| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ukash trojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.10.2012, 23:25
| #1 |
 |  ukash trojaner Mein Windows 7 (64-bit) PC ist mit dem UKash/RKA Trojaner infiziert. Ich habe eine OTLPE Boot CD erstellt, damit gebootet, und ein Scan durchführt, allerdings wurde nur die OTL.txt Datei erstellt, keine Extras.txt Datei. Wie kann man den Virus entfernen (Kaspersky Windows Unlocker habe ich noch nicht probiert, den PC habe ich weder im Normal Mode noch im Abgesicherter Mode gebootet) ? Danke im Voraus ! |
|
16.10.2012, 06:11
| #2 |
| | ukash trojaner Ich habe mein PC im “Abgesicherten Modus mit Eingabeaufforderung” gestartet unt mit msconfig den "C:\ProgramData\daueujff.exe" Eintrag aus SystemStart deaktiviert.
__________________Danach habe ich ein einen vollständigen Scan mit Malwarebytes Anti-Malware durchgeführt. Hier ist die Malwarebytes Report-Datei: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.10.15.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 tamad :: TAMAD-PC_UP [Administrator] 16.10.2012 00:11:00 mbam-log-2012-10-16 (00-11-00).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 1080346 Laufzeit: 3 Stunde(n), 6 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegedit (Hijack.Regedit) -> Daten: 0 -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegedit (Hijack.Regedit) -> Daten: 0 -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\ProgramData\daueujff.exe (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\tamad\0.20349061609495533.exe (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Ich hoffe jemand kann mir helfen. Danke im Voraus ! |
|
17.10.2012, 14:23
| #3 |
| /// Helfer-Team  | ukash trojaner Rechner normal booten, dann: CustomScan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*.*
%APPDATA%\*AcroIEH*.*
%APPDATA%\*.exe
%APPDATA%\*.tmp
CREATERESTOREPOINT
__________________ |
|
17.10.2012, 19:09
| #4 |
| | ukash trojaner Danke für die Antwort. Ich habe den PC mit OTL gescannt, leider die " Scanne alle Benutzer" Option vergessen zu aktivieren... Und Norton Internet Security war im Hintergrund noch aktiv ... Soll ich nochmals OTL durchführen (es gibt nur ein Benutzer auf den PC, aber es ist mir klar dass die Dienste unter SYSTEM laufen...) ? Hier ist dir otl.txt Datei: Code:
ATTFilter OTL logfile created on: 17.10.2012 19:43:26 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tamad\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 5,92 Gb Available Physical Memory | 73,96% Memory free 16,00 Gb Paging File | 13,61 Gb Available in Paging File | 85,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 175,78 Gb Total Space | 101,30 Gb Free Space | 57,63% Space Free | Partition Type: NTFS Drive D: | 468,75 Gb Total Space | 0,89 Gb Free Space | 0,19% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 2,90 Gb Free Space | 0,62% Space Free | Partition Type: NTFS Drive F: | 50,78 Gb Total Space | 32,44 Gb Free Space | 63,88% Space Free | Partition Type: NTFS Drive G: | 239,20 Gb Total Space | 234,62 Gb Free Space | 98,09% Space Free | Partition Type: NTFS Drive H: | 462,76 Gb Total Space | 462,38 Gb Free Space | 99,92% Space Free | Partition Type: NTFS Computer Name: TAMAD-PC_UP | User Name: tamad | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.17 19:38:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tamad\Desktop\OTL.exe PRC - [2012.08.18 07:31:31 | 001,193,176 | ---- | M] () -- C:\Users\tamad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe PRC - [2012.04.17 15:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2011.11.15 19:20:26 | 000,095,608 | ---- | M] (Dyn, Inc.) -- C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe PRC - [2011.08.19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2011.05.17 14:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe PRC - [2010.10.22 02:00:00 | 002,105,344 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe PRC - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe PRC - [2010.09.29 11:41:00 | 000,465,728 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Updater\dlu1Aupr.exe PRC - [2010.06.15 01:11:48 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PaperPort\pptd40nt.exe PRC - [2010.06.15 01:10:00 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PaperPort\PDFProFiltSrvPP.exe PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010.03.05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PDFViewer\pdfPro5Hook.exe PRC - [2010.01.22 13:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009.07.17 17:20:34 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009.05.05 17:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe PRC - [2009.05.05 17:06:02 | 001,152,288 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe PRC - [2002.11.19 11:28:18 | 000,213,504 | ---- | M] () -- C:\PROGRA~2\GKC\GKCDTDNS\GKCDTDNSNT.exe ========== Modules (No Company Name) ========== MOD - [2012.08.18 07:31:31 | 001,193,176 | ---- | M] () -- C:\Users\tamad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe MOD - [2012.05.11 03:37:19 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll MOD - [2012.05.11 03:36:44 