| |
| |||||||
Log-Analyse und Auswertung: How to decrypt files.txt, Alle Datein mit <Blockage> gesperrtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.09.2012, 19:49
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.09.2012, 14:13
| #17 |
 | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Ich hoffe, das ist das Richtige. Das von TDSS hat sich nicht kopieren lassen.
__________________Code:
ATTFilter 15:05:21.0761 3500 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:05:22.0073 3500 ============================================================
15:05:22.0073 3500 Current date / time: 2012/09/23 15:05:22.0073
15:05:22.0073 3500 SystemInfo:
15:05:22.0073 3500
15:05:22.0073 3500 OS Version: 6.1.7601 ServicePack: 1.0
15:05:22.0073 3500 Product type: Workstation
15:05:22.0073 3500 ComputerName: X-PC
15:05:22.0073 3500 UserName: x
15:05:22.0073 3500 Windows directory: C:\Windows
15:05:22.0073 3500 System windows directory: C:\Windows
15:05:22.0073 3500 Processor architecture: Intel x86
15:05:22.0073 3500 Number of processors: 2
15:05:22.0073 3500 Page size: 0x1000
15:05:22.0073 3500 Boot type: Normal boot
15:05:22.0073 3500 ============================================================
15:05:23.0352 3500 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:05:23.0352 3500 ============================================================
15:05:23.0352 3500 \Device\Harddisk0\DR0:
15:05:23.0352 3500 MBR partitions:
15:05:23.0352 3500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x40466C, BlocksNum 0xFA00800
15:05:23.0352 3500 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFE05000, BlocksNum 0x15629000
15:05:23.0352 3500 ============================================================
15:05:23.0383 3500 C: <-> \Device\Harddisk0\DR0\Partition1
15:05:23.0445 3500 D: <-> \Device\Harddisk0\DR0\Partition2
15:05:23.0445 3500 ============================================================
15:05:23.0445 3500 Initialize success
15:05:23.0445 3500 ============================================================
15:06:31.0181 3328 ============================================================
15:06:31.0181 3328 Scan started
15:06:31.0181 3328 Mode: Manual; SigCheck; TDLFS;
15:06:31.0181 3328 ============================================================
15:06:33.0989 3328 ================ Scan system memory ========================
15:06:33.0989 3328 System memory - ok
15:06:33.0989 3328 ================ Scan services =============================
15:06:34.0238 3328 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:06:34.0379 3328 1394ohci - ok
15:06:34.0441 3328 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:06:34.0457 3328 ACPI - ok
15:06:34.0503 3328 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:06:34.0597 3328 AcpiPmi - ok
15:06:34.0753 3328 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:06:34.0784 3328 AdobeARMservice - ok
15:06:34.0847 3328 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:06:34.0893 3328 adp94xx - ok
15:06:34.0925 3328 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:06:34.0956 3328 adpahci - ok
15:06:34.0987 3328 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:06:35.0003 3328 adpu320 - ok
15:06:35.0049 3328 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:06:35.0096 3328 AeLookupSvc - ok
15:06:35.0159 3328 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:06:35.0221 3328 AFD - ok
15:06:35.0252 3328 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:06:35.0268 3328 agp440 - ok
15:06:35.0315 3328 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:06:35.0330 3328 aic78xx - ok
15:06:35.0377 3328 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:06:35.0424 3328 ALG - ok
15:06:35.0455 3328 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:06:35.0471 3328 aliide - ok
15:06:35.0502 3328 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:06:35.0517 3328 amdagp - ok
15:06:35.0533 3328 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:06:35.0549 3328 amdide - ok
15:06:35.0595 3328 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:06:35.0627 3328 AmdK8 - ok
15:06:35.0642 3328 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:06:35.0673 3328 AmdPPM - ok
15:06:35.0720 3328 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:06:35.0736 3328 amdsata - ok
15:06:35.0767 3328 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:06:35.0798 3328 amdsbs - ok
15:06:35.0814 3328 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:06:35.0829 3328 amdxata - ok
15:06:35.0923 3328 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:06:35.0954 3328 AntiVirSchedulerService - ok
15:06:36.0063 3328 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:06:36.0079 3328 AntiVirService - ok
15:06:36.0141 3328 [ 486CF73F183E7ADC5575FCD47F9FB1AF ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
15:06:36.0157 3328 AnyDVD - ok
15:06:36.0266 3328 [ D1AF38FBAC0DC7E6D796B0ED01707EE0 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
15:06:36.0297 3328 AppHostSvc - ok
15:06:36.0375 3328 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:06:36.0516 3328 AppID - ok
15:06:36.0609 3328 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:06:36.0656 3328 AppIDSvc - ok
15:06:36.0703 3328 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:06:36.0750 3328 Appinfo - ok
15:06:36.0797 3328 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:06:36.0828 3328 arc - ok
15:06:36.0843 3328 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:06:36.0859 3328 arcsas - ok
15:06:36.0984 3328 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:06:37.0031 3328 aspnet_state - ok
15:06:37.0093 3328 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:06:37.0218 3328 AsyncMac - ok
15:06:37.0265 3328 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:06:37.0280 3328 atapi - ok
15:06:37.0358 3328 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\Windows\system32\DRIVERS\athr.sys
15:06:37.0483 3328 athr - ok
15:06:37.0561 3328 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:06:37.0608 3328 AudioEndpointBuilder - ok
15:06:37.0639 3328 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:06:37.0670 3328 Audiosrv - ok
15:06:37.0748 3328 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:06:37.0779 3328 avgntflt - ok
15:06:37.0873 3328 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:06:37.0889 3328 avipbb - ok
15:06:37.0951 3328 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:06:37.0967 3328 avkmgr - ok
15:06:38.0029 3328 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:06:38.0091 3328 AxInstSV - ok
15:06:38.0154 3328 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:06:38.0201 3328 b06bdrv - ok
15:06:38.0263 3328 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:06:38.0294 3328 b57nd60x - ok
15:06:38.0372 3328 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:06:38.0419 3328 BDESVC - ok
15:06:38.0466 3328 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:06:38.0497 3328 Beep - ok
15:06:38.0559 3328 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:06:38.0637 3328 BITS - ok
15:06:38.0669 3328 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:06:38.0700 3328 blbdrive - ok
15:06:38.0793 3328 [ D002033C1A37F6AF51B5F0BA6D0211BC ] BMLoad C:\Windows\system32\drivers\BMLoad.sys
15:06:38.0809 3328 BMLoad ( UnsignedFile.Multi.Generic ) - warning
15:06:38.0809 3328 BMLoad - detected UnsignedFile.Multi.Generic (1)
15:06:38.0871 3328 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:06:38.0934 3328 bowser - ok
15:06:38.0981 3328 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:06:39.0012 3328 BrFiltLo - ok
15:06:39.0043 3328 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:06:39.0090 3328 BrFiltUp - ok
15:06:39.0152 3328 [ C711ED965009BDCFF9AA62CEB6FF1AAD ] Brother XP spl Service C:\Windows\system32\brsvc01a.exe
15:06:39.0183 3328 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - warning
15:06:39.0183 3328 Brother XP spl Service - detected UnsignedFile.Multi.Generic (1)
15:06:39.0246 3328 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:06:39.0277 3328 Browser - ok
15:06:39.0308 3328 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:06:39.0339 3328 Brserid - ok
15:06:39.0355 3328 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:06:39.0386 3328 BrSerWdm - ok
15:06:39.0417 3328 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:06:39.0433 3328 BrUsbMdm - ok
15:06:39.0433 3328 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:06:39.0464 3328 BrUsbSer - ok
15:06:39.0542 3328 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:06:39.0558 3328 BthEnum - ok
15:06:39.0573 3328 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:06:39.0620 3328 BTHMODEM - ok
15:06:39.0636 3328 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:06:39.0667 3328 BthPan - ok
15:06:39.0729 3328 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:06:39.0776 3328 BTHPORT - ok
15:06:39.0839 3328 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:06:39.0885 3328 bthserv - ok
15:06:39.0917 3328 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:06:39.0948 3328 BTHUSB - ok
15:06:39.0995 3328 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:06:40.0041 3328 cdfs - ok
15:06:40.0104 3328 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:06:40.0135 3328 cdrom - ok
15:06:40.0213 3328 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:06:40.0244 3328 CertPropSvc - ok
15:06:40.0275 3328 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:06:40.0338 3328 circlass - ok
15:06:40.0369 3328 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:06:40.0400 3328 CLFS - ok
15:06:40.0494 3328 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:06:40.0509 3328 clr_optimization_v2.0.50727_32 - ok
15:06:40.0619 3328 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:06:40.0681 3328 clr_optimization_v4.0.30319_32 - ok
15:06:40.0728 3328 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:06:40.0759 3328 CmBatt - ok
15:06:40.0806 3328 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:06:40.0821 3328 cmdide - ok
15:06:40.0868 3328 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:06:40.0915 3328 CNG - ok
15:06:40.0931 3328 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:06:40.0946 3328 Compbatt - ok
15:06:40.0993 3328 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:06:41.0009 3328 CompositeBus - ok
15:06:41.0055 3328 COMSysApp - ok
15:06:41.0087 3328 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:06:41.0102 3328 crcdisk - ok
15:06:41.0165 3328 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:06:41.0211 3328 CryptSvc - ok
15:06:41.0274 3328 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:06:41.0321 3328 DcomLaunch - ok
15:06:41.0367 3328 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:06:41.0399 3328 defragsvc - ok
15:06:41.0445 3328 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:06:41.0492 3328 DfsC - ok
15:06:41.0570 3328 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:06:41.0617 3328 Dhcp - ok
15:06:41.0648 3328 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:06:41.0711 3328 discache - ok
15:06:41.0757 3328 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:06:41.0773 3328 Disk - ok
15:06:41.0820 3328 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:06:41.0851 3328 Dnscache - ok
15:06:41.0882 3328 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:06:41.0929 3328 dot3svc - ok
15:06:41.0976 3328 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:06:42.0038 3328 DPS - ok
15:06:42.0085 3328 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:06:42.0132 3328 drmkaud - ok
15:06:42.0194 3328 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:06:42.0241 3328 DXGKrnl - ok
15:06:42.0272 3328 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:06:42.0335 3328 EapHost - ok
15:06:42.0491 3328 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:06:42.0600 3328 ebdrv - ok
15:06:42.0631 3328 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:06:42.0678 3328 EFS - ok
15:06:42.0756 3328 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:06:42.0818 3328 ehRecvr - ok
15:06:42.0865 3328 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:06:42.0896 3328 ehSched - ok
15:06:42.0990 3328 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
15:06:43.0005 3328 ElbyCDIO - ok
15:06:43.0068 3328 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:06:43.0083 3328 elxstor - ok
15:06:43.0130 3328 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:06:43.0161 3328 ErrDev - ok
15:06:43.0271 3328 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:06:43.0333 3328 EventSystem - ok
15:06:43.0395 3328 [ 0F40E249E4DD0CE47C7CA19C5C8FB48A ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
15:06:43.0427 3328 ewusbnet - ok
15:06:43.0458 3328 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:06:43.0520 3328 exfat - ok
15:06:43.0551 3328 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:06:43.0598 3328 fastfat - ok
15:06:43.0676 3328 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:06:43.0739 3328 Fax - ok
15:06:43.0770 3328 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:06:43.0817 3328 fdc - ok
15:06:43.0863 3328 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:06:43.0895 3328 fdPHost - ok
15:06:43.0926 3328 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:06:43.0957 3328 FDResPub - ok
15:06:44.0004 3328 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:06:44.0004 3328 FileInfo - ok
15:06:44.0035 3328 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:06:44.0082 3328 Filetrace - ok
15:06:44.0097 3328 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:06:44.0129 3328 flpydisk - ok
15:06:44.0175 3328 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:06:44.0191 3328 FltMgr - ok
15:06:44.0253 3328 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:06:44.0285 3328 FontCache - ok
15:06:44.0331 3328 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:06:44.0363 3328 FontCache3.0.0.0 - ok
15:06:44.0394 3328 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:06:44.0409 3328 FsDepends - ok
15:06:44.0425 3328 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:06:44.0425 3328 Fs_Rec - ok
15:06:44.0503 3328 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:06:44.0534 3328 fvevol - ok
15:06:44.0581 3328 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:06:44.0597 3328 gagp30kx - ok
15:06:44.0659 3328 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:06:44.0737 3328 gpsvc - ok
15:06:44.0862 3328 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:06:44.0877 3328 gupdate - ok
15:06:44.0955 3328 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:06:44.0971 3328 gupdatem - ok
15:06:45.0018 3328 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:06:45.0049 3328 hcw85cir - ok
15:06:45.0127 3328 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:06:45.0189 3328 HdAudAddService - ok
15:06:45.0252 3328 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:06:45.0299 3328 HDAudBus - ok
15:06:45.0314 3328 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:06:45.0345 3328 HidBatt - ok
15:06:45.0361 3328 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:06:45.0408 3328 HidBth - ok
15:06:45.0423 3328 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:06:45.0470 3328 HidIr - ok
15:06:45.0533 3328 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:06:45.0579 3328 hidserv - ok
15:06:45.0626 3328 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:06:45.0657 3328 HidUsb - ok
15:06:45.0720 3328 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:06:45.0751 3328 hkmsvc - ok
15:06:45.0798 3328 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:06:45.0845 3328 HomeGroupListener - ok
15:06:45.0907 3328 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:06:45.0938 3328 HomeGroupProvider - ok
15:06:45.0969 3328 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:06:45.0985 3328 HpSAMD - ok
15:06:46.0063 3328 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:06:46.0110 3328 HTTP - ok
15:06:46.0188 3328 [ 92CA47DA32009CCC00A5ADED04ABBD78 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:06:46.0203 3328 hwdatacard - ok
15:06:46.0250 3328 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:06:46.0266 3328 hwpolicy - ok
15:06:46.0359 3328 [ 089085538885367E281686762A973EB5 ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
15:06:46.0406 3328 hwusbfake - ok
15:06:46.0484 3328 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:06:46.0531 3328 i8042prt - ok
15:06:46.0609 3328 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:06:46.0640 3328 iaStorV - ok
15:06:46.0718 3328 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:06:46.0781 3328 idsvc - ok
