR - ok
20:03:09.0111 2512 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
20:03:09.0170 2512 RDPENCDD - ok
20:03:09.0180 2512 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
20:03:09.0239 2512 RDPREFMP - ok
20:03:09.0249 2512 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
20:03:09.0275 2512 RdpVideoMiniport - ok
20:03:09.0289 2512 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
20:03:09.0353 2512 RDPWD - ok
20:03:09.0369 2512 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
20:03:09.0395 2512 rdyboost - ok
20:03:09.0405 2512 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
20:03:09.0469 2512 RemoteAccess - ok
20:03:09.0481 2512 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
20:03:09.0550 2512 RemoteRegistry - ok
20:03:09.0560 2512 risdxc (9ebc0f4b55ec20e91fe40ac83825836c) C:\Windows\system32\DRIVERS\risdxc86.sys
20:03:09.0584 2512 risdxc - ok
20:03:09.0592 2512 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
20:03:09.0658 2512 RpcEptMapper - ok
20:03:09.0665 2512 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
20:03:09.0694 2512 RpcLocator - ok
20:03:09.0719 2512 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
20:03:09.0791 2512 RpcSs - ok
20:03:09.0801 2512 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
20:03:09.0866 2512 rspndr - ok
20:03:09.0872 2512 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
20:03:09.0898 2512 s3cap - ok
20:03:09.0905 2512 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:03:09.0932 2512 SamSs - ok
20:03:09.0943 2512 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
20:03:09.0966 2512 sbp2port - ok
20:03:09.0980 2512 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
20:03:10.0047 2512 SCardSvr - ok
20:03:10.0059 2512 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
20:03:10.0118 2512 scfilter - ok
20:03:10.0165 2512 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
20:03:10.0249 2512 Schedule - ok
20:03:10.0259 2512 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
20:03:10.0318 2512 SCPolicySvc - ok
20:03:10.0330 2512 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
20:03:10.0364 2512 SDRSVC - ok
20:03:10.0371 2512 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:03:10.0434 2512 secdrv - ok
20:03:10.0444 2512 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
20:03:10.0510 2512 seclogon - ok
20:03:10.0519 2512 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
20:03:10.0586 2512 SENS - ok
20:03:10.0593 2512 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
20:03:10.0624 2512 SensrSvc - ok
20:03:10.0630 2512 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
20:03:10.0657 2512 Serenum - ok
20:03:10.0670 2512 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
20:03:10.0698 2512 Serial - ok
20:03:10.0705 2512 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
20:03:10.0731 2512 sermouse - ok
20:03:10.0757 2512 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
20:03:10.0821 2512 SessionEnv - ok
20:03:10.0828 2512 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
20:03:10.0865 2512 sffdisk - ok
20:03:10.0872 2512 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
20:03:10.0901 2512 sffp_mmc - ok
20:03:10.0908 2512 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
20:03:10.0939 2512 sffp_sd - ok
20:03:10.0945 2512 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
20:03:10.0973 2512 sfloppy - ok
20:03:10.0996 2512 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
20:03:11.0070 2512 SharedAccess - ok
20:03:11.0094 2512 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
20:03:11.0165 2512 ShellHWDetection - ok
20:03:11.0173 2512 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
20:03:11.0195 2512 sisagp - ok
20:03:11.0204 2512 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
20:03:11.0225 2512 SiSRaid2 - ok
20:03:11.0235 2512 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
20:03:11.0257 2512 SiSRaid4 - ok
20:03:11.0268 2512 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
20:03:11.0332 2512 Smb - ok
20:03:11.0347 2512 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
20:03:11.0378 2512 SNMPTRAP - ok
20:03:11.0386 2512 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
20:03:11.0405 2512 spldr - ok
20:03:11.0427 2512 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
20:03:11.0498 2512 Spooler - ok
20:03:11.0649 2512 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
20:03:11.0809 2512 sppsvc - ok
20:03:11.0850 2512 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