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.05.11 03:36:41 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.05.11 03:36:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.05.11 03:36:15 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.04.17 15:05:00 | 001,515,520 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll MOD - [2012.04.17 15:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe MOD - [2012.04.17 15:05:00 | 000,559,244 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll MOD - [2012.04.17 15:05:00 | 000,516,599 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll MOD - [2012.04.17 15:05:00 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll MOD - [2012.04.17 15:05:00 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll MOD - [2012.04.17 15:05:00 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll MOD - [2012.04.17 15:05:00 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll MOD - [2012.04.17 15:05:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.03.09 06:53:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.03.09 01:06:44 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2007.06.25 21:17:18 | 000,567,024 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbkcoms.exe -- (dlbk_device) SRV - [2012.10.12 15:49:53 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.09 20:25:20 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe -- (NIS) SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011.11.15 19:20:26 | 000,095,608 | ---- | M] (Dyn, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe -- (Dyn Updater) SRV - [2011.08.19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011.08.02 12:47:14 | 000,159,232 | ---- | M] () [Auto | Running] -- C:\Programme\SAMSUNG\USB Drivers\26_VIA_driver2\amd64\VIAService.exe -- (CDMA Device Service) SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.01.28 11:32:46 | 000,090,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Status Monitor\dlp1Adb.exe -- (DLNADB) SRV - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service) SRV - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager) SRV - [2010.06.15 01:10:00 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP) SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.21 02:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100) SRV - [2009.07.17 17:20:34 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.30 04:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SRV - [2009.03.30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SRV - [2008.07.10 05:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2002.11.19 11:28:18 | 000,213,504 | ---- | M] () [Auto | Running] -- C:\PROGRA~2\GKC\GKCDTDNS\GKCDTDNSNT.exe -- (GKCDTDNS) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.0) DRV:64bit: - [2012.07.06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\srtspx64.sys -- (SRTSPX) DRV:64bit: - [2012.07.06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\srtsp64.sys -- (SRTSP) DRV:64bit: - [2012.06.07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\ccsetx64.sys -- (ccSet_NIS) DRV:64bit: - [2012.05.22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\symefa64.sys -- (SymEFA) DRV:64bit: - [2012.04.18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\symnets.sys -- (SymNetS) DRV:64bit: - [2012.04.18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\ironx64.sys -- (SymIRON) DRV:64bit: - [2012.03.26 22:22:35 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.24 23:23:32 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2011.11.24 23:23:28 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2011.08.19 10:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2011.08.19 10:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2011.07.25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\symds64.sys -- (SymDS) DRV:64bit: - [2011.07.20 00:47:17 | 000,867,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.09 11:22:42 | 009,258,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2011.03.09 11:22:42 | 009,258,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.03.09 06:17:42 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2010.10.25 02:00:00 | 000,714,368 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusbn.sys -- (fwlanusbn) DRV:64bit: - [2010.10.25 02:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2010.10.04 02:00:00 | 001,293,824 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb4.sys -- (fwlanusb4) DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2010.01.22 13:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.01.22 13:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2009.11.02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009.08.21 00:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2009.07.01 12:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.07.01 12:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009.07.01 12:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.04.07 15:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009.03.20 02:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2012.10.17 07:05:35 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20121016.021\ex64.sys -- (NAVEX15) DRV - [2012.10.17 07:05:35 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20121016.021\eng64.sys -- (NAVENG) DRV - [2012.09.06 04:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20121016.001\IDSviA64.sys -- (IDSVia64) DRV - [2012.09.01 00:09:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120928.