15:06:47.0030 3328 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:06:47.0358 3328 igfx - ok
15:06:47.0389 3328 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:06:47.0405 3328 iirsp - ok
15:06:47.0467 3328 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:06:47.0561 3328 IKEEXT - ok
15:06:47.0701 3328 [ 8B27C21412AE4404EB0ACFE1D98579EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:06:47.0826 3328 IntcAzAudAddService - ok
15:06:47.0841 3328 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:06:47.0857 3328 intelide - ok
15:06:47.0904 3328 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:06:47.0951 3328 intelppm - ok
15:06:48.0013 3328 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:06:48.0075 3328 IPBusEnum - ok
15:06:48.0107 3328 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:06:48.0169 3328 IpFilterDriver - ok
15:06:48.0216 3328 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:06:48.0263 3328 IPMIDRV - ok
15:06:48.0294 3328 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:06:48.0325 3328 IPNAT - ok
15:06:48.0372 3328 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:06:48.0419 3328 IRENUM - ok
15:06:48.0465 3328 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:06:48.0497 3328 isapnp - ok
15:06:48.0543 3328 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:06:48.0559 3328 iScsiPrt - ok
15:06:48.0606 3328 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:06:48.0606 3328 kbdclass - ok
15:06:48.0668 3328 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:06:48.0699 3328 kbdhid - ok
15:06:48.0731 3328 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:06:48.0746 3328 KeyIso - ok
15:06:48.0777 3328 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:06:48.0809 3328 KSecDD - ok
15:06:48.0840 3328 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:06:48.0855 3328 KSecPkg - ok
15:06:48.0902 3328 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:06:48.0933 3328 KtmRm - ok
15:06:48.0996 3328 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:06:49.0058 3328 LanmanServer - ok
15:06:49.0105 3328 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:06:49.0167 3328 LanmanWorkstation - ok
15:06:49.0245 3328 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:06:49.0308 3328 lltdio - ok
15:06:49.0355 3328 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:06:49.0401 3328 lltdsvc - ok
15:06:49.0433 3328 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:06:49.0464 3328 lmhosts - ok
15:06:49.0511 3328 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:06:49.0526 3328 LSI_FC - ok
15:06:49.0557 3328 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:06:49.0573 3328 LSI_SAS - ok
15:06:49.0604 3328 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:06:49.0620 3328 LSI_SAS2 - ok
15:06:49.0635 3328 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:06:49.0667 3328 LSI_SCSI - ok
15:06:49.0729 3328 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:06:49.0776 3328 luafv - ok
15:06:49.0838 3328 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:06:49.0854 3328 MBAMProtector - ok
15:06:49.0932 3328 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:06:49.0963 3328 MBAMScheduler - ok
15:06:49.0994 3328 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:06:50.0025 3328 MBAMService - ok
15:06:50.0072 3328 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:06:50.0088 3328 Mcx2Svc - ok
15:06:50.0103 3328 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:06:50.0119 3328 megasas - ok
15:06:50.0166 3328 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:06:50.0181 3328 MegaSR - ok
15:06:50.0213 3328 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:06:50.0259 3328 MMCSS - ok
15:06:50.0291 3328 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:06:50.0353 3328 Modem - ok
15:06:50.0400 3328 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:06:50.0415 3328 monitor - ok
15:06:50.0447 3328 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
15:06:50.0462 3328 mouclass - ok
15:06:50.0493 3328 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:06:50.0540 3328 mouhid - ok
15:06:50.0603 3328 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:06:50.0603 3328 mountmgr - ok
15:06:50.0649 3328 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:06:50.0665 3328 mpio - ok
15:06:50.0696 3328 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:06:50.0712 3328 mpsdrv - ok
15:06:50.0759 3328 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:06:50.0805 3328 MRxDAV - ok
15:06:50.0868 3328 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:06:50.0915 3328 mrxsmb - ok
15:06:50.0977 3328 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:06:51.0008 3328 mrxsmb10 - ok
15:06:51.0055 3328 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:06:51.0086 3328 mrxsmb20 - ok
15:06:51.0149 3328 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:06:51.0164 3328 msahci - ok
15:06:51.0211 3328 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:06:51.0227 3328 msdsm - ok
15:06:51.0273 3328 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:06:51.0289 3328 MSDTC - ok
15:06:51.0351 3328 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:06:51.0398 3328 Msfs - ok
15:06:51.0429 3328 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:06:51.0461 3328 mshidkmdf - ok
15:06:51.0507 3328 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:06:51.0523 3328 msisadrv - ok
15:06:51.0585 3328 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:06:51.0632 3328 MSiSCSI - ok
15:06:51.0648 3328 msiserver - ok
15:06:51.0679 3328 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:06:51.0726 3328 MSKSSRV - ok
15:06:51.0773 3328 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:06:51.0804 3328 MSPCLOCK - ok
15:06:51.0835 3328 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:06:51.0882 3328 MSPQM - ok
15:06:51.0897 3328 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:06:51.0913 3328 MsRPC - ok
15:06:51.0944 3328 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:06:51.0960 3328 mssmbios - ok
15:06:51.0975 3328 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:06:52.0007 3328 MSTEE - ok
15:06:52.0038 3328 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:06:52.0069 3328 MTConfig - ok
15:06:52.0100 3328 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:06:52.0116 3328 Mup - ok
15:06:52.0163 3328 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:06:52.0241 3328 napagent - ok
15:06:52.0287 3328 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:06:52.0303 3328 NativeWifiP - ok
15:06:52.0443 3328 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
15:06:52.0490 3328 NAUpdate - ok
15:06:52.0553 3328 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:06:52.0584 3328 NDIS - ok
15:06:52.0646 3328 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:06:52.0677 3328 NdisCap - ok
15:06:52.0709 3328 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:06:52.0755 3328 NdisTapi - ok
15:06:52.0802 3328 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:06:52.0833 3328 Ndisuio - ok
15:06:52.0865 3328 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:06:52.0943 3328 NdisWan - ok
15:06:52.0974 3328 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:06:53.0005 3328 NDProxy - ok
15:06:53.0036 3328 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:06:53.0067 3328 NetBIOS - ok
15:06:53.0130 3328 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:06:53.0192 3328 NetBT - ok
15:06:53.0208 3328 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:06:53.0223 3328 Netlogon - ok
15:06:53.0301 3328 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:06:53.0379 3328 Netman - ok
15:06:53.0442 3328 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:06:53.0473 3328 NetMsmqActivator - ok
15:06:53.0520 3328 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:06:53.0535 3328 NetPipeActivator - ok
15:06:53.0567 3328 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:06:53.0613 3328 netprofm - ok
15:06:53.0691 3328 [ 76B1157EF850830C5ECE61D3E591CA8B ] netr73 C:\Windows\system32\DRIVERS\netr73.sys
15:06:53.0707 3328 netr73 - ok
15:06:53.0723 3328 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:06:53.0738 3328 NetTcpActivator - ok
15:06:53.0754 3328 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:06:53.0769 3328 NetTcpPortSharing - ok
15:06:53.0801 3328 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:06:53.0816 3328 nfrd960 - ok
15:06:53.0863 3328 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:06:53.0910 3328 NlaSvc - ok
15:06:53.0957 3328 [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
15:06:53.0988 3328 nmwcd - ok
15:06:54.0019 3328 [ 60EF5F5621D7832F00A3F190A0C905E2 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
15:06:54.0050 3328 nmwcdc - ok
15:06:54.0081 3328 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:06:54.0128 3328 Npfs - ok
15:06:54.0159 3328 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:06:54.0206 3328 nsi - ok
15:06:54.0237 3328 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:06:54.0269 3328 nsiproxy - ok
15:06:54.0347 3328 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:06:54.0425 3328 Ntfs - ok
15:06:54.0425 3328 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:06:54.0471 3328 Null - ok
15:06:54.0518 3328 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:06:54.0534 3328 nvraid - ok
15:06:54.0565 3328 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:06:54.0581 3328 nvstor - ok
15:06:54.0596 3328 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:06:54.0612 3328 nv_agp - ok
15:06:54.0705 3328 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:06:54.0737 3328 odserv - ok
15:06:54.0783 3328 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:06:54.0799 3328 ohci1394 - ok
15:06:54.0861 3328 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:06:54.0877 3328 ose - ok
15:06:54.0955 3328 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:06:54.0986 3328 p2pimsvc - ok
15:06:55.0033 3328 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:06:55.0064 3328 p2psvc - ok
15:06:55.0127 3328 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:06:55.0158 3328 Parport - ok
15:06:55.0205 3328 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:06:55.0220 3328 partmgr - ok
15:06:55.0236 3328 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:06:55.0267 3328 Parvdm - ok
15:06:55.0298 3328 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:06:55.0329 3328 PcaSvc - ok
15:06:55.0361 3328 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:06:55.0376 3328 pci - ok
15:06:55.0407 3328 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:06:55.0423 3328 pciide - ok
15:06:55.0454 3328 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:06:55.0470 3328 pcmcia - ok
15:06:55.0517 3328 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:06:55.0517 3328 pcw - ok
15:06:55.0579 3328 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:06:55.0673 3328 PEAUTH - ok
15:06:55.0766 3328 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:06:55.0875 3328 pla - ok
15:06:55.0922 3328 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:06:55.0953 3328 PlugPlay - ok
15:06:55.0985 3328 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:06:56.0000 3328 PNRPAutoReg - ok
15:06:56.0031 3328 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:06:56.0063 3328 PNRPsvc - ok
15:06:56.0094 3328 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:06:56.0141 3328 PolicyAgent - ok
15:06:56.0187 3328 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:06:56.0250 3328 Power - ok
15:06:56.0297 3328 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:06:56.0343 3328 PptpMiniport - ok
15:06:56.0375 3328 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:06:56.0406 3328 Processor - ok
15:06:56.0468 3328 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:06:56.0484 3328 ProfSvc - ok
15:06:56.0515 3328 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:06:56.0531 3328 ProtectedStorage - ok
15:06:56.0577 3328 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:06:56.0624 3328 Psched - ok
15:06:56.0687 3328 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:06:56.0765 3328 ql2300 - ok
15:06:56.0811 3328 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:06:56.0827 3328 ql40xx - ok
15:06:56.0874 3328 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:06:56.0905 3328 QWAVE - ok
15:06:56.0936 3328 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:06:56.0967 3328 QWAVEdrv - ok
15:06:57.0045 3328 [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
15:06:57.0061 3328 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - warning
15:06:57.0061 3328 RalinkRegistryWriter - detected UnsignedFile.Multi.Generic (1)
15:06:57.0092 3328 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:06:57.0155 3328 RasAcd - ok
15:06:57.0217 3328 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:06:57.0279 3328 RasAgileVpn - ok
15:06:57.0311 3328 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:06:57.0357 3328 RasAuto - ok
15:06:57.0389 3328 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:06:57.0435 3328 Rasl2tp - ok
15:06:57.0498 3328 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:06:57.0545 3328 RasMan - ok
15:06:57.0576 3328 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:06:57.0607 3328 RasPppoe - ok
15:06:57.0654 3328 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:06:57.0701 3328 RasSstp - ok
15:06:57.0732 3328 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:06:57.0763 3328 rdbss - ok
15:06:57.0794 3328 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:06:57.0810 3328 rdpbus - ok
15:06:57.0857 3328 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:06:57.0903 3328 RDPCDD - ok
15:06:57.0966 3328 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:06:58.0013 3328 RDPENCDD - ok
15:06:58.0044 3328 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:06:58.0075 3328 RDPREFMP - ok
15:06:58.0122 3328 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:06:58.0137 3328 RDPWD - ok
15:06:58.0200 3328 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:06:58.0215 3328 rdyboost - ok
15:06:58.0247 3328 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:06:58.0293 3328 RemoteAccess - ok
15:06:58.0325 3328 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:06:58.0371 3328 RemoteRegistry - ok
15:06:58.0434 3328 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:06:58.0449 3328 RFCOMM - ok
15:06:58.0496 3328 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:06:58.0543 3328 RpcEptMapper - ok
15:06:58.0574 3328 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:06:58.0590 3328 RpcLocator - ok
15:06:58.0621 3328 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:06:58.0652 3328 RpcSs - ok
15:06:58.0730 3328 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:06:58.0777 3328 rspndr - ok
15:06:58.0824 3328 [ 96F8DD546677AA5102150ACC140377B3 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:06:58.0871 3328 RSUSBSTOR - ok
15:06:58.0949 3328 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
15:06:58.0995 3328 RTL8167 - ok
15:06:59.0027 3328 RtsUIR - ok
15:06:59.0058 3328 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:06:59.0073 3328 SamSs - ok
15:06:59.0136 3328 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:06:59.0151 3328 sbp2port - ok
15:06:59.0183 3328 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:06:59.0229 3328 SCardSvr - ok
15:06:59.0261 3328 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:06:59.0292 3328 scfilter - ok
15:06:59.0370 3328 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:06:59.0463 3328 Schedule - ok
15:06:59.0495 3328 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:06:59.0510 3328 SCPolicySvc - ok
15:06:59.0573 3328 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:06:59.0588 3328 SDRSVC - ok
15:06:59.0651 3328 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:06:59.0697 3328 secdrv - ok
15:06:59.0744 3328 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:06:59.0791 3328 seclogon - ok
15:06:59.0838 3328 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:06:59.0885 3328 SENS - ok
15:06:59.0916 3328 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:06:59.0947 3328 SensrSvc - ok
15:06:59.0994 3328 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:07:00.0009 3328 Serenum - ok
15:07:00.0056 3328 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:07:00.0087 3328 Serial - ok
15:07:00.0134 3328 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:07:00.0165 3328 sermouse - ok