20:03:11.0916 2512 sppuinotify - ok
20:03:11.0944 2512 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
20:03:11.0977 2512 srv - ok
20:03:11.0999 2512 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
20:03:12.0032 2512 srv2 - ok
20:03:12.0045 2512 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
20:03:12.0073 2512 srvnet - ok
20:03:12.0088 2512 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
20:03:12.0159 2512 SSDPSRV - ok
20:03:12.0171 2512 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
20:03:12.0236 2512 SstpSvc - ok
20:03:12.0243 2512 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
20:03:12.0263 2512 stexstor - ok
20:03:12.0297 2512 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
20:03:12.0349 2512 StiSvc - ok
20:03:12.0358 2512 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
20:03:12.0378 2512 storflt - ok
20:03:12.0386 2512 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
20:03:12.0415 2512 StorSvc - ok
20:03:12.0423 2512 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
20:03:12.0443 2512 storvsc - ok
20:03:12.0450 2512 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
20:03:12.0469 2512 swenum - ok
20:03:12.0491 2512 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
20:03:12.0567 2512 swprv - ok
20:03:12.0577 2512 Synth3dVsc (f2ad8960812fd111e20e84659ef19d43) C:\Windows\system32\drivers\synth3dvsc.sys
20:03:12.0600 2512 Synth3dVsc - ok
20:03:12.0619 2512 SynTP (d7dc30b8b41e7a913c3fccc0631e72ec) C:\Windows\system32\DRIVERS\SynTP.sys
20:03:12.0644 2512 SynTP - ok
20:03:12.0705 2512 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
20:03:12.0779 2512 SysMain - ok
20:03:12.0790 2512 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
20:03:12.0831 2512 TabletInputService - ok
20:03:12.0849 2512 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
20:03:12.0918 2512 TapiSrv - ok
20:03:12.0929 2512 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
20:03:12.0996 2512 TBS - ok
20:03:13.0066 2512 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
20:03:13.0142 2512 Tcpip - ok
20:03:13.0242 2512 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
20:03:13.0311 2512 TCPIP6 - ok
20:03:13.0358 2512 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
20:03:13.0417 2512 tcpipreg - ok
20:03:13.0428 2512 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
20:03:13.0486 2512 TDPIPE - ok
20:03:13.0493 2512 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
20:03:13.0552 2512 TDTCP - ok
20:03:13.0561 2512 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
20:03:13.0621 2512 tdx - ok
20:03:13.0629 2512 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
20:03:13.0649 2512 TermDD - ok
20:03:13.0656 2512 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys
20:03:13.0680 2512 terminpt - ok
20:03:13.0715 2512 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
20:03:13.0792 2512 TermService - ok
20:03:13.0800 2512 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
20:03:13.0839 2512 Themes - ok
20:03:13.0849 2512 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:03:13.0913 2512 THREADORDER - ok
20:03:13.0930 2512 TPHKLOAD (1dbf0267cebf80f0bd24dfe895367db5) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
20:03:13.0947 2512 TPHKLOAD - ok
20:03:13.0956 2512 TPHKSVC (cb0625c2f5b7c72c50c5ae34f8e8f7d0) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
20:03:13.0970 2512 TPHKSVC - ok
20:03:13.0978 2512 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys
20:03:14.0005 2512 TPM - ok
20:03:14.0015 2512 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
20:03:14.0086 2512 TrkWks - ok
20:03:14.0101 2512 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
20:03:14.0164 2512 TrustedInstaller - ok
20:03:14.0178 2512 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:03:14.0235 2512 tssecsrv - ok
20:03:14.0243 2512 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
20:03:14.0272 2512 TsUsbFlt - ok
20:03:14.0279 2512 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
20:03:14.0304 2512 TsUsbGD - ok
20:03:14.0317 2512 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys
20:03:14.0344 2512 tsusbhub - ok
20:03:14.0356 2512 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
20:03:14.0416 2512 tunnel - ok
20:03:14.0426 2512 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
20:03:14.0449 2512 uagp35 - ok
20:03:14.0466 2512 uagqecsvc (04d443fd71c1b30616456ddce8a4b94b) C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
20:03:14.0487 2512 uagqecsvc - ok