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2012.08.14 18:27:57 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012.08.09 18:32:11 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C B8 1B BE BF F6 CB 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=DE&ver=18 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Facemoods Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: ffxtlbr@Facemoods.com:1.4.0 FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.5 FF - prefs.js..extensions.enabledAddons: artur.dubovoy@gmail.com:3.7.1 FF - prefs.js..network.proxy.backup.ftp: "192.168.1.101" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.socks: "192.168.1.101" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "192.168.1.101" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.ftp: "192.168.1.101" FF - prefs.js..network.proxy.http: "192.168.1.101" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "192.168.1.101" FF - prefs.js..network.proxy.ssl: "192.168.1.101" FF - prefs.js..network.proxy.type: 4 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\tamad\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\tamad\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2012.02.01 20:38:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2012.10.17 19:18:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.12 15:49:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.12 15:49:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.09 16:14:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tamad\AppData\Roaming\mozilla\Extensions [2012.10.10 20:46:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tamad\AppData\Roaming\mozilla\Firefox\Profiles\i0nhgwf6.default\extensions [2011.09.08 16:57:27 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\tamad\AppData\Roaming\mozilla\Firefox\Profiles\i0nhgwf6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.02.05 11:05:19 | 000,000,000 | ---D | M] (Nero Toolbar) -- C:\Users\tamad\AppData\Roaming\mozilla\Firefox\Profiles\i0nhgwf6.default\extensions\toolbar@ask.com [2012.10.07 20:13:52 | 000,221,242 | ---- | M] () (No name found) -- C:\Users\tamad\AppData\Roaming\mozilla\firefox\profiles\i0nhgwf6.default\extensions\artur.dubovoy@gmail.com.xpi [2011.08.18 19:42:53 | 000,025,939 | ---- | M] () (No name found) -- C:\Users\tamad\AppData\Roaming\mozilla\firefox\profiles\i0nhgwf6.default\extensions\ffxtlbr@Facemoods.com.xpi [2012.10.10 20:46:11 | 001,626,141 | ---- | M] () (No name found) -- C:\Users\tamad\AppData\Roaming\mozilla\firefox\profiles\i0nhgwf6.default\extensions\firebug@software.joehewitt.com.xpi [2011.05.12 15:48:30 | 000,002,449 | ---- | M] () -- C:\Users\tamad\AppData\Roaming\mozilla\firefox\profiles\i0nhgwf6.default\searchplugins\safesearch.xml [2012.10.12 15:49:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.10.12 15:49:53 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.02 17:46:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.16 12:04:55 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.02 17:46:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.04.15 23:17:40 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2011.10.02 17:46:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.02 17:46:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.02 17:46:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://start.facemoods.com/?a=ddrnw CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://start.facemoods.com/?a=ddrnw CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\tamad\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\tamad\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\tamad\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\tamad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\tamad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Facemoods = C:\Users\tamad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.0_0\ CHR - Extension: Facemoods = C:\Users\tamad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.0_0\facemoods\ CHR - Extension: Norton Identity Protection = C:\Users\tamad\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\ CHR - Extension: Google Mail = C:\Users\tamad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011.12.23 18:25:25 | 000,301,069 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 localhost.localdomain O1 - Hosts: 255.255.255.255 broadcasthost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 local O1 - Hosts: 127.0.0.1 goatse.cx # More information on sites such as O1 - Hosts: 127.0.0.1 www.goatse.cx # these can be found in this article O1 - Hosts: 127.0.0.1 oralse.cx # en.wikipedia.org/wiki/List_of_shock_sites O1 - Hosts: 127.0.0.1 www.oralse.cx O1 - Hosts: 127.0.0.1 goatse.ca O1 - Hosts: 127.0.0.1 www.goatse.ca O1 - Hosts: 127.0.0.1 oralse.ca O1 - Hosts: 127.0.0.1 www.oralse.ca O1 - Hosts: 127.0.0.1 