15:07:00.0228 3328 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:07:00.0275 3328 SessionEnv - ok
15:07:00.0321 3328 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:07:00.0353 3328 sffdisk - ok
15:07:00.0384 3328 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:07:00.0399 3328 sffp_mmc - ok
15:07:00.0431 3328 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:07:00.0446 3328 sffp_sd - ok
15:07:00.0477 3328 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:07:00.0493 3328 sfloppy - ok
15:07:00.0540 3328 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:07:00.0602 3328 ShellHWDetection - ok
15:07:00.0618 3328 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:07:00.0633 3328 sisagp - ok
15:07:00.0680 3328 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:07:00.0696 3328 SiSRaid2 - ok
15:07:00.0711 3328 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:07:00.0727 3328 SiSRaid4 - ok
15:07:00.0774 3328 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:07:00.0821 3328 Smb - ok
15:07:00.0914 3328 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:07:00.0945 3328 SNMPTRAP - ok
15:07:00.0977 3328 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:07:00.0992 3328 spldr - ok
15:07:01.0070 3328 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:07:01.0101 3328 Spooler - ok
15:07:01.0211 3328 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:07:01.0351 3328 sppsvc - ok
15:07:01.0398 3328 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:07:01.0445 3328 sppuinotify - ok
15:07:01.0491 3328 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:07:01.0523 3328 srv - ok
15:07:01.0585 3328 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:07:01.0616 3328 srv2 - ok
15:07:01.0663 3328 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:07:01.0679 3328 srvnet - ok
15:07:01.0710 3328 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:07:01.0757 3328 SSDPSRV - ok
15:07:01.0835 3328 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
15:07:01.0850 3328 ssmdrv - ok
15:07:01.0881 3328 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:07:01.0913 3328 SstpSvc - ok
15:07:01.0959 3328 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:07:01.0975 3328 stexstor - ok
15:07:02.0022 3328 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:07:02.0037 3328 StillCam - ok
15:07:02.0084 3328 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:07:02.0115 3328 StiSvc - ok
15:07:02.0131 3328 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:07:02.0147 3328 swenum - ok
15:07:02.0178 3328 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:07:02.0209 3328 swprv - ok
15:07:02.0271 3328 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
15:07:02.0303 3328 SymEvent - ok
15:07:02.0365 3328 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:07:02.0459 3328 SysMain - ok
15:07:02.0505 3328 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:07:02.0537 3328 TabletInputService - ok
15:07:02.0599 3328 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:07:02.0646 3328 TapiSrv - ok
15:07:02.0693 3328 [ D7F411C5AF992BB44E86083A6AA7B045 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
15:07:02.0708 3328 tbhsd - ok
15:07:02.0771 3328 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:07:02.0817 3328 TBS - ok
15:07:02.0911 3328 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:07:02.0989 3328 Tcpip - ok
15:07:03.0051 3328 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:07:03.0083 3328 TCPIP6 - ok
15:07:03.0192 3328 [ DCFEB82CA988598CEB8F83148616038E ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
15:07:03.0223 3328 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
15:07:03.0223 3328 tcpipBM - detected UnsignedFile.Multi.Generic (1)
15:07:03.0270 3328 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:07:03.0301 3328 tcpipreg - ok
15:07:03.0379 3328 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:07:03.0395 3328 TDPIPE - ok
15:07:03.0426 3328 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:07:03.0441 3328 TDTCP - ok
15:07:03.0488 3328 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:07:03.0551 3328 tdx - ok
15:07:03.0597 3328 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:07:03.0613 3328 TermDD - ok
15:07:03.0660 3328 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:07:03.0707 3328 TermService - ok
15:07:03.0831 3328 [ 76468DF7A7A92413A57C998DE5C39290 ] TestHandler C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
15:07:03.0863 3328 TestHandler - ok
15:07:03.0894 3328 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:07:03.0941 3328 Themes - ok
15:07:03.0956 3328 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:07:03.0987 3328 THREADORDER - ok
15:07:04.0050 3328 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
15:07:04.0065 3328 TPM - ok
15:07:04.0128 3328 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:07:04.0175 3328 TrkWks - ok
15:07:04.0237 3328 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:07:04.0299 3328 TrustedInstaller - ok
15:07:04.0362 3328 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:07:04.0377 3328 tssecsrv - ok
15:07:04.0455 3328 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:07:04.0487 3328 TsUsbFlt - ok
15:07:04.0549 3328 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:07:04.0596 3328 tunnel - ok
15:07:04.0611 3328 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:07:04.0627 3328 uagp35 - ok
15:07:04.0658 3328 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:07:04.0705 3328 udfs - ok
15:07:04.0752 3328 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:07:04.0767 3328 UI0Detect - ok
15:07:04.0814 3328 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:07:04.0830 3328 uliagpkx - ok
15:07:04.0908 3328 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:07:04.0955 3328 umbus - ok
15:07:04.0986 3328 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:07:05.0017 3328 UmPass - ok
15:07:05.0048 3328 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:07:05.0095 3328 upnphost - ok
15:07:05.0173 3328 [ BB16932A4189E82D6C455042C11849B6 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
15:07:05.0204 3328 upperdev - ok
15:07:05.0235 3328 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:07:05.0267 3328 usbccgp - ok
15:07:05.0298 3328 USBCCID - ok
15:07:05.0329 3328 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:07:05.0360 3328 usbcir - ok
15:07:05.0391 3328 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:07:05.0423 3328 usbehci - ok
15:07:05.0469 3328 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:07:05.0501 3328 usbhub - ok
15:07:05.0516 3328 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:07:05.0547 3328 usbohci - ok
15:07:05.0594 3328 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:07:05.0641 3328 usbprint - ok
15:07:05.0688 3328 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
15:07:05.0719 3328 usbser - ok
15:07:05.0750 3328 [ E748D50B3B2EC7F40A2BA67FB094CF01 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
15:07:05.0766 3328 UsbserFilt - ok
15:07:05.0797 3328 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:07:05.0828 3328 USBSTOR - ok
15:07:05.0875 3328 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:07:05.0922 3328 usbuhci - ok
15:07:06.0000 3328 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:07:06.0031 3328 usbvideo - ok
15:07:06.0062 3328 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:07:06.0109 3328 UxSms - ok
15:07:06.0125 3328 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:07:06.0140 3328 VaultSvc - ok
15:07:06.0187 3328 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:07:06.0203 3328 VClone - ok
15:07:06.0249 3328 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:07:06.0249 3328 vdrvroot - ok
15:07:06.0296 3328 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:07:06.0359 3328 vds - ok
15:07:06.0405 3328 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:07:06.0437 3328 vga - ok
15:07:06.0483 3328 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:07:06.0515 3328 VgaSave - ok
15:07:06.0561 3328 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:07:06.0593 3328 vhdmp - ok
15:07:06.0624 3328 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:07:06.0639 3328 viaagp - ok
15:07:06.0655 3328 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:07:06.0686 3328 ViaC7 - ok
15:07:06.0717 3328 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:07:06.0733 3328 viaide - ok
15:07:06.0842 3328 [ 1B0D441D8AB264D39C2B09130CC28045 ] VMCService C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
15:07:06.0858 3328 VMCService ( UnsignedFile.Multi.Generic ) - warning
15:07:06.0858 3328 VMCService - detected UnsignedFile.Multi.Generic (1)
15:07:06.0905 3328 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:07:06.0936 3328 volmgr - ok
15:07:06.0983 3328 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:07:07.0014 3328 volmgrx - ok
15:07:07.0061 3328 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:07:07.0092 3328 volsnap - ok
15:07:07.0139 3328 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:07:07.0170 3328 vsmraid - ok
15:07:07.0248 3328 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:07:07.0341 3328 VSS - ok
15:07:07.0373 3328 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:07:07.0388 3328 vwifibus - ok
15:07:07.0435 3328 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:07:07.0466 3328 vwififlt - ok
15:07:07.0513 3328 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:07:07.0544 3328 vwifimp - ok
15:07:07.0591 3328 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:07:07.0669 3328 W32Time - ok
15:07:07.0794 3328 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
15:07:07.0841 3328 W3SVC - ok
15:07:07.0872 3328 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:07:07.0903 3328 WacomPen - ok
15:07:07.0965 3328 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:07:08.0028 3328 WANARP - ok
15:07:08.0043 3328 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:07:08.0075 3328 Wanarpv6 - ok
15:07:08.0137 3328 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
15:07:08.0168 3328 WAS - ok
15:07:08.0231 3328 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:07:08.0309 3328 wbengine - ok
15:07:08.0356 3328 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:07:08.0371 3328 WbioSrvc - ok
15:07:08.0418 3328 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:07:08.0480 3328 wcncsvc - ok
15:07:08.0512 3328 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:07:08.0543 3328 WcsPlugInService - ok
15:07:08.0558 3328 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:07:08.0574 3328 Wd - ok
15:07:08.0621 3328 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:07:08.0636 3328 Wdf01000 - ok
15:07:08.0668 3328 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:07:08.0699 3328 WdiServiceHost - ok
15:07:08.0714 3328 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:07:08.0730 3328 WdiSystemHost - ok
15:07:08.0792 3328 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:07:08.0824 3328 WebClient - ok
15:07:08.0855 3328 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:07:08.0902 3328 Wecsvc - ok
15:07:08.0933 3328 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:07:08.0980 3328 wercplsupport - ok
15:07:09.0026 3328 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:07:09.0058 3328 WerSvc - ok
15:07:09.0104 3328 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:07:09.0136 3328 WfpLwf - ok
15:07:09.0167 3328 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:07:09.0182 3328 WIMMount - ok
15:07:09.0214 3328 WinHttpAutoProxySvc - ok
15:07:09.0307 3328 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:07:09.0370 3328 Winmgmt - ok
15:07:09.0448 3328 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:07:09.0541 3328 WinRM - ok
15:07:09.0619 3328 [ A67E5F9A400F3BD1BE3D80613B45F708 ] winusb C:\Windows\system32\DRIVERS\WinUSB.sys
15:07:09.0666 3328 winusb - ok
15:07:09.0713 3328 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:07:09.0744 3328 Wlansvc - ok
15:07:09.0869 3328 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:07:09.0947 3328 wlidsvc - ok
15:07:10.0009 3328 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:07:10.0056 3328 WmiAcpi - ok
15:07:10.0118 3328 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:07:10.0150 3328 wmiApSrv - ok
15:07:10.0243 3328 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:07:10.0306 3328 WMPNetworkSvc - ok
15:07:10.0399 3328 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm D:\Eigene Dateien\Eigene Videos\WMZuneComm.exe
15:07:10.0430 3328 WMZuneComm - ok
15:07:10.0493 3328 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:07:10.0524 3328 WPCSvc - ok
15:07:10.0571 3328 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:07:10.0586 3328 WPDBusEnum - ok
15:07:10.0633 3328 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:07:10.0696 3328 ws2ifsl - ok
15:07:10.0758 3328 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:07:10.0789 3328 WSDPrintDevice - ok
15:07:10.0805 3328 WSearch - ok
15:07:10.0898 3328 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:07:10.0976 3328 wuauserv - ok
15:07:11.0023 3328 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:07:11.0070 3328 WudfPf - ok
15:07:11.0117 3328 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:07:11.0148 3328 WUDFRd - ok
15:07:11.0210 3328 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:07:11.0242 3328 wudfsvc - ok
15:07:11.0304 3328 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:07:11.0335 3328 WwanSvc - ok
15:07:11.0585 3328 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc D:\Eigene Dateien\Eigene Videos\ZuneNss.exe
15:07:11.0694 3328 ZuneNetworkSvc - ok
15:07:11.0788 3328 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc D:\Eigene Dateien\Eigene Videos\ZuneWlanCfgSvc.exe
15:07:11.0834 3328 ZuneWlanCfgSvc - ok
15:07:11.0928 3328 ================ Scan global ===============================
15:07:11.0975 3328 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:07:12.0022 3328 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:07:12.0037 3328 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
15:07:12.0100 3328 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:07:12.0131 3328 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:07:12.0131 3328 [Global] - ok
15:07:12.0131 3328 ================ Scan MBR ==================================
15:07:12.0162 3328 [ E87257436C9F60F2EAA5AB75319467F5 ] \Device\Harddisk0\DR0
15:07:12.0162 3328 Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:07:12.0224 3328 \Device\Harddisk0\DR0 ( Rootkit.Boot.Xpaj.a ) - infected
15:07:12.0224 3328 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Xpaj.a (0)
15:07:12.0302 3328 ================ Scan VBR ==================================
15:07:12.0334 3328 [ 418105D1E12AEAA75A594148227E2505 ] \Device\Harddisk0\DR0\Partition1
15:07:12.0334 3328 \Device\Harddisk0\DR0\Partition1 - ok
15:07:12.0365 3328 [ A62631A967EC5D73FB6D3E27DBBD46E0 ] \Device\Harddisk0\DR0\Partition2
15:07:12.0365 3328 \Device\Harddisk0\DR0\Partition2 - ok
15:07:12.0365 3328 ============================================================
15:07:12.0365 3328 Scan finished
15:07:12.0365 3328 ============================================================
15:07:12.0380 2144 Detected object count: 6
15:07:12.0380 2144 Actual detected object count: 6
15:07:48.0650 2144 BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:48.0650 2144 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:48.0650 2144 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:48.0650 2144 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:48.0650 2144 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:48.0650 2144 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:48.0666 2144 tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:48.0666 2144 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:48.0666 2144 VMCService ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:48.0666 2144 VMCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:07:48.0666 2144 \Device\Harddisk0\DR0 ( Rootkit.Boot.Xpaj.a ) - skipped by user
15:07:48.0666 2144 \Device\Harddisk0\DR0 ( Rootkit.Boot.Xpaj.a ) - User select action: Skip
|
|
23.09.2012, 18:16
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrtCode:
ATTFilter \Device\Harddisk0\DR0 ( Rootkit.Boot.Xpaj.a ) - skipped by user
Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ |
|
24.09.2012, 07:54
| #19 |
| | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Ich hoffe, ich hab das mit dem fixen richtig gemacht. Code:
ATTFilter 08:47:26.0943 3004 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:47:27.0302 3004 ============================================================
08:47:27.0302 3004 Current date / time: 2012/09/24 08:47:27.0302
08:47:27.0302 3004 SystemInfo:
08:47:27.0302 3004
08:47:27.0302 3004 OS Version: 6.1.7601 ServicePack: 1.0
08:47:27.0302 3004 Product type: Workstation
08:47:27.0302 3004 ComputerName: X-PC
08:47:27.0302 3004 UserName: x
08:47:27.0302 3004 Windows directory: C:\Windows
08:47:27.0302 3004 System windows directory: C:\Windows
08:47:27.0302 3004 Processor architecture: Intel x86
08:47:27.0302 3004 Number of processors: 2
08:47:27.0302 3004 Page size: 0x1000
08:47:27.0302 3004 Boot type: Normal boot
08:47:27.0302 3004 ============================================================
08:47:29.0065 3004 BG loaded
08:47:30.0032 3004 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:47:30.0032 3004 ============================================================
08:47:30.0032 3004 \Device\Harddisk0\DR0:
08:47:30.0032 3004 MBR partitions:
08:47:30.0032 3004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x40466C, BlocksNum 0xFA00800
08:47:30.0032 3004 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFE05000, BlocksNum 0x15629000
08:47:30.0032 3004 ============================================================
08:47:30.0094 3004 C: <-> \Device\Harddisk0\DR0\Partition1
08:47:30.0204 3004 D: <-> \Device\Harddisk0\DR0\Partition2
08:47:30.0204 3004 ============================================================
08:47:30.0204 3004 Initialize success
08:47:30.0204 3004 ============================================================
08:47:45.0341 2336 ============================================================
08:47:45.0341 2336 Scan started
08:47:45.0341 2336 Mode: Manual; SigCheck; TDLFS;
08:47:45.0341 2336 ============================================================
08:47:53.0094 2336 ================ Scan system memory ========================
08:47:53.0094 2336 System memory - ok
08:47:53.0094 2336 ================ Scan services =============================
08:47:53.0422 2336 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:48:22.0836 2336 1394ohci - ok
08:48:22.0945 2336 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:48:22.0992 2336 ACPI - ok
08:48:23.0070 2336 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:48:23.0242 2336 AcpiPmi - ok
08:48:23.0538 2336 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:48:23.0585 2336 AdobeARMservice - ok
08:48:23.0756 2336 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:48:23.0866 2336 adp94xx - ok
08:48:23.0912 2336 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:48:23.0944 2336 adpahci - ok
08:48:24.0068 2336 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:48:24.0100 2336 adpu320 - ok
08:48:24.0178 2336 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:48:24.0334 2336 AeLookupSvc - ok
08:48:24.0443 2336 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
08:48:24.0646 2336 AFD - ok
08:48:24.0692 2336 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
08:48:24.0724 2336 agp440 - ok
08:48:24.0895 2336 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
08:48:24.0926 2336 aic78xx - ok
08:48:25.0036 2336 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
08:48:25.0145 2336 ALG - ok
08:48:25.0223 2336 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
08:48:25.0254 2336 aliide - ok
08:48:25.0316 2336 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
08:48:25.0363 2336 amdagp - ok
08:48:25.0394 2336 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
08:48:25.0410 2336 amdide - ok
08:48:25.0472 2336 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:48:25.0582 2336 AmdK8 - ok
08:48:25.0644 2336 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:48:25.0722 2336 AmdPPM - ok
08:48:25.0784 2336 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:48:25.0816 2336 amdsata - ok
08:48:26.0003 2336 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:48:26.0034 2336 amdsbs - ok
08:48:26.0065 2336 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:48:26.0112 2336 amdxata - ok
08:48:26.0362 2336 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
08:48:26.0393 2336 AntiVirSchedulerService - ok
08:48:26.0518 2336 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
08:48:26.0564 2336 AntiVirService - ok
08:48:26.0689 2336 [ 486CF73F183E7ADC5575FCD47F9FB1AF ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
08:48:26.0767 2336 AnyDVD - ok
08:48:26.0923 2336 [ D1AF38FBAC0DC7E6D796B0ED01707EE0 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
08:48:27.0048 2336 AppHostSvc - ok
08:48:27.0095 2336 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
08:48:27.0360 2336 AppID - ok
08:48:27.0516 2336 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:48:27.0625 2336 AppIDSvc - ok
08:48:27.0719 2336 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
08:48:27.0812 2336 Appinfo - ok
08:48:27.0937 2336 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
08:48:28.0000 2336 arc - ok
08:48:28.0031 2336 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:48:28.0093 2336 arcsas - ok
08:48:28.0343 2336 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:48:28.0670 2336 aspnet_state - ok
08:48:28.0811 2336 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:48:29.0107 2336 AsyncMac - ok
08:48:29.0185 2336 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
08:48:29.0201 2336 atapi - ok
08:48:29.0279 2336 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\Windows\system32\DRIVERS\athr.sys
08:48:29.0450 2336 athr - ok
08:48:29.0513 2336 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:48:29.0591 2336 AudioEndpointBuilder - ok
08:48:29.0606 2336 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:48:29.0716 2336 Audiosrv - ok
08:48:29.0794 2336 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
08:48:29.0903 2336 avgntflt - ok
08:48:29.0981 2336 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
08:48:30.0012 2336 avipbb - ok
08:48:30.0308 2336 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
08:48:30.0324 2336 avkmgr - ok
08:48:30.0542 2336 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:48:30.0917 2336 AxInstSV - ok
08:48:31.0244 2336 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
08:48:31.0447 2336 b06bdrv - ok
08:48:31.0510 2336 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
08:48:31.0572 2336 b57nd60x - ok
08:48:31.0744 2336 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
08:48:31.0900 2336 BDESVC - ok
08:48:32.0040 2336 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
08:48:32.0118 2336 Beep - ok
08:48:32.0165 2336 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
08:48:32.0274 2336 BITS - ok
08:48:32.0290 2336 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:48:32.0321 2336 blbdrive - ok
08:48:32.0461 2336 [ D002033C1A37F6AF51B5F0BA6D0211BC ] BMLoad C:\Windows\system32\drivers\BMLoad.sys
08:48:32.0508 2336 BMLoad ( UnsignedFile.Multi.Generic ) - warning
08:48:32.0508 2336 BMLoad - detected UnsignedFile.Multi.Generic (1)
08:48:32.0539 2336 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:48:32.0742 2336 bowser - ok
08:48:32.0820 2336 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:48:32.0867 2336 BrFiltLo - ok
08:48:33.0288 2336 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:48:33.0538 2336 BrFiltUp - ok
08:48:33.0600 2336 [ C711ED965009BDCFF9AA62CEB6FF1AAD ] Brother XP spl Service C:\Windows\system32\brsvc01a.exe
08:48:33.0725 2336 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - warning
08:48:33.0725 2336 Brother XP spl Service - detected UnsignedFile.Multi.Generic (1)
08:48:33.0787 2336 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
08:48:33.0834 2336 Browser - ok
08:48:33.0896 2336 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:48:33.0943 2336 Brserid - ok
08:48:33.0959 2336 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:48:34.0006 2336 BrSerWdm - ok
08:48:34.0037 2336 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:48:34.0068 2336 BrUsbMdm - ok
08:48:34.0084 2336 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:48:34.0115 2336 BrUsbSer - ok
08:48:34.0177 2336 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:48:34.0240 2336 BthEnum - ok
08:48:34.0255 2336 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:48:34.0286 2336 BTHMODEM - ok
08:48:34.0302 2336 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:48:34.0349 2336 BthPan - ok
08:48:34.0396 2336 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:48:34.0505 2336 BTHPORT - ok
08:48:34.0567 2336 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
08:48:34.0645 2336 bthserv - ok
08:48:34.0676 2336 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:48:34.0739 2336 BTHUSB - ok
08:48:34.0786 2336 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:48:34.0864 2336 cdfs - ok
08:48:34.0926 2336 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:48:34.0988 2336 cdrom - ok
08:48:35.0051 2336 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
08:48:35.0113 2336 CertPropSvc - ok
08:48:35.0144 2336 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:48:35.0222 2336 circlass - ok
08:48:35.0285 2336 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
08:48:35.0316 2336 CLFS - ok
08:48:35.0378 2336 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:48:35.0410 2336 clr_optimization_v2.0.50727_32 - ok
08:48:35.0519 2336 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:48:35.0722 2336 clr_optimization_v4.0.30319_32 - ok
08:48:35.0768 2336 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:48:35.0831 2336 CmBatt - ok
08:48:35.0862 2336 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:48:35.0893 2336 cmdide - ok
08:48:35.0924 2336 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
08:48:35.0971 2336 CNG - ok
08:48:35.0987 2336 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:48:36.0002 2336 Compbatt - ok
08:48:36.0065 2336 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:48:36.0096 2336 CompositeBus - ok
08:48:36.0127 2336 COMSysApp - ok
08:48:36.0158 2336 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:48:36.0174 2336 crcdisk - ok
08:48:36.0221 2336 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:48:36.0299 2336 CryptSvc - ok
08:48:36.0346 2336 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
08:48:36.0424 2336 DcomLaunch - ok
08:48:36.0455 2336 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
08:48:36.0502 2336 defragsvc - ok
08:48:36.0564 2336 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:48:36.0642 2336 DfsC - ok
08:48:36.0704 2336 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:48:36.0798 2336 Dhcp - ok
08:48:36.0845 2336 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
08:48:36.0892 2336 discache - ok
08:48:36.0938 2336 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:48:36.0954 2336 Disk - ok
08:48:36.0985 2336 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:48:37.0063 2336 Dnscache - ok
08:48:37.0126 2336 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
08:48:37.0188 2336 dot3svc - ok
08:48:37.0235 2336 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
08:48:37.0297 2336 DPS - ok
08:48:37.0344 2336 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:48:37.0391 2336 drmkaud - ok
08:48:37.0438 2336 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:48:37.0484 2336 DXGKrnl - ok
08:48:37.0531 2336 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
08:48:37.0609 2336 EapHost - ok
08:48:37.0734 2336 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
08:48:37.0937 2336 ebdrv - ok
08:48:38.0015 2336 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
08:48:38.0140 2336 EFS - ok
08:48:38.0280 2336 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:48:38.0342 2336 ehRecvr - ok
08:48:38.0389 2336 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
08:48:38.0452 2336 ehSched - ok
08:48:38.0530 2336 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
08:48:38.0545 2336 ElbyCDIO - ok
08:48:38.0592 2336 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:48:38.0670 2336 elxstor - ok
08:48:38.0701 2336 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:48:38.0748 2336 ErrDev - ok
08:48:38.0826 2336 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
08:48:38.0888 2336 EventSystem - ok
08:48:38.0951 2336 [ 0F40E249E4DD0CE47C7CA19C5C8FB48A ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
08:48:39.0029 2336 ewusbnet - ok
08:48:39.0060 2336 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
08:48:39.0107 2336 exfat - ok
08:48:39.0138 2336 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:48:39.0185 2336 fastfat - ok
08:48:39.0247 2336 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
08:48:39.0294 2336 Fax - ok
08:48:39.0341 2336 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:48:39.0388 2336 fdc - ok
08:48:39.0434 2336 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
08:48:39.0497 2336 fdPHost - ok
08:48:39.0512 2336 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
08:48:39.0590 2336 FDResPub - ok
08:48:39.0606 2336 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:48:39.0637 2336 FileInfo - ok
08:48:39.0668 2336 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:48:39.0731 2336 Filetrace - ok
08:48:39.0762 2336 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:48:39.0793 2336 flpydisk - ok
08:48:39.0824 2336 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:48:39.0856 2336 FltMgr - ok
08:48:39.0918 2336 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
08:48:39.0996 2336 FontCache - ok
08:48:40.0058 2336 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:48:40.0074 2336 FontCache3.0.0.0 - ok
08:48:40.0090 2336 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:48:40.0121 2336 FsDepends - ok
08:48:40.0136 2336 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:48:40.0214 2336 Fs_Rec - ok
08:48:40.0261 2336 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:48:40.0292 2336 fvevol - ok
08:48:40.0324 2336 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:48:40.0355 2336 gagp30kx - ok
08:48:40.0402 2336 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
08:48:40.0464 2336 gpsvc - ok
08:48:40.0589 2336 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
08:48:40.0620 2336 gupdate - ok
08:48:40.0729 2336 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:48:40.0745 2336 gupdatem - ok
08:48:40.0776 2336 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:48:40.0823 2336 hcw85cir - ok
08:48:40.0885 2336 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:48:40.0963 2336 HdAudAddService - ok
08:48:41.0010 2336 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:48:41.0057 2336 HDAudBus - ok
08:48:41.0072 2336 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:48:41.0104 2336 HidBatt - ok
08:48:41.0135 2336 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:48:41.0182 2336 HidBth - ok
08:48:41.0260 2336 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:48:41.0556 2336 HidIr - ok
08:48:41.0712 2336 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
08:48:41.0915 2336 hidserv - ok
08:48:42.0383 2336 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
08:48:42.0414 2336 HidUsb - ok
08:48:42.0461 2336 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:48:42.0523 2336 hkmsvc - ok
08:48:42.0570 2336 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:48:42.0695 2336 HomeGroupListener - ok
08:48:42.0757 2336 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:48:42.0788 2336 HomeGroupProvider - ok
08:48:42.0820 2336 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:48:42.0851 2336 HpSAMD - ok
08:48:42.0929 2336 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:48:42.0976 2336 HTTP - ok
08:48:43.0038 2336 [ 92CA47DA32009CCC00A5ADED04ABBD78 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
08:48:43.0194 2336 hwdatacard - ok
08:48:43.0241 2336 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:48:43.0256 2336 hwpolicy - ok
08:48:43.0506 2336 [ 089085538885367E281686762A973EB5 ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
08:48:43.0568 2336 hwusbfake - ok
08:48:43.0709 2336 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:48:43.0771 2336 i8042prt - ok
08:48:43.0865 2336 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:48:43.0896 2336 iaStorV - ok
08:48:43.0974 2336 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:48:44.0036 2336 idsvc - ok
08:48:44.0286 2336 [ 8266AE06DF974E5BA047B3E9E9E70B3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
08:48:44.0489 2336 igfx - ok
08:48:44.0551 2336 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:48:44.0582 2336 iirsp - ok