20:03:14.0505 2512 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
20:03:14.0570 2512 udfs - ok
20:03:14.0586 2512 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
20:03:14.0619 2512 UI0Detect - ok
20:03:14.0628 2512 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
20:03:14.0651 2512 uliagpkx - ok
20:03:14.0659 2512 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
20:03:14.0686 2512 umbus - ok
20:03:14.0693 2512 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
20:03:14.0719 2512 UmPass - ok
20:03:14.0736 2512 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
20:03:14.0770 2512 UmRdpService - ok
20:03:14.0790 2512 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
20:03:14.0864 2512 upnphost - ok
20:03:14.0874 2512 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
20:03:14.0901 2512 usbccgp - ok
20:03:14.0912 2512 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
20:03:14.0945 2512 usbcir - ok
20:03:14.0954 2512 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
20:03:14.0980 2512 usbehci - ok
20:03:15.0003 2512 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
20:03:15.0035 2512 usbhub - ok
20:03:15.0042 2512 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
20:03:15.0069 2512 usbohci - ok
20:03:15.0076 2512 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\drivers\usbprint.sys
20:03:15.0106 2512 usbprint - ok
20:03:15.0117 2512 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:03:15.0145 2512 USBSTOR - ok
20:03:15.0153 2512 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
20:03:15.0178 2512 usbuhci - ok
20:03:15.0193 2512 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
20:03:15.0228 2512 usbvideo - ok
20:03:15.0317 2512 uvnc_service (075c65043f62377ee5e5748a0a772653) C:\Program Files\UltraVNC\WinVNC.exe
20:03:15.0407 2512 uvnc_service - ok
20:03:15.0444 2512 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
20:03:15.0507 2512 UxSms - ok
20:03:15.0514 2512 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:03:15.0541 2512 VaultSvc - ok
20:03:15.0552 2512 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
20:03:15.0584 2512 vdrvroot - ok
20:03:15.0620 2512 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
20:03:15.0697 2512 vds - ok
20:03:15.0705 2512 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
20:03:15.0737 2512 vga - ok
20:03:15.0744 2512 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
20:03:15.0806 2512 VgaSave - ok
20:03:15.0812 2512 VGPU - ok
20:03:15.0829 2512 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
20:03:15.0855 2512 vhdmp - ok
20:03:15.0865 2512 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
20:03:15.0886 2512 viaagp - ok
20:03:15.0896 2512 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
20:03:15.0924 2512 ViaC7 - ok
20:03:15.0931 2512 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
20:03:15.0951 2512 viaide - ok
20:03:15.0965 2512 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
20:03:16.0003 2512 vmbus - ok
20:03:16.0010 2512 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
20:03:16.0036 2512 VMBusHID - ok
20:03:16.0044 2512 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
20:03:16.0066 2512 volmgr - ok
20:03:16.0088 2512 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
20:03:16.0119 2512 volmgrx - ok
20:03:16.0140 2512 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
20:03:16.0170 2512 volsnap - ok
20:03:16.0186 2512 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
20:03:16.0211 2512 vsmraid - ok
20:03:16.0268 2512 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
20:03:16.0363 2512 VSS - ok
20:03:16.0371 2512 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
20:03:16.0402 2512 vwifibus - ok
20:03:16.0411 2512 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
20:03:16.0447 2512 vwififlt - ok
20:03:16.0470 2512 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
20:03:16.0548 2512 W32Time - ok
20:03:16.0559 2512 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
20:03:16.0589 2512 WacomPen - ok
20:03:16.0599 2512 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
20:03:16.0658 2512 WANARP - ok
20:03:16.0663 2512 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
20:03:16.0723 2512 Wanarpv6 - ok
20:03:16.0787 2512 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
20:03:16.0855 2512 wbengine - ok
20:03:16.0870 2512 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
20:03:16.0912 2512 WbioSrvc - ok
20:03:16.0935 2512 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
20:03:16.0982 2512 wcncsvc - ok