goat.cx O1 - Hosts: 127.0.0.1 www.goat.cx O1 - Hosts: 127.0.0.1 www.copyright-reform.info O1 - Hosts: 127.0.0.1 copyright-reform.info O1 - Hosts: 127.0.0.1 cshacks.partycat.us O1 - Hosts: 127.0.0.1 lemonparty.org O1 - Hosts: 127.0.0.1 nimp.org O1 - Hosts: 127.0.0.1 on.nimp.org O1 - Hosts: 127.0.0.1 sourmath.com O1 - Hosts: 127.0.0.1 2girls1finger.org O1 - Hosts: 127.0.0.1 2girls1cup-free.com O1 - Hosts: 127.0.0.1 2girls1cup.nl O1 - Hosts: 9578 more lines... O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PDFViewer\Bin\PlusIEContextMenu.dll (Zeon Corporation) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - d:\Program Files (x86)\Speed Video Splitter\msdxm.ocx (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll (facemoods.com) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin) O4 - HKLM..\Run: [Dell 1355 MFP Launcher] C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Launcher\dlq1Alauncher.exe () O4 - HKLM..\Run: [Dell 1355 MFP RUN] C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Status Monitor\dlp1ARun.exe (Dell) O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PaperPort\IndexSearch.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PDFViewer\RegistryController.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PDFViewer\pdfpro5hook.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [RUNUPDATER] C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Updater\dlu1Aupr.exe (Dell Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [StatusAutoRun] C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Status Monitor\dlp1Apl.exe (Dell Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation) O4 - HKCU..\Run: [Spotify] C:\Users\tamad\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\tamad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Download All by ASUS Download - C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\ASDownloadAll.htm () O8:64bit: - Extra context menu item: Download using ASUS Download - C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\ASDownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\tamad\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Mit PDF Viewer Plus öffnen - C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PDFViewer\Bin\PlusIEContextMenu.dll (Zeon Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\ASDownloadAll.htm () O8 - Extra context menu item: Download using ASUS Download - C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\ASDownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\tamad\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Mit PDF Viewer Plus öffnen - C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PDFViewer\Bin\PlusIEContextMenu.dll (Zeon Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.101 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2504E2FC-0198-4382-84C4-4E3418EF430E}: DhcpNameServer = 192.168.1.101 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8231BFFE-DBFF-48E1-B1A2-9DDFEE734BCF}: DhcpNameServer = 192.168.1.101 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E0AA6F2-E3AF-4CE2-B748-FA8232A3B2BC}: NameServer = 192.168.1.101 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A54878D6-0AA4-40B3-B8F0-FE261D4FA29B}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF37496E-B342-470E-A9C0-C8654ACA4224}: NameServer = 192.168.1.101 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF915E66-1EDD-4E49-BC96-00409DE18851}: NameServer = 192.168.1.101 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\vnd.ms.radio - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - d:\Program Files (x86)\Speed Video Splitter\msdxm.ocx (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004.08.18 15:18:44 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{130b13d8-35e7-11e1-a6bf-0003c9bd8eff}\Shell - "" = AutoRun O33 - MountPoints2\{130b13d8-35e7-11e1-a6bf-0003c9bd8eff}\Shell\AutoRun\command - "" = N:\pushinst.exe O33 - MountPoints2\{5418aa59-6c66-11e1-a5be-0003c9bd8eff}\Shell - "" = AutoRun O33 - MountPoints2\{5418aa59-6c66-11e1-a5be-0003c9bd8eff}\Shell\AutoRun\command - "" = J:\pushinst.exe O33 - MountPoints2\{87720b9c-7762-11e1-955e-0003c9bd8eff}\Shell - "" = AutoRun O33 - MountPoints2\{87720b9c-7762-11e1-955e-0003c9bd8eff}\Shell\AutoRun\command - "" = J:\pushinst.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: daueujfffgoclmh - hkey= - key= - File not found MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll () CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.17 19:39:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tamad\Desktop\OTL.exe [2012.10.16 00:05:45 | 000,000,000 | ---D | C] -- C:\Users\tamad\AppData\Roaming\Malwarebytes [2012.10.16 00:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.16 00:05:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.16 00:05:19 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.10.16 00:05:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.15 07:12:24 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012.10.13 23:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\exsgiennfbhnsue [2012.10.13 14:14:09 | 000,000,000 | ---D | C] -- C:\Users\tamad\Desktop\Selectie Provence [2012.10.12 