08:48:44.0692 2336 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
08:48:44.0785 2336 IKEEXT - ok
08:48:44.0894 2336 [ 8B27C21412AE4404EB0ACFE1D98579EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
08:48:44.0972 2336 IntcAzAudAddService - ok
08:48:45.0004 2336 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
08:48:45.0035 2336 intelide - ok
08:48:45.0097 2336 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:48:45.0128 2336 intelppm - ok
08:48:45.0175 2336 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:48:45.0253 2336 IPBusEnum - ok
08:48:45.0269 2336 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:48:45.0316 2336 IpFilterDriver - ok
08:48:45.0362 2336 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:48:45.0394 2336 IPMIDRV - ok
08:48:45.0409 2336 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:48:45.0472 2336 IPNAT - ok
08:48:45.0487 2336 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:48:45.0550 2336 IRENUM - ok
08:48:45.0581 2336 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:48:45.0612 2336 isapnp - ok
08:48:45.0643 2336 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:48:45.0721 2336 iScsiPrt - ok
08:48:45.0752 2336 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
08:48:45.0784 2336 kbdclass - ok
08:48:45.0830 2336 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:48:45.0877 2336 kbdhid - ok
08:48:45.0893 2336 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
08:48:45.0908 2336 KeyIso - ok
08:48:45.0940 2336 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:48:45.0955 2336 KSecDD - ok
08:48:45.0986 2336 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:48:46.0002 2336 KSecPkg - ok
08:48:46.0033 2336 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
08:48:46.0111 2336 KtmRm - ok
08:48:46.0189 2336 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
08:48:46.0283 2336 LanmanServer - ok
08:48:46.0330 2336 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:48:46.0423 2336 LanmanWorkstation - ok
08:48:46.0470 2336 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:48:46.0517 2336 lltdio - ok
08:48:46.0564 2336 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:48:46.0610 2336 lltdsvc - ok
08:48:46.0626 2336 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
08:48:46.0657 2336 lmhosts - ok
08:48:46.0688 2336 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:48:46.0704 2336 LSI_FC - ok
08:48:46.0751 2336 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:48:46.0766 2336 LSI_SAS - ok
08:48:46.0782 2336 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:48:46.0798 2336 LSI_SAS2 - ok
08:48:46.0829 2336 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:48:46.0844 2336 LSI_SCSI - ok
08:48:46.0876 2336 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
08:48:46.0922 2336 luafv - ok
08:48:46.0985 2336 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:48:47.0016 2336 MBAMProtector - ok
08:48:47.0063 2336 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:48:47.0110 2336 MBAMScheduler - ok
08:48:47.0141 2336 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
08:48:47.0172 2336 MBAMService - ok
08:48:47.0250 2336 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:48:47.0312 2336 Mcx2Svc - ok
08:48:47.0468 2336 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:48:47.0500 2336 megasas - ok
08:48:47.0546 2336 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:48:47.0593 2336 MegaSR - ok
08:48:47.0671 2336 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
08:48:47.0734 2336 MMCSS - ok
08:48:47.0780 2336 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
08:48:47.0843 2336 Modem - ok
08:48:47.0890 2336 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:48:47.0905 2336 monitor - ok
08:48:47.0983 2336 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
08:48:47.0999 2336 mouclass - ok
08:48:48.0046 2336 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:48:48.0077 2336 mouhid - ok
08:48:48.0139 2336 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:48:48.0170 2336 mountmgr - ok
08:48:48.0217 2336 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
08:48:48.0264 2336 mpio - ok
08:48:48.0295 2336 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:48:48.0326 2336 mpsdrv - ok
08:48:48.0373 2336 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:48:48.0420 2336 MRxDAV - ok
08:48:48.0467 2336 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:48:48.0529 2336 mrxsmb - ok
08:48:48.0576 2336 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:48:48.0623 2336 mrxsmb10 - ok
08:48:48.0685 2336 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:48:48.0748 2336 mrxsmb20 - ok
08:48:48.0794 2336 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
08:48:48.0826 2336 msahci - ok
08:48:48.0872 2336 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:48:48.0904 2336 msdsm - ok
08:48:48.0919 2336 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
08:48:48.0950 2336 MSDTC - ok
08:48:48.0982 2336 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:48:49.0060 2336 Msfs - ok
08:48:49.0106 2336 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:48:49.0153 2336 mshidkmdf - ok
08:48:49.0184 2336 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:48:49.0200 2336 msisadrv - ok
08:48:49.0278 2336 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:48:49.0340 2336 MSiSCSI - ok
08:48:49.0340 2336 msiserver - ok
08:48:49.0387 2336 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:48:49.0418 2336 MSKSSRV - ok
08:48:49.0450 2336 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:48:49.0496 2336 MSPCLOCK - ok
08:48:49.0512 2336 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:48:49.0574 2336 MSPQM - ok
08:48:49.0606 2336 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:48:49.0621 2336 MsRPC - ok
08:48:49.0637 2336 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:48:49.0652 2336 mssmbios - ok
08:48:49.0684 2336 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:48:49.0730 2336 MSTEE - ok
08:48:49.0762 2336 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:48:49.0808 2336 MTConfig - ok
08:48:49.0824 2336 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
08:48:49.0840 2336 Mup - ok
08:48:49.0871 2336 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
08:48:49.0964 2336 napagent - ok
08:48:50.0027 2336 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:48:50.0074 2336 NativeWifiP - ok
08:48:50.0214 2336 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
08:48:50.0261 2336 NAUpdate - ok
08:48:50.0323 2336 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:48:50.0354 2336 NDIS - ok
08:48:50.0401 2336 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:48:50.0448 2336 NdisCap - ok
08:48:50.0479 2336 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:48:50.0557 2336 NdisTapi - ok
08:48:50.0604 2336 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:48:50.0651 2336 Ndisuio - ok
08:48:50.0682 2336 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:48:50.0776 2336 NdisWan - ok
08:48:50.0791 2336 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:48:50.0822 2336 NDProxy - ok
08:48:50.0869 2336 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:48:50.0916 2336 NetBIOS - ok
08:48:50.0963 2336 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:48:51.0041 2336 NetBT - ok
08:48:51.0056 2336 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
08:48:51.0072 2336 Netlogon - ok
08:48:51.0119 2336 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
08:48:51.0181 2336 Netman - ok
08:48:51.0259 2336 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:48:51.0337 2336 NetMsmqActivator - ok
08:48:51.0384 2336 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:48:51.0400 2336 NetPipeActivator - ok
08:48:51.0431 2336 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
08:48:51.0478 2336 netprofm - ok
08:48:51.0540 2336 [ 76B1157EF850830C5ECE61D3E591CA8B ] netr73 C:\Windows\system32\DRIVERS\netr73.sys
08:48:51.0602 2336 netr73 - ok
08:48:51.0602 2336 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:48:51.0618 2336 NetTcpActivator - ok
08:48:51.0618 2336 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:48:51.0634 2336 NetTcpPortSharing - ok
08:48:51.0680 2336 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:48:51.0712 2336 nfrd960 - ok
08:48:51.0758 2336 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:48:51.0852 2336 NlaSvc - ok
08:48:51.0899 2336 [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
08:48:51.0961 2336 nmwcd - ok
08:48:51.0992 2336 [ 60EF5F5621D7832F00A3F190A0C905E2 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
08:48:52.0024 2336 nmwcdc - ok
08:48:52.0039 2336 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:48:52.0102 2336 Npfs - ok
08:48:52.0148 2336 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
08:48:52.0211 2336 nsi - ok
08:48:52.0226 2336 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:48:52.0273 2336 nsiproxy - ok
08:48:52.0320 2336 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:48:52.0429 2336 Ntfs - ok
08:48:52.0445 2336 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
08:48:52.0492 2336 Null - ok
08:48:52.0554 2336 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:48:52.0585 2336 nvraid - ok
08:48:52.0616 2336 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:48:52.0648 2336 nvstor - ok
08:48:52.0679 2336 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:48:52.0726 2336 nv_agp - ok
08:48:52.0804 2336 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:48:52.0866 2336 odserv - ok
08:48:52.0897 2336 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:48:52.0960 2336 ohci1394 - ok
08:48:53.0006 2336 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:48:53.0038 2336 ose - ok
08:48:53.0100 2336 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:48:53.0147 2336 p2pimsvc - ok
08:48:53.0209 2336 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
08:48:53.0272 2336 p2psvc - ok
08:48:53.0318 2336 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:48:53.0365 2336 Parport - ok
08:48:53.0396 2336 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:48:53.0412 2336 partmgr - ok
08:48:53.0443 2336 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
08:48:53.0490 2336 Parvdm - ok
08:48:53.0506 2336 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:48:53.0537 2336 PcaSvc - ok
08:48:53.0568 2336 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
08:48:53.0599 2336 pci - ok
08:48:53.0630 2336 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
08:48:53.0662 2336 pciide - ok
08:48:53.0693 2336 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:48:53.0724 2336 pcmcia - ok
08:48:53.0755 2336 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
08:48:53.0786 2336 pcw - ok
08:48:53.0818 2336 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:48:53.0896 2336 PEAUTH - ok
08:48:53.0974 2336 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
08:48:54.0083 2336 pla - ok
08:48:54.0130 2336 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:48:54.0192 2336 PlugPlay - ok
08:48:54.0208 2336 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:48:54.0223 2336 PNRPAutoReg - ok
08:48:54.0239 2336 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:48:54.0254 2336 PNRPsvc - ok
08:48:54.0286 2336 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:48:54.0379 2336 PolicyAgent - ok
08:48:54.0410 2336 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
08:48:54.0488 2336 Power - ok
08:48:54.0535 2336 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:48:54.0598 2336 PptpMiniport - ok
08:48:54.0644 2336 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:48:54.0691 2336 Processor - ok
08:48:54.0738 2336 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
08:48:54.0800 2336 ProfSvc - ok
08:48:54.0816 2336 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:48:54.0832 2336 ProtectedStorage - ok
08:48:54.0894 2336 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:48:54.0941 2336 Psched - ok
08:48:55.0019 2336 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:48:55.0112 2336 ql2300 - ok
08:48:55.0159 2336 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:48:55.0190 2336 ql40xx - ok
08:48:55.0237 2336 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
08:48:55.0284 2336 QWAVE - ok
08:48:55.0315 2336 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:48:55.0378 2336 QWAVEdrv - ok
08:48:55.0456 2336 [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
08:48:55.0471 2336 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - warning
08:48:55.0471 2336 RalinkRegistryWriter - detected UnsignedFile.Multi.Generic (1)
08:48:55.0487 2336 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:48:55.0534 2336 RasAcd - ok
08:48:55.0580 2336 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:48:55.0658 2336 RasAgileVpn - ok
08:48:55.0690 2336 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
08:48:55.0768 2336 RasAuto - ok
08:48:55.0799 2336 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:48:55.0846 2336 Rasl2tp - ok
08:48:55.0892 2336 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
08:48:55.0939 2336 RasMan - ok
08:48:55.0955 2336 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:48:56.0002 2336 RasPppoe - ok
08:48:56.0033 2336 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:48:56.0080 2336 RasSstp - ok
08:48:56.0142 2336 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:48:56.0204 2336 rdbss - ok
08:48:56.0251 2336 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:48:56.0282 2336 rdpbus - ok
08:48:56.0329 2336 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:48:56.0392 2336 RDPCDD - ok
08:48:56.0438 2336 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:48:56.0501 2336 RDPENCDD - ok
08:48:56.0516 2336 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:48:56.0548 2336 RDPREFMP - ok
08:48:56.0579 2336 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:48:56.0641 2336 RDPWD - ok
08:48:56.0704 2336 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:48:56.0735 2336 rdyboost - ok
08:48:56.0766 2336 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
08:48:56.0813 2336 RemoteAccess - ok
08:48:56.0844 2336 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:48:56.0891 2336 RemoteRegistry - ok
08:48:56.0938 2336 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:48:56.0969 2336 RFCOMM - ok
08:48:57.0000 2336 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:48:57.0047 2336 RpcEptMapper - ok
08:48:57.0062 2336 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
08:48:57.0109 2336 RpcLocator - ok
08:48:57.0125 2336 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
08:48:57.0172 2336 RpcSs - ok
08:48:57.0234 2336 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:48:57.0312 2336 rspndr - ok
08:48:57.0343 2336 [ 96F8DD546677AA5102150ACC140377B3 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
08:48:57.0390 2336 RSUSBSTOR - ok
08:48:57.0437 2336 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
08:48:57.0484 2336 RTL8167 - ok
08:48:57.0499 2336 RtsUIR - ok
08:48:57.0530 2336 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
08:48:57.0546 2336 SamSs - ok
08:48:57.0608 2336 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:48:57.0640 2336 sbp2port - ok
08:48:57.0686 2336 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:48:57.0733 2336 SCardSvr - ok
08:48:57.0749 2336 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:48:57.0780 2336 scfilter - ok
08:48:57.0842 2336 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
08:48:57.0936 2336 Schedule - ok
08:48:57.0967 2336 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:48:57.0983 2336 SCPolicySvc - ok
08:48:58.0030 2336 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:48:58.0108 2336 SDRSVC - ok
08:48:58.0154 2336 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:48:58.0217 2336 secdrv - ok
08:48:58.0248 2336 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
08:48:58.0295 2336 seclogon - ok
08:48:58.0310 2336 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
08:48:58.0342 2336 SENS - ok
08:48:58.0373 2336 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:48:58.0435 2336 SensrSvc - ok
08:48:58.0466 2336 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:48:58.0498 2336 Serenum - ok
08:48:58.0544 2336 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:48:58.0591 2336 Serial - ok
08:48:58.0638 2336 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:48:58.0669 2336 sermouse - ok
08:48:58.0716 2336 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
08:48:58.0763 2336 SessionEnv - ok
08:48:58.0810 2336 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:48:58.0872 2336 sffdisk - ok
08:48:58.0888 2336 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:48:58.0903 2336 sffp_mmc - ok
08:48:58.0919 2336 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:48:58.0934 2336 sffp_sd - ok
08:48:58.0966 2336 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:48:58.0997 2336 sfloppy - ok
08:48:59.0028 2336 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:48:59.0090 2336 ShellHWDetection - ok
08:48:59.0137 2336 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
08:48:59.0153 2336 sisagp - ok
08:48:59.0215 2336 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:48:59.0231 2336 SiSRaid2 - ok
08:48:59.0262 2336 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:48:59.0293 2336 SiSRaid4 - ok
08:48:59.0356 2336 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:48:59.0434 2336 Smb - ok
08:48:59.0496 2336 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:48:59.0527 2336 SNMPTRAP - ok
08:48:59.0543 2336 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
08:48:59.0574 2336 spldr - ok
08:48:59.0621 2336 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
08:48:59.0683 2336 Spooler - ok
08:48:59.0808 2336 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
08:48:59.0933 2336 sppsvc - ok
08:48:59.0964 2336 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:49:00.0026 2336 sppuinotify - ok
08:49:00.0089 2336 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:49:00.0167 2336 srv - ok
08:49:00.0214 2336 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:49:00.0260 2336 srv2 - ok
08:49:00.0307 2336 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:49:00.0338 2336 srvnet - ok
08:49:00.0370 2336 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:49:00.0494 2336 SSDPSRV - ok
08:49:00.0557 2336 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
08:49:00.0572 2336 ssmdrv - ok
08:49:00.0604 2336 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:49:00.0635 2336 SstpSvc - ok
08:49:00.0682 2336 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:49:00.0713 2336 stexstor - ok
08:49:00.0744 2336 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:49:00.0760 2336 StillCam - ok
08:49:00.0791 2336 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
08:49:00.0853 2336 StiSvc - ok
08:49:00.0884 2336 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
08:49:00.0900 2336 swenum - ok
08:49:00.0947 2336 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
08:49:01.0009 2336 swprv - ok
08:49:01.0103 2336 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
08:49:01.0212 2336 SymEvent - ok
08:49:01.0259 2336 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
08:49:01.0337 2336 SysMain - ok
08:49:01.0368 2336 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:49:01.0415 2336 TabletInputService - ok
08:49:01.0446 2336 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
08:49:01.0540 2336 TapiSrv - ok
08:49:01.0586 2336 [ D7F411C5AF992BB44E86083A6AA7B045 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
08:49:01.0602 2336 tbhsd - ok
08:49:01.0649 2336 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
08:49:01.0742 2336 TBS - ok
08:49:01.0820 2336 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:49:01.0945 2336 Tcpip - ok
08:49:01.0992 2336 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:49:02.0054 2336 TCPIP6 - ok
08:49:02.0132 2336 [ DCFEB82CA988598CEB8F83148616038E ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
08:49:02.0164 2336 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
08:49:02.0164 2336 tcpipBM - detected UnsignedFile.Multi.Generic (1)
08:49:02.0210 2336 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:49:02.0242 2336 tcpipreg - ok
08:49:02.0320 2336 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:49:02.0366 2336 TDPIPE - ok
08:49:02.0398 2336 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:49:02.0413 2336 TDTCP - ok
08:49:02.0444 2336 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:49:02.0507 2336 tdx - ok
08:49:02.0569 2336 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:49:02.0600 2336 TermDD - ok
08:49:02.0632 2336 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
08:49:02.0678 2336 TermService - ok
08:49:02.0819 2336 [ 76468DF7A7A92413A57C998DE5C39290 ] TestHandler C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
08:49:02.0866 2336 TestHandler - ok
08:49:02.0897 2336 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
08:49:02.0944 2336 Themes - ok
08:49:02.0959 2336 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
08:49:02.0990 2336 THREADORDER - ok
08:49:03.0037 2336 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
08:49:03.0053 2336 TPM - ok
08:49:03.0068 2336 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
08:49:03.0115 2336 TrkWks - ok
08:49:03.0162 2336 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:49:03.0240 2336 TrustedInstaller - ok
08:49:03.0334 2336 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:49:03.0380 2336 tssecsrv - ok
08:49:03.0443 2336 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:49:03.0505 2336 TsUsbFlt - ok
08:49:03.0552 2336 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:49:03.0599 2336 tunnel - ok
08:49:03.0614 2336 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:49:03.0646 2336 uagp35 - ok
08:49:03.0661 2336 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:49:03.0724 2336 udfs - ok
08:49:03.0770 2336 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:49:03.0786 2336 UI0Detect - ok
08:49:03.0833 2336 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:49:03.0864 2336 uliagpkx - ok
08:49:03.0926 2336 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:49:03.0973 2336 umbus - ok
08:49:04.0004 2336 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:49:04.0036 2336 UmPass - ok
08:49:04.0051 2336 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
08:49:04.0114 2336 upnphost - ok
08:49:04.0145 2336 [ BB16932A4189E82D6C455042C11849B6 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
08:49:04.0192 2336 upperdev - ok
08:49:04.0254 2336 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:49:04.0332 2336 usbccgp - ok
08:49:04.0348 2336 USBCCID - ok
08:49:04.0379 2336 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:49:04.0441 2336 usbcir - ok
08:49:04.0488 2336 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:49:04.0519 2336 usbehci - ok
08:49:04.0566 2336 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:49:04.0613 2336 usbhub - ok
08:49:04.0628 2336 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:49:04.0691 2336 usbohci - ok
08:49:04.0738 2336 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:49:04.0769 2336 usbprint - ok
08:49:04.0816 2336 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
08:49:04.0862 2336 usbser - ok
08:49:04.0894 2336 [ E748D50B3B2EC7F40A2BA67FB094CF01 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
08:49:04.0909 2336 UsbserFilt - ok
08:49:04.0925 2336 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:49:04.0987 2336 USBSTOR - ok
08:49:05.0003 2336 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:49:05.0034 2336 usbuhci - ok
08:49:05.0112 2336 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:49:05.0159 2336 usbvideo - ok
08:49:05.0190 2336 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
08:49:05.0284 2336 UxSms - ok
08:49:05.0330 2336 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
08:49:05.0346 2336 VaultSvc - ok
08:49:05.0408 2336 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
08:49:05.0440 2336 VClone - ok
08:49:05.0486 2336 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:49:05.0518 2336 vdrvroot - ok
08:49:05.0549 2336 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
08:49:05.0611 2336 vds - ok
08:49:05.0642 2336 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:49:05.0705 2336 vga - ok
08:49:05.0736 2336 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:49:05.0783 2336 VgaSave - ok
08:49:05.0830 2336 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:49:05.0861 2336 vhdmp - ok
08:49:05.0892 2336 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
08:49:05.0908 2336 viaagp - ok
08:49:05.0954 2336 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
08:49:05.0986 2336 ViaC7 - ok
08:49:06.0001 2336 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
08:49:06.0032 2336 viaide - ok
08:49:06.0188 2336 [ 1B0D441D8AB264D39C2B09130CC28045 ] VMCService C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
08:49:06.0235 2336 VMCService ( UnsignedFile.Multi.Generic ) - warning
08:49:06.0235 2336 VMCService - detected UnsignedFile.Multi.Generic (1)
08:49:06.0266 2336 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:49:06.0298 2336 volmgr - ok
08:49:06.0344 2336 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:49:06.0360 2336 volmgrx - ok
08:49:06.0407 2336 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:49:06.0469 2336 volsnap - ok
08:49:06.0516 2336 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:49:06.0547 2336 vsmraid - ok
08:49:06.0625 2336 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
08:49:06.0703 2336 VSS - ok
08:49:06.0734 2336 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:49:06.0750 2336 vwifibus - ok
08:49:06.0781 2336 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:49:06.0844 2336 vwififlt - ok
08:49:06.0875 2336 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:49:06.0906 2336 vwifimp - ok
08:49:06.0937 2336 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
08:49:07.0015 2336 W32Time - ok
08:49:07.0124 2336 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
08:49:07.0171 2336 W3SVC - ok
08:49:07.0202 2336 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:49:07.0234 2336 WacomPen - ok
08:49:07.0280 2336 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:49:07.0374 2336 WANARP - ok
08:49:07.0374 2336 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:49:07.0405 2336 Wanarpv6 - ok
08:49:07.0483 2336 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
08:49:07.0514 2336 WAS - ok
08:49:07.0608 2336 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
08:49:07.0686 2336 wbengine - ok
08:49:07.0717 2336 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:49:07.0733 2336 WbioSrvc - ok
08:49:07.0780 2336 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:49:07.0858 2336 wcncsvc - ok
08:49:07.0873 2336 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:49:07.0936 2336 WcsPlugInService - ok
08:49:07.0951 2336 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:49:07.0967 2336 Wd - ok
08:49:07.0998 2336 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:49:08.0076 2336 Wdf01000 - ok
08:49:08.0107 2336 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:49:08.0201 2336 WdiServiceHost - ok
08:49:08.0201 2336 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:49:08.0216 2336 WdiSystemHost - ok
08:49:08.0294 2336 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
08:49:08.0357 2336 WebClient - ok
08:49:08.0388 2336 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:49:08.0466 2336 Wecsvc - ok
08:49:08.0528 2336 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:49:08.0591 2336 wercplsupport - ok
08:49:08.0653 2336 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
08:49:08.0700 2336 WerSvc - ok
08:49:08.0747 2336 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:49:08.0809 2336 WfpLwf - ok
08:49:08.0825 2336 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:49:08.0856 2336 WIMMount - ok
08:49:08.0872 2336 WinHttpAutoProxySvc - ok
08:49:08.0934 2336 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:49:09.0028 2336 Winmgmt - ok
08:49:09.0121 2336 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
08:49:09.0184 2336 WinRM - ok
08:49:09.0293 2336 [ A67E5F9A400F3BD1BE3D80613B45F708 ] winusb C:\Windows\system32\DRIVERS\WinUSB.sys
08:49:09.0371 2336 winusb - ok
08:49:09.0418 2336 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:49:09.0449 2336 Wlansvc - ok
08:49:09.0558 2336 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:49:09.0605 2336 wlidsvc - ok
08:49:09.0667 2336 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:49:09.0714 2336 WmiAcpi - ok
08:49:09.0761 2336 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:49:09.0808 2336 wmiApSrv - ok
08:49:09.0948 2336 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:49:10.0042 2336 WMPNetworkSvc - ok
08:49:10.0120 2336 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm D:\Eigene Dateien\Eigene Videos\WMZuneComm.exe
08:49:10.0229 2336 WMZuneComm - ok
08:49:10.0276 2336 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:49:10.0354 2336 WPCSvc - ok
08:49:10.0385 2336 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:49:10.0432 2336 WPDBusEnum - ok
08:49:10.0463 2336 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:49:10.0494 2336 ws2ifsl - ok
08:49:10.0556 2336 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
08:49:10.0588 2336 WSDPrintDevice - ok
08:49:10.0603 2336 WSearch - ok
08:49:10.0728 2336 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
08:49:10.0806 2336 wuauserv - ok
08:49:10.0837 2336 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:49:10.0900 2336 WudfPf - ok
08:49:10.0946 2336 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:49:11.0024 2336 WUDFRd - ok
08:49:11.0071 2336 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:49:11.0118 2336 wudfsvc - ok
08:49:11.0134 2336 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
08:49:11.0196 2336 WwanSvc - ok
08:49:11.0461 2336 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc D:\Eigene Dateien\Eigene Videos\ZuneNss.exe
08:49:11.0804 2336 ZuneNetworkSvc - ok
08:49:11.0960 2336 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc D:\Eigene Dateien\Eigene Videos\ZuneWlanCfgSvc.exe
08:49:12.0038 2336 ZuneWlanCfgSvc - ok
08:49:12.0179 2336 ================ Scan global ===============================
08:49:12.0210 2336 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
08:49:12.0288 2336 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
08:49:12.0335 2336 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
08:49:12.0366 2336 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
08:49:12.0382 2336 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
08:49:12.0444 2336 [Global] - ok
08:49:12.0444 2336 ================ Scan MBR ==================================
08:49:12.0475 2336 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:49:13.0474 2336 \Device\Harddisk0\DR0 - ok
08:49:13.0474 2336 ================ Scan VBR ==================================
08:49:13.0505 2336 [ 418105D1E12AEAA75A594148227E2505 ] \Device\Harddisk0\DR0\Partition1
08:49:13.0505 2336 \Device\Harddisk0\DR0\Partition1 - ok
08:49:13.0567 2336 [ A62631A967EC5D73FB6D3E27DBBD46E0 ] \Device\Harddisk0\DR0\Partition2
08:49:13.0567 2336 \Device\Harddisk0\DR0\Partition2 - ok
08:49:13.0567 2336 ============================================================
08:49:13.0567 2336 Scan finished
08:49:13.0567 2336 ============================================================
08:49:13.0583 2544 Detected object count: 5
08:49:13.0583 2544 Actual detected object count: 5
08:49:32.0428 2544 BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:32.0428 2544 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:32.0428 2544 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:32.0428 2544 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:32.0428 2544 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:32.0428 2544 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:32.0428 2544 tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:32.0428 2544 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:49:32.0443 2544 VMCService ( UnsignedFile.Multi.Generic ) - skipped by user
08:49:32.0443 2544 VMCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
24.09.2012, 14:53
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.09.2012, 19:00
| #21 |
| | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Combofix ging ohne Fehlermeldung durch. [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-09-24.02 - x 24.09.2012 19:38:22.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.2909.1842 [GMT 2:00]
ausgeführt von:: c:\users\x\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\x\AppData\Roaming\Microsoft\Windows\Recent\HOW TO DECRYPT FILES.txt
c:\windows\IsUn0407.exe
c:\windows\regsvr32.exe
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\spool\prtprocs\w32x86\ppbiPr.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-24 bis 2012-09-24 ))))))))))))))))))))))))))))))
.
.
2012-09-24 17:47 . 2012-09-24 17:50 -------- d-----w- c:\users\x\AppData\Local\temp
2012-09-24 07:11 . 2012-09-24 07:10 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-24 07:11 . 2012-09-24 07:10 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-24 06:45 . 2012-09-24 06:45 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-22 14:24 . 2012-09-22 14:24 -------- d-----w- C:\_OTL
2012-09-21 09:34 . 2012-09-21 09:34 -------- d-----w- c:\program files\MSECache
2012-09-21 09:10 . 2012-09-21 09:10 -------- d-----w- c:\users\x\AppData\Roaming\LockHunter
2012-09-21 09:06 . 2012-09-21 09:13 -------- d-----w- c:\program files\LockHunter
2012-09-18 10:51 . 2012-09-19 08:08 1644 ----a-w- c:\windows\system32\ASOROSet.bin
2012-09-18 10:49 . 2012-09-18 10:49 -------- d-----w- c:\users\x\AppData\Roaming\Digital Support
2012-09-18 10:44 . 2012-09-19 09:05 -------- d-----w- c:\users\x\AppData\Roaming\Systweak
2012-09-18 10:44 . 2012-09-19 08:17 -------- d-----w- c:\program files\RegClean Pro
2012-09-18 10:16 . 2012-09-19 08:17 -------- d-----w- c:\program files\SmartPCFixer
2012-09-17 10:27 . 2012-09-17 10:27 -------- d-----w- c:\users\x\AppData\Roaming\www.shadowexplorer.com
2012-09-17 06:00 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-17 06:00 . 2012-09-17 06:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-14 11:36 . 2012-09-14 11:36 55 ----a-w- c:\windows\system32\ntfs_system.bat
2012-09-14 07:18 . 2012-08-23 07:15 7022536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1B3C3C2-44A7-4832-8336-17F26FBB8824}\mpengine.dll
2012-09-12 07:51 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 07:51 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 07:51 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 07:51 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 07:51 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 07:51 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-24 07:10 . 2011-10-14 16:36 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-17 06:22 . 2012-09-17 06:22 101329 ----a-w- C:\zbotkiller.zip
2012-07-18 17:47 . 2012-08-16 07:00 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 19:23 . 2012-08-15 07:35 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-04 21:14 . 2012-08-16 07:00 102912 ----a-w- c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-16 07:00 41984 ----a-w- c:\windows\system32\browcli.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{17166733-40EA-4432-A85C-AE672FF0E236}]
2011-04-19 12:25 163936 ----a-w- c:\programdata\1und1InternetExplorerAddon\BHOXML.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="d:\nero\Nero BackItUp\NBJ.exe" [2005-10-11 1961984]
"AnyDVD"="d:\anydvd\AnyDVDtray.exe" [2011-12-31 5598840]
"Updater shortcut"="c:\program files\T-Mobile\web'n'walk Manager\WTGU.exe" [2008-06-19 857544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-22 7514656]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files\CyberLink\YouCam\YouCamTray.exe" [2009-07-08 162912]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 172032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"RSA Card Conversion Utility"="c:\program files\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe" [2010-08-27 3499728]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"Zune Launcher"="d:\eigene dateien\Eigene Videos\ZuneLauncher.exe" [2011-08-05 159456]
"DataCardMonitor"="c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe" [2012-08-07 319488]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-09-11 2403840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2010-1-9 1777664]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\LaunchCenter.exe [2009-9-22 2351104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
3;2 NAUpdate;Nero Update [2011-11-25 687400]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 netr73;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr73.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;d:\eigene dateien\Eigene Videos\WMZuneComm.exe [x]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - BMLoad
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-24 09:09]
.
2012-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-24 09:09]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
LSP: bmnet.dll
Trusted Zone: volkswohl-bund.de\vbnet
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} -
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{26647ca4-a2a7-4eac-8a72-761aa9141de7} - (no file)
BHO-{BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - c:\program files\GMX Toolbar\IE\uitb.dll
Toolbar-{C424171E-592A-415a-9EB1-DFD6D95D3530} - (no file)
SafeBoot-78808047.sys
AddRemove-Activation Assistant for the 2007 Microsoft Office suites - c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe
AddRemove- 2000 - c:\windows\IsUn0407.exe
AddRemove-ElsterFormular 11.2.0.4074 - d:\programme\uninstall.exe
AddRemove-ElsterFormular 11.5.0.4546 - d:\programme\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{C424171E-592A-415A-9EB1-DFD6D95D3530}"=hex:51,66,7a,6c,4c,1d,38,12,70,14,37,
c0,18,17,34,04,e1,a7,9c,96,dc,03,71,24
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"=hex:51,66,7a,6c,4c,1d,38,12,6b,d7,31,
bd,21,23,45,0f,d1,9f,4b,e0,35,84,00,16
"{17166733-40EA-4432-A85C-AE672FF0E236}"=hex:51,66,7a,6c,4c,1d,38,12,5d,64,05,
13,d8,0e,5c,01,d7,4a,ed,27,2a,ae,a6,22
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{BF42D4A8-016E-4FCD-B1EB-837659FD77C6}"=hex:51,66,7a,6c,4c,1d,38,12,c6,d7,51,
bb,5c,4f,a3,0a,ce,fd,c0,36,5c,a3,33,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:85,2c,f3,99,17,89,cc,01
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(532)
c:\windows\system32\bmnet.dll
.
- - - - - - - > 'Explorer.exe'(2856)
d:\anydvd\ADvdDiscHlp1.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\brsvc01a.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\brss01a.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Ralink\Common\RalinkRegistryWriter.exe
c:\program files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\Fujitsu OSD Utility\OSDUtility.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Nero\Update\NASvc.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\msiexec.exe
d:\eigene dateien\Eigene Videos\ZuneNss.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-24 19:55:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-24 17:55
.
Vor Suchlauf: 26 Verzeichnis(se), 72.469.147.648 Bytes frei
Nach Suchlauf: 31 Verzeichnis(se), 72.248.311.808 Bytes frei
.
- - End Of File - - 63D9D512DDE1D45B75DE89069FF94A43
|
|
25.09.2012, 08:06
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.09.2012, 12:03
| #23 |
| | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Das ist der Text von GMER. [code] GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-25 12:56:39
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200BEVT-22ZCT0 rev.11.01A11
Running: g2wm2hl2.exe; Driver: C:\Users\x\AppData\Local\Temp\pgddipog.sys
---- System - GMER 1.0.15 ----
SSDT 9045313E ZwCreateSection
SSDT 90453148 ZwRequestWaitReplyPort
SSDT 90453143 ZwSetContextThread
SSDT 9045314D ZwSetSecurityObject
SSDT 90453152 ZwSystemDebugControl
SSDT 904530DF ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 830833C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830BCD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 830C3EAC 4 Bytes [3E, 31, 45, 90] {XOR DS:[EBP-0x70], EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 830C4208 4 Bytes [48, 31, 45, 90] {DEC EAX; XOR [EBP-0x70], EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 830C424C 4 Bytes [43, 31, 45, 90] {INC EBX; XOR [EBP-0x70], EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 830C42C8 4 Bytes [4D, 31, 45, 90] {DEC EBP; XOR [EBP-0x70], EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 830C431C 4 Bytes [52, 31, 45, 90] {PUSH EDX; XOR [EBP-0x70], EAX}
.text ...
.text peauth.sys AE410C9D 28 Bytes [04, 05, BC, 71, E9, C7, 2B, ...]
.text peauth.sys AE410CC1 28 Bytes [04, 05, BC, 71, E9, C7, 2B, ...]
---- User IAT/EAT - GMER 1.0.15 ----
IAT D:\Eigene Dateien\Eigene Videos\ZuneLauncher.exe[3128] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT D:\Eigene Dateien\Eigene Videos\ZuneLauncher.exe[3128] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT D:\Eigene Dateien\Eigene Videos\ZuneLauncher.exe[3128] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT D:\Eigene Dateien\Eigene Videos\ZuneLauncher.exe[3128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5372] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5372] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5372] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5372] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5372] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75DEFFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \Driver\ACPI_HAL \Device\00000050 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000a9402953a
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000a9402953a (not active ControlSet)
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress@ C:\Windows\Installer\2e9f2.ipi
---- EOF - GMER 1.0.15 ----
Das Log von OSAM Code:
ATTFilter OSAM Logfile: |
|
25.09.2012, 14:31
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Was ist mit aswMBR?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.09.2012, 14:38
| #25 |
| | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt So, der Rest hat lange gedauert. Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-25 13:13:49
-----------------------------
13:13:49.808 OS Version: Windows 6.1.7601 Service Pack 1
13:13:49.808 Number of processors: 2 586 0x170A
13:13:49.808 ComputerName: X-PC UserName: x
13:13:50.622 Initialize success
13:15:44.325 AVAST engine defs: 12092500
13:20:58.168 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:20:58.178 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 11
13:20:58.768 Disk 0 MBR read successfully
13:20:58.768 Disk 0 MBR scan
13:20:58.778 Disk 0 Windows 7 default MBR code
13:20:58.928 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 2049 MB offset 12678
13:20:59.118 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 128001 MB offset 4212332
13:20:59.248 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 175186 MB offset 266358784
13:20:59.738 Disk 0 scanning sectors +625139712
13:21:00.378 Disk 0 scanning C:\Windows\system32\drivers
13:23:30.801 Service scanning
13:23:54.571 Modules scanning
13:26:06.625 Disk 0 trace - called modules:
13:26:06.725 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
13:26:06.735 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x866a33e8]
13:26:06.745 3 CLASSPNP.SYS[8b3af59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x861ee908]
13:26:07.435 AVAST engine scan C:\Windows
13:27:21.052 AVAST engine scan C:\Windows\system32
14:28:41.139 AVAST engine scan C:\Windows\system32\drivers
14:35:38.057 AVAST engine scan C:\Users\x
15:34:13.674 Disk 0 MBR has been saved successfully to "C:\Users\x\Downloads\MBR.dat"
15:34:14.484 The log file has been saved successfully to "C:\Users\x\Downloads\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-25 13:13:49
-----------------------------
13:13:49.808 OS Version: Windows 6.1.7601 Service Pack 1
13:13:49.808 Number of processors: 2 586 0x170A
13:13:49.808 ComputerName: X-PC UserName: x
13:13:50.622 Initialize success
13:15:44.325 AVAST engine defs: 12092500
13:20:58.168 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:20:58.178 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 11
13:20:58.768 Disk 0 MBR read successfully
13:20:58.768 Disk 0 MBR scan
13:20:58.778 Disk 0 Windows 7 default MBR code
13:20:58.928 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 2049 MB offset 12678
13:20:59.118 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 128001 MB offset 4212332
13:20:59.248 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 175186 MB offset 266358784
13:20:59.738 Disk 0 scanning sectors +625139712
13:21:00.378 Disk 0 scanning C:\Windows\system32\drivers
13:23:30.801 Service scanning
13:23:54.571 Modules scanning
13:26:06.625 Disk 0 trace - called modules:
13:26:06.725 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
13:26:06.735 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x866a33e8]
13:26:06.745 3 CLASSPNP.SYS[8b3af59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x861ee908]
13:26:07.435 AVAST engine scan C:\Windows
13:27:21.052 AVAST engine scan C:\Windows\system32
14:28:41.139 AVAST engine scan C:\Windows\system32\drivers
14:35:38.057 AVAST engine scan C:\Users\x
15:34:13.674 Disk 0 MBR has been saved successfully to "C:\Users\x\Downloads\MBR.dat"
15:34:14.484 The log file has been saved successfully to "C:\Users\x\Downloads\aswMBR.txt"
15:34:33.293 Disk 0 MBR has been saved successfully to "C:\Users\x\Downloads\MBR.dat"
15:34:33.303 The log file has been saved successfully to "C:\Users\x\Downloads\aswMBR.txt"
|
|
25.09.2012, 15:08
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.09.2012, 13:35
| #27 |
| | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Hier die beiden logs. Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.25.10 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 x :: X-PC [Administrator] 25.09.2012 19:48:27 mbam-log-2012-09-25 (19-48-27).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 602694 Laufzeit: 1 Stunde(n), 39 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/26/2012 at 11:15 AM
Application Version : 5.5.1022
Core Rules Database Version : 9292
Trace Rules Database Version: 7104
Scan type : Complete Scan
Total Scan Time : 02:49:25
Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 804
Memory threats detected : 0
Registry items scanned : 37494
Registry threats detected : 0
File items scanned : 339259
File threats detected : 122
Adware.Tracking Cookie
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\EW2VIF5C.txt [ /revsci.net ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\H1I6A7YQ.txt [ /mediaplex.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\R6POOCOQ.txt [ /apmebf.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\E0DSLRSU.txt [ /adbrite.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\KCY4LB7V.txt [ /webmasterplan.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\H91QHFQ0.txt [ /adx.chip.de ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\Z806J6OW.txt [ /ad3.adfarm1.adition.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\OZ304E0N.txt [ /ru4.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\DPESYIIF.txt [ /gmeurope.112.2o7.net ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\JBE5HCFU.txt [ /serialnumber.in ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\2QWKJ35Z.txt [ /imrworldwide.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\H0WZ2BYR.txt [ /questionmarket.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\0XTW817G.txt [ /zanox.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\M75I05OW.txt [ /ads.creative-serving.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\4LOTWGE1.txt [ /invitemedia.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\LNT1R7CJ.txt [ /adx2.chip.de ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\FVORZNFN.txt [ /zanox-affiliate.de ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\1COTF8Q0.txt [ /ad.yieldmanager.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\72KPWZ9O.txt [ /serving-sys.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\CFPETBF3.txt [ /atdmt.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\Q2LG8HE1.txt [ /adinterax.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\0J23F0WI.txt [ /kontera.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\U6H5QXA4.txt [ /www.googleadservices.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\Y6SMYML1.txt [ /doubleclick.net ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\IDS2LVZU.txt [ /ad.360yield.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\91R1R1H3.txt [ /unitymedia.de ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\O43J91AV.txt [ /ad2.adfarm1.adition.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\I7NS9NI7.txt [ /collective-media.net ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\6FFIG9XN.txt [ /ad1.adfarm1.adition.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\MCVTI5V8.txt [ /tracker.vinsight.de ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\TK23XL24.txt [ /tracking.mlsat02.de ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\0ZW2CT0M.txt [ /tribalfusion.com ]
C:\Users\x\AppData\Roaming\Microsoft\Windows\Cookies\OS7Z37KH.txt [ /adfarm1.adition.com ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\H1L2472U.txt [ Cookie:x@clkads.com/adServe ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\AUUUQ55C.txt [ Cookie:x@clkads.com/adServe/banners ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQ7LPFVN.txt [ Cookie:x@mediaplex.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\X0BBLNUH.txt [ Cookie:x@statse.webtrendslive.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\STW4N5JQ.txt [ Cookie:x@ww251.smartadserver.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\OOH5G8S1.txt [ Cookie:x@apmebf.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\A6L2KDLQ.txt [ Cookie:x@adbrite.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\B4E2J38J.txt [ Cookie:x@c.atdmt.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\T86DJM2U.txt [ Cookie:x@webmasterplan.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\XLF1EOGP.txt [ Cookie:x@serialnumber.in/serial/registry-mechanic-600780license-namelicense-code/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\LR6103G2.txt [ Cookie:x@adx.chip.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\75JV6VJJ.txt [ Cookie:x@ad3.adfarm1.adition.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\H143BT1H.txt [ Cookie:x@ru4.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\3MHILYC6.txt [ Cookie:x@serialnumber.in/search/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\O3MXWODK.txt [ Cookie:x@www.googleadservices.com/pagead/conversion/960449084/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\URCF2KZL.txt [ Cookie:x@adform.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\1UBPYP22.txt [ Cookie:x@serialnumber.in/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\UXDMZQM7.txt [ Cookie:x@ad4.adfarm1.adition.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\5MW2F7HH.txt [ Cookie:x@xiti.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\7CLV3N10.txt [ Cookie:x@tracking.quisma.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\326W9CQC.txt [ Cookie:x@yieldmanager.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\3TRNF9P2.txt [ Cookie:x@zanox.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y3RDK1DZ.txt [ Cookie:x@www.pilzfinder.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\U0XZ4SVI.txt [ Cookie:x@lfstmedia.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\8CGAZS64.txt [ Cookie:x@invitemedia.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\UPHUZD8J.txt [ Cookie:x@exoclick.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\99QWI6BC.txt [ Cookie:x@adx2.chip.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\UWWBVYKL.txt [ Cookie:x@www.etracker.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\CIZRW96J.txt [ Cookie:x@zanox-affiliate.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\3TW3IT37.txt [ Cookie:x@casalemedia.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\WCERXQ13.txt [ Cookie:x@ad.yieldmanager.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\VEYVKSJ0.txt [ Cookie:x@track.adform.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\2IUF94BP.txt [ Cookie:x@atdmt.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\OEC1S0GN.txt [ Cookie:x@c1.atdmt.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\G5N7TIS4.txt [ Cookie:x@kontera.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\DCFV5M5B.txt [ Cookie:x@stats.paypal.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\14PK0XZX.txt [ Cookie:x@tradedoubler.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\5CDQRGTN.txt [ Cookie:x@statcounter.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\WCF102WJ.txt [ Cookie:x@doubleclick.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\TJAQICJ4.txt [ Cookie:x@toplist.cz/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\FGJTY0UW.txt [ Cookie:x@clickbank.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\8IGSRNSR.txt [ Cookie:x@adtech.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\H53RHG6F.txt [ Cookie:x@ad2.adfarm1.adition.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\WPKOQWSG.txt [ Cookie:x@unitymedia.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\6ERTPE3I.txt [ Cookie:x@adxpose.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\ELVRT7TA.txt [ Cookie:x@microsoftwindows.112.2o7.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\UJMOHE08.txt [ Cookie:x@fastclick.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\SXAWWXFQ.txt [ Cookie:x@de.sitestat.com/idgcom-de/computerwoche/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\JTOMR02M.txt [ Cookie:x@tracker.vinsight.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\2UNCAG23.txt [ Cookie:x@smartadserver.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\G1IP1K2J.txt [ Cookie:x@paypal.112.2o7.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\IV1032ZS.txt [ Cookie:x@ad.adnet.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\59VF6JZ7.txt [ Cookie:x@www.googleadservices.com/pagead/conversion/1012284249/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z1B3I0V4.txt [ Cookie:x@tribalfusion.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\KS6CCJC7.txt [ Cookie:x@adfarm1.adition.com/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\475ZAVZ7.txt [ Cookie:x@adviva.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\0Y8H0FOA.txt [ Cookie:x@auslieferung.commindo-media-ressourcen.de/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\IQDFWBQ8.txt [ Cookie:x@specificclick.net/ ]
C:\USERS\X\AppData\Roaming\Microsoft\Windows\Cookies\Low\1DT4LLHK.txt [ Cookie:x@kaspersky.122.2o7.net/ ]
C:\USERS\X\Cookies\H1I6A7YQ.txt [ Cookie:x@mediaplex.com/ ]
C:\USERS\X\Cookies\R6POOCOQ.txt [ Cookie:x@apmebf.com/ ]
C:\USERS\X\Cookies\E0DSLRSU.txt [ Cookie:x@adbrite.com/ ]
C:\USERS\X\Cookies\KCY4LB7V.txt [ Cookie:x@webmasterplan.com/ ]
C:\USERS\X\Cookies\H91QHFQ0.txt [ Cookie:x@adx.chip.de/ ]
C:\USERS\X\Cookies\Z806J6OW.txt [ Cookie:x@ad3.adfarm1.adition.com/ ]
C:\USERS\X\Cookies\OZ304E0N.txt [ Cookie:x@ru4.com/ ]
C:\USERS\X\Cookies\H1L2472U.txt [ Cookie:x@clkads.com/adServe ]
C:\USERS\X\Cookies\DPESYIIF.txt [ Cookie:x@gmeurope.112.2o7.net/ ]
C:\USERS\X\Cookies\JBE5HCFU.txt [ Cookie:x@serialnumber.in/ ]
C:\USERS\X\Cookies\0XTW817G.txt [ Cookie:x@zanox.com/ ]
C:\USERS\X\Cookies\4LOTWGE1.txt [ Cookie:x@invitemedia.com/ ]
C:\USERS\X\Cookies\LNT1R7CJ.txt [ Cookie:x@adx2.chip.de/ ]
C:\USERS\X\Cookies\FVORZNFN.txt [ Cookie:x@zanox-affiliate.de/ ]
C:\USERS\X\Cookies\1COTF8Q0.txt [ Cookie:x@ad.yieldmanager.com/ ]
C:\USERS\X\Cookies\CFPETBF3.txt [ Cookie:x@atdmt.com/ ]
C:\USERS\X\Cookies\Q2LG8HE1.txt [ Cookie:x@adinterax.com/ ]
C:\USERS\X\Cookies\0J23F0WI.txt [ Cookie:x@kontera.com/ ]
C:\USERS\X\Cookies\U6H5QXA4.txt [ Cookie:x@www.googleadservices.com/pagead/conversion/1040859109/ ]
C:\USERS\X\Cookies\Y6SMYML1.txt [ Cookie:x@doubleclick.net/ ]
C:\USERS\X\Cookies\AUUUQ55C.txt [ Cookie:x@clkads.com/adServe/banners ]
C:\USERS\X\Cookies\91R1R1H3.txt [ Cookie:x@unitymedia.de/ ]
C:\USERS\X\Cookies\O43J91AV.txt [ Cookie:x@ad2.adfarm1.adition.com/ ]
C:\USERS\X\Cookies\MCVTI5V8.txt [ Cookie:x@tracker.vinsight.de/ ]
C:\USERS\X\Cookies\0ZW2CT0M.txt [ Cookie:x@tribalfusion.com/ ]
C:\USERS\X\Cookies\OS7Z37KH.txt [ Cookie:x@adfarm1.adition.com/ ]
Trojan.Agent/Gen-Kazy[Ico]
C:\PROGRAM FILES\GS\UNINSTGS.EXE
Trojan.Agent/Gen-Cryptor[Virut]
C:\PROGRAM FILES\VOLKSWOHL BUND\ANGEBOTSPROGRAMM KOMFORT\PROGRAMM\JNIUTILS.DLL
Trojan.Agent/Gen-Krpytik
C:\VHV\VHV TARIFPROGRAMM\VPL_APPS\DLL.32\SBIKSE32.DLL
Trojan.Agent/Gen-FakeAlert
C:\VHV\VHV TARIFPROGRAMM\VPL_APPS\TOOLBAR.EXE
|
|
26.09.2012, 16:05
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrtCode:
ATTFilter Trojan.Agent/Gen-Kazy[Ico]
C:\PROGRAM FILES\GS\UNINSTGS.EXE
Trojan.Agent/Gen-Cryptor[Virut]
C:\PROGRAM FILES\VOLKSWOHL BUND\ANGEBOTSPROGRAMM KOMFORT\PROGRAMM\JNIUTILS.DLL
Trojan.Agent/Gen-Krpytik
C:\VHV\VHV TARIFPROGRAMM\VPL_APPS\DLL.32\SBIKSE32.DLL
Trojan.Agent/Gen-FakeAlert
C:\VHV\VHV TARIFPROGRAMM\VPL_APPS\TOOLBAR.EXE
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.09.2012, 19:05
| #29 |
| | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Die erste nicht, aber VHV und Volkswohl Bund sind Programme mit denen ich arbeite. Diese, wie auch andere installierte Programme, lassen sich ja nicht mehr öffnen. Ob der Dateiname so vorher schon war, weiss ich allerdings nicht. Meine anderen Dateien, wie Bilder, Videos, PDF´s, Texte usw. sind auch alle noch verschlüsselt. |
|
27.09.2012, 15:16
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt Das erste ist wahrscheinlich Ghostscript, das ist ok Die anderen werden wohl auch ok sein, ist schon ok denn es ist fast normal dass SUPERAntiSpyware Fehlalarme meldet Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu How to decrypt files.txt, Alle Datein mit <Blockage> gesperrt |
| access, bildschirm, check, datei, dateien, daten, e-mail, files, folge, gen, gesperrt, help, hochfahren, komplett, leer, message, neue, nicht mehr, personal, quarantäne, recycle.bin, scan, scannen, strong, systemwiederherstellung, this, öffnen |
Linear-Darstellung