20:03:16.0989 2512 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
20:03:17.0020 2512 WcsPlugInService - ok
20:03:17.0030 2512 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
20:03:17.0050 2512 Wd - ok
20:03:17.0082 2512 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:03:17.0120 2512 Wdf01000 - ok
20:03:17.0130 2512 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:03:17.0177 2512 WdiServiceHost - ok
20:03:17.0183 2512 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:03:17.0220 2512 WdiSystemHost - ok
20:03:17.0237 2512 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
20:03:17.0281 2512 WebClient - ok
20:03:17.0297 2512 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
20:03:17.0366 2512 Wecsvc - ok
20:03:17.0375 2512 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
20:03:17.0439 2512 wercplsupport - ok
20:03:17.0450 2512 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
20:03:17.0521 2512 WerSvc - ok
20:03:17.0528 2512 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
20:03:17.0589 2512 WfpLwf - ok
20:03:17.0596 2512 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
20:03:17.0616 2512 WIMMount - ok
20:03:17.0659 2512 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:03:17.0714 2512 WinDefend - ok
20:03:17.0727 2512 WinHttpAutoProxySvc - ok
20:03:17.0751 2512 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
20:03:17.0813 2512 Winmgmt - ok
20:03:17.0876 2512 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
20:03:17.0977 2512 WinRM - ok
20:03:17.0997 2512 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.sys
20:03:18.0029 2512 WinUsb - ok
20:03:18.0085 2512 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
20:03:18.0150 2512 Wlansvc - ok
20:03:18.0157 2512 WMCoreService - ok
20:03:18.0167 2512 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:03:18.0193 2512 WmiAcpi - ok
20:03:18.0215 2512 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
20:03:18.0246 2512 wmiApSrv - ok
20:03:18.0305 2512 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:03:18.0366 2512 WMPNetworkSvc - ok
20:03:18.0402 2512 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
20:03:18.0433 2512 WPCSvc - ok
20:03:18.0444 2512 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
20:03:18.0481 2512 WPDBusEnum - ok
20:03:18.0491 2512 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
20:03:18.0554 2512 ws2ifsl - ok
20:03:18.0564 2512 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
20:03:18.0604 2512 wscsvc - ok
20:03:18.0609 2512 WSearch - ok
20:03:18.0714 2512 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
20:03:18.0837 2512 wuauserv - ok
20:03:18.0878 2512 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
20:03:18.0938 2512 WudfPf - ok
20:03:18.0952 2512 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:03:19.0013 2512 WUDFRd - ok
20:03:19.0023 2512 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
20:03:19.0089 2512 wudfsvc - ok
20:03:19.0107 2512 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
20:03:19.0150 2512 WwanSvc - ok
20:03:19.0171 2512 WwanUsbServ (cd490ea0b2e673b9e23f4926129ba51b) C:\Windows\system32\DRIVERS\WwanUsbMp.sys
20:03:19.0196 2512 WwanUsbServ - ok
20:03:19.0214 2512 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:03:19.0264 2512 \Device\Harddisk0\DR0 - ok
20:03:19.0270 2512 Boot (0x1200) (2452d4bf542afadf960685b9a50487a6) \Device\Harddisk0\DR0\Partition0
20:03:19.0272 2512 \Device\Harddisk0\DR0\Partition0 - ok
20:03:19.0279 2512 Boot (0x1200) (9948267b116d6d60d94712e006975af3) \Device\Harddisk0\DR0\Partition1
20:03:19.0281 2512 \Device\Harddisk0\DR0\Partition1 - ok
20:03:19.0282 2512 ============================================================
20:03:19.0282 2512 Scan finished
20:03:19.0282 2512 ============================================================
20:03:19.0300 3940 Detected object count: 3
20:03:19.0300 3940 Actual detected object count: 3
20:03:32.0196 3940 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:32.0196 3940 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:32.0197 3940 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:32.0197 3940 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:03:32.0199 3940 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:03:32.0200 3940 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 14.05.2012, 08:52   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Auf commerzbanking Aufforderung, 100 TAN einzugeben... - Standard

Auf commerzbanking Aufforderung, 100 TAN einzugeben...


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu Auf commerzbanking Aufforderung, 100 TAN einzugeben...
100 tan, aufforderung, brief, e-banking, erhalte, frage, geholfen, gesperrt, hoffe, liebe, neue, neuen, online-banking, profis, tan, tans, troja, trojaner


« TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 | nach der Anmeldung im Win7 Weisser Bildschirm geht nichts mehr!!!!! »


Ähnliche Themen: Auf commerzbanking Aufforderung, 100 TAN einzugeben...


  1. Commerzbanking TAN Trojaner
    Log-Analyse und Auswertung - 22.05.2013 (11)
  2. Ist das ein Virus? (Download-aufforderung)
    Log-Analyse und Auswertung - 12.05.2013 (1)
  3. Aufforderung zur Eingabe von 100 iTAN's
    Log-Analyse und Auswertung - 10.04.2013 (22)
  4. Commerzbanking 100-Tan-Nummern Virus
    Plagegeister aller Art und deren Bekämpfung - 31.03.2013 (14)
  5. Trojaner mit Aufforderung 100€ per Ukash - Win 7
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (37)
  6. PolizeiTrojaner Aufforderung zur Zahlung
    Mülltonne - 09.03.2013 (2)
  7. Commerzbanking 100 TAN Trojaner
    Log-Analyse und Auswertung - 12.10.2012 (17)
  8. Aufforderung 50€ zahlen für Sicherheitsupdate
    Log-Analyse und Auswertung - 26.03.2012 (11)
  9. 100€ Aufforderung zur Entsperrung des PCs
    Plagegeister aller Art und deren Bekämpfung - 28.02.2012 (22)
  10. BKA Trojaner - UKash Aufforderung
    Log-Analyse und Auswertung - 12.01.2012 (34)
  11. Commerzbanking Trojaner iTAN-abfrage
    Plagegeister aller Art und deren Bekämpfung - 11.08.2011 (2)
  12. Aufforderung 40 Tans Sparkasse
    Plagegeister aller Art und deren Bekämpfung - 09.03.2011 (28)
  13. Sparkassen banking - Aufforderung 10 TAN's einzugeben
    Plagegeister aller Art und deren Bekämpfung - 02.01.2011 (12)
  14. Aufforderung 10 TANs einzugeben auf Online-Banking Sparkasse - Problem auf meinem PC?
    Log-Analyse und Auswertung - 24.10.2008 (1)
  15. Unmöglich, Serial einzugeben
    Alles rund um Windows - 08.10.2008 (4)
  16. Interneteinwahl ohne Aufforderung
    Plagegeister aller Art und deren Bekämpfung - 29.08.2008 (1)
  17. Fenster mit Aufforderung
    Plagegeister aller Art und deren Bekämpfung - 24.07.2003 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Auf commerzbanking Aufforderung, 100 TAN einzugeben... - Zitat: da jetzt privat genutztes Gerät und meine Frau Bilder etc. darauf hat. Euch ist aber schon klar, dass man diese Daten sichert wenn sie angeblich so wichtig sind? Wurde - Auf commerzbanking Aufforderung, 100 TAN einzugeben......
Archiv
Du betrachtest: Auf commerzbanking Aufforderung, 100 TAN einzugeben... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131