15:49:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.10.09 22:10:40 | 000,000,000 | ---D | C] -- C:\Users\tamad\Documents\Any DVD Cloner [2012.10.09 22:01:53 | 000,000,000 | ---D | C] -- C:\Users\tamad\AppData\Roaming\Any DVD Cloner Platinum [2012.10.09 21:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.10.09 21:02:45 | 000,000,000 | ---D | C] -- C:\Users\tamad\Documents\Any DVD Cloner Platinum [2012.10.09 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any DVD Cloner Platinum [2012.10.09 21:02:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Any DVD Cloner Platinum [2012.10.09 20:41:05 | 000,000,000 | ---D | C] -- C:\Users\tamad\AppData\Roaming\DVD Shrink ========== Files - Modified Within 30 Days ========== [2012.10.17 19:38:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tamad\Desktop\OTL.exe [2012.10.17 19:27:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2382729799-1600841459-1991903984-1000UA.job [2012.10.17 19:24:49 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.17 19:24:49 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.17 19:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.17 19:17:43 | 000,002,492 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2012.10.17 19:17:34 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.17 19:17:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.17 19:17:22 | 2146,832,383 | -HS- | M] () -- C:\hiberfil.sys [2012.10.17 19:17:14 | 002,006,201 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1309000.009\Cat.DB [2012.10.17 19:13:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.17 15:27:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2382729799-1600841459-1991903984-1000Core.job [2012.10.16 04:20:06 | 000,010,074 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1309000.009\VT20121008.022 [2012.10.16 00:05:21 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.13 23:16:18 | 000,076,359 | ---- | M] () -- C:\ProgramData\ffkzhfvabocmhxo [2012.10.13 17:56:12 | 001,796,694 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.13 17:56:12 | 000,762,164 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.13 17:56:12 | 000,717,482 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.13 17:56:12 | 000,172,550 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.13 17:56:12 | 000,145,504 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.11 19:29:54 | 000,002,490 | ---- | M] () -- C:\Users\tamad\Desktop\Google Chrome.lnk [2012.09.26 12:34:14 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1309000.009\isolate.ini ========== Files Created - No Company Name ========== [2012.10.16 00:05:21 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.13 23:16:14 | 000,076,359 | ---- | C] () -- C:\ProgramData\ffkzhfvabocmhxo [2012.01.21 16:30:57 | 000,130,048 | ---- | C] () -- C:\Windows\SysWow64\dlnafJBF.DLL [2011.10.06 20:38:23 | 000,004,608 | ---- | C] () -- C:\Users\tamad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.10.06 20:36:54 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.10.06 20:36:54 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.08.19 10:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2011.08.19 10:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2011.08.19 10:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011.08.10 19:32:34 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\AVERM.dll [2011.08.10 19:32:34 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\AVEQT.dll [2011.06.12 12:18:39 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\BCGPOleAcc.dll [2011.05.18 17:14:31 | 000,000,036 | ---- | C] () -- C:\Users\tamad\.org.eclipse.epp.usagedata.recording.userId [2011.04.18 23:34:55 | 000,000,281 | ---- | C] () -- C:\Windows\dellstat.ini [2011.04.11 19:47:59 | 000,000,096 | ---- | C] () -- C:\Users\tamad\.asadminpass [2011.04.10 18:25:27 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.04.09 17:04:15 | 001,773,652 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.09 16:37:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.01.28 11:32:24 | 000,814,912 | ---- | C] () -- C:\Windows\dl1armm.exe [2011.01.13 05:03:18 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.01.30 22:27:00 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\.oit [2012.10.09 22:01:53 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Any DVD Cloner Platinum [2011.05.08 12:09:11 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Canneverbe Limited [2011.08.24 18:07:52 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011.09.08 16:57:43 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\DVDVideoSoft [2011.09.08 16:57:16 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\DVDVideoSoftIEHelpers [2012.10.11 22:47:18 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FileZilla [2011.04.09 16:28:37 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FreeCommander [2012.02.18 18:34:06 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FRITZ! [2012.02.18 12:10:44 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FRITZ!fax für FRITZ!Box [2011.10.06 20:38:03 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\GeoVid [2012.01.01 14:11:47 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\GHISLER [2012.05.31 21:36:35 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\HTC [2012.05.31 21:53:20 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012.01.01 14:49:08 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\IrfanView [2011.05.10 00:51:38 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\mkvtoolnix [2011.05.10 01:06:09 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Modiac [2012.02.22 21:09:37 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\MyPhoneExplorer [2012.01.01 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Notepad++ [2012.01.30 21:44:25 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Nuance [2011.06.12 09:04:22 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Opera [2011.12.12 12:47:05 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\PhotoScape [2012.03.04 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Rovio [2011.09.08 17:03:51 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\SharePod [2012.10.17 19:32:42 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Spotify [2011.05.21 00:58:59 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Subtitle Edit [2011.07.24 18:42:02 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Xilisoft [2012.01.30 22:26:53 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Zeon ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.01.30 22:27:00 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\.oit [2011.08.24 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Adobe [2011.06.12 12:20:15 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Ahead [2012.10.09 22:01:53 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Any DVD Cloner Platinum [2011.04.09 16:38:30 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\ATI [2011.05.08 12:09:11 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Canneverbe Limited [2011.08.24 18:07:52 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.02.04 16:34:14 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Download Manager [2012.10.09 20:42:36 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\DVD Shrink [2012.10.09 21:19:02 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\dvdcss [2011.09.08 16:57:43 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\DVDVideoSoft [2011.09.08 16:57:16 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\DVDVideoSoftIEHelpers [2011.05.01 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FastStone [2012.10.11 22:47:18 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FileZilla [2012.01.21 16:36:03 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FLEXnet [2011.04.09 16:28:37 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FreeCommander [2012.02.18 18:34:06 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FRITZ! [2012.02.18 12:10:44 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\FRITZ!fax für FRITZ!Box [2011.10.06 20:38:03 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\GeoVid [2012.01.01 14:11:47 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\GHISLER [2012.05.31 21:36:35 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\HTC [2012.05.31 21:53:20 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011.04.09 14:57:52 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Identities [2012.02.04 18:47:47 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\InstallShield [2012.01.01 14:49:08 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\IrfanView [2011.04.09 18:19:47 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Macromedia [2012.10.16 00:05:45 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Malwarebytes [2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Media Center Programs [2012.09.13 16:26:04 | 000,000,000 | --SD | M] -- C:\Users\tamad\AppData\Roaming\Microsoft [2011.05.10 00:51:38 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\mkvtoolnix [2011.05.10 01:06:09 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Modiac [2011.04.09 16:14:32 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Mozilla [2012.02.22 21:09:37 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\MyPhoneExplorer [2011.12.25 14:39:48 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Nero [2012.01.01 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Notepad++ [2012.01.30 21:44:25 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Nuance [2011.06.12 09:04:22 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Opera [2011.12.12 12:47:05 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\PhotoScape [2012.03.04 21:41:43 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Rovio [2011.09.08 17:03:51 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\SharePod [2012.10.13 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Skype [2012.10.17 19:32:42 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Spotify [2011.05.21 00:58:59 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Subtitle Edit [2012.06.09 20:38:34 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\vlc [2012.10.12 18:57:02 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Winamp [2011.04.16 08:48:30 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\WinRAR [2011.07.24 18:42:02 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Xilisoft [2012.01.30 22:26:53 | 000,000,000 | ---D | M] -- C:\Users\tamad\AppData\Roaming\Zeon < %APPDATA%\*.exe /s > [2012.05.31 21:33:35 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\tamad\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2012.08.18 07:31:31 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\tamad\AppData\Roaming\Spotify\spotify.exe [2012.08.18 07:31:31 | 000,114,904 | ---- | M] () -- C:\Users\tamad\AppData\Roaming\Spotify\SpotifyLauncher.exe [2012.08.18 07:31:31 | 001,193,176 | ---- | M] () -- C:\Users\tamad\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2009.12.20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.07.14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\atl.dll [2012.08.24 09:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll < %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*.* > [2012.07.22 09:30:13 | 000,000,174 | -HS- | M] () -- C:\Users\tamad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini < %APPDATA%\*AcroIEH*.* > < %APPDATA%\*.exe > < %APPDATA%\*.tmp > ========== Alternate Data Streams ========== @Alternate Data Stream - 172 bytes -> C:\ProgramData\TEMP:B946D9EE < End of report > |
|
18.10.2012, 00:48
| #5 |
| /// Helfer-Team | ukash trojaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
18.10.2012, 17:58
| #6 |
| | ukash trojaner Danke nochmals. Hier ist AdwCleaner Log-Datei: Code:
ATTFilter # AdwCleaner v2.005 - Datei am 18/10/2012 um 18:49:46 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : tamad - TAMAD-PC_UP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\tamad\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\facemoods.com
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\tamad\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\tamad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Ordner Gelöscht : C:\Users\tamad\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\tamad\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\tamad\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\tamad\AppData\Roaming\Mozilla\Firefox\Profiles\i0nhgwf6.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\facemoods.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\Software\facemoods.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [facemoods]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com
-\\ Mozilla Firefox v15.0.1 (de)
Profilname : default
Datei : C:\Users\tamad\AppData\Roaming\Mozilla\Firefox\Profiles\i0nhgwf6.default\prefs.js
Gelöscht : user_pref("browser.search.defaultenginename", "Facemoods Search");
Gelöscht : user_pref("extensions.facemoods._xpiupdate", true);
Gelöscht : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Gelöscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Gelöscht : user_pref("extensions.facemoods.firstRun", false);
Gelöscht : user_pref("extensions.facemoods.first_time", false);
Gelöscht : user_pref("extensions.facemoods.id", "_#9fe6e5b53731497dab7d5072e64f7f33");
Gelöscht : user_pref("extensions.facemoods.instlDay", "_#15204");
Gelöscht : user_pref("extensions.facemoods.lastActv", "15");
Gelöscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Gelöscht : user_pref("extensions.facemoods.sid", "_#9fe6e5b53731497dab7d5072e64f7f33");
Gelöscht : user_pref("extensions.facemoods.update", "_#v1.4.0");
Gelöscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
-\\ Google Chrome v22.0.1229.94
Datei : C:\Users\tamad\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.9] : homepage = "hxxp://start.facemoods.com/?a=ddrnw",
Gelöscht [l.1382] : homepage = "hxxp://start.facemoods.com/?a=ddrnw",
-\\ Opera v12.2.1578.0
Datei : C:\Users\tamad\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [13548 octets] - [18/10/2012 18:49:46]
########## EOF - C:\AdwCleaner[S1].txt - [13609 octets] ##########
Code:
ATTFilter Emsisoft Anti-Malware - Version 7.0
Letztes Update: 18.10.2012 19:00:22
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\, F:\, G:\, H:\
Riskware-Erkennung: Aus
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan Beginn: 18.10.2012 19:01:55
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\2474121b-670e519c -> Effect.class gefunden: Java.Exploit.CVE-2010-0840.AB (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\2474121b-670e519c -> Field.class gefunden: Java.Exploit.CVE-2010-0840.AC (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\2474121b-670e519c -> first.class gefunden: Java.Exploit.CVE-2010-0840.AC (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\2474121b-670e519c -> Matrix.class gefunden: Java.Exploit.CVE-2010-0840.AC (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\34794aaf-3cf99977 -> Field.class gefunden: Trojan.Java.Exploit.S (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\34794aaf-3cf99977 -> first.class gefunden: Trojan.Java.Exploit.S (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\7b0254fd-71e1d1a7 -> a/Help.class gefunden: Java.Exploit.CVE-2012-0507.C (B)
E:\Adrian\HPTool\HP Tool.exe gefunden: Trojan.Generic.1904251 (B)
E:\Android\Tools\SuperOneClick v1.9.1.zip -> SuperOneClick v1.9.1/Exploits/GingerBreak gefunden: Android.Exploit.GingerBreak.A (B)
E:\Android\Tools\SuperOneClick v1.9.1.zip -> SuperOneClick v1.9.1/Exploits/psneuter gefunden: Android.Exploit.PSN.A (B)
F:\Program Files\Application Updater\ApplicationUpdater.exe gefunden: Adware.Win32.Toolbar.Dealio.AMN (A)
F:\Program Files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll gefunden: Adware.Win32.Toolbar.Dealio.AMN (A)
F:\Program Files\pdfforge Toolbar\SearchSettings.dll gefunden: Adware.Win32.Toolbar.Dealio (A)
F:\Program Files\pdfforge Toolbar\SearchSettingsRes409.dll gefunden: Adware.Win32.Toolbar.Dealio.AMN (A)
Gescannt 1194633
Gefunden 14
Scan Ende: 18.10.2012 23:39:52
Scan Zeit: 4:37:57
F:\Program Files\pdfforge Toolbar\SearchSettings.dll Quarantäne Adware.Win32.Toolbar.Dealio (A)
F:\Program Files\Application Updater\ApplicationUpdater.exe Quarantäne Adware.Win32.Toolbar.Dealio.AMN (A)
F:\Program Files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll Quarantäne Adware.Win32.Toolbar.Dealio.AMN (A)
F:\Program Files\pdfforge Toolbar\SearchSettingsRes409.dll Quarantäne Adware.Win32.Toolbar.Dealio.AMN (A)
E:\Android\Tools\SuperOneClick v1.9.1.zip -> SuperOneClick v1.9.1/Exploits/psneuter Quarantäne Android.Exploit.PSN.A (B)
E:\Adrian\HPTool\HP Tool.exe Quarantäne Trojan.Generic.1904251 (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\7b0254fd-71e1d1a7 -> a/Help.class Quarantäne Java.Exploit.CVE-2012-0507.C (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\34794aaf-3cf99977 -> Field.class Quarantäne Trojan.Java.Exploit.S (B)
C:\Users\tamad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\2474121b-670e519c -> Field.class Quarantäne Java.Exploit.CVE-2010-0840.AC (B)
Quarantäne 9
|
|
20.10.2012, 02:37
| #7 |
| /// Helfer-Team | ukash trojaner Sehr gut!  Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
|
20.10.2012, 14:28
| #8 |
| | ukash trojaner Scan ist ferig, ESET bietet die Option "Delete quarantined files". Soll ich die Option aktivieren ? Hier ist die log.txt Datei: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=281ab1943e4a3d45916af91b7209a342
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-20 12:13:49
# local_time=2012-10-20 02:13:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3584 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 39360673 102345938 0 0
# compatibility_mode=8192 67108863 100 0 214 214 0 0
# scanned=896105
# found=21
# cleaned=21
# scan_time=19142
C:\ProgramData\exsgiennfbhnsue\main.html HTML/Ransom.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\tamad\AppData\Local\Temp\ICReinstall\cnet2_smac20_setup_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\tamad\AppData\Local\Temp\Temp1_FFSetup295.zip\FFSetup295.exe a variant of Win32/ELEX application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\***\Fritzbox 7170\FritzRePass+U3\Portable\FritzRePass.exe Win32/Packed.Autoit.E.Gen application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\***\Fritzbox 7170\FritzRePass+U3\U3\FritzRePassU3.exe Win32/Packed.Autoit.E.Gen application (deleted - quarantined) 00000000000000000000000000000000 C
E:\***\FFSetup295.zip a variant of Win32/ELEX application (deleted - quarantined) 00000000000000000000000000000000 C
E:\***\w3 editor\JNPG\bin\ongameload.dll probably a variant of Win32/Agent.TTMDTJ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
E:\Android\Roms\New_XXKI4_CheckROM_RevolutionHD_V2.0.0.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
E:\Android\Roms\XWKK5_CheckromRevoHD_V4.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
E:\Android\Spiele\cleopatraspyramid_1.4.apk Android/Adware.AirPush.B application (deleted - quarantined) 00000000000000000000000000000000 C
E:\***\Crazy Machines\SoftonicDownloader_fuer_crazy-machines-ii.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
E:\***\FFSetup2.zip Win32/Adware.ADON application (deleted - quarantined) 00000000000000000000000000000000 C
E:\***\HSS-1.30-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
E:\***\FormatFactory\FFSetup2.exe Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
E:\***\PCast\pcastbarmini.exe probably a variant of Win32/Agent.EVEAWUE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
E:\***\PcOnPoint\pconpoint.exe a variant of Win32/Adware.ErrorClean application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
F:\Program Files\pdfforge Toolbar\SearchSettings.exe Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
F:\Program Files\pdfforge Toolbar\WidgiHelper.exe Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
F:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll probably a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
F:\Users\tamad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F4GMMP7F\pdfforgeToolbar[1].msi probably a variant of Win32/Toolbar.Widgi application (deleted - quarantined) 00000000000000000000000000000000 C
F:\Windows\Installer\2ae70e.msi probably a variant of Win32/Toolbar.Widgi application (deleted - quarantined) 00000000000000000000000000000000 C
|
|
20.10.2012, 17:31
| #9 |
| /// Helfer-Team | ukash trojaner TDSSKiller von Kaspersky - Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.Hier findest Du eine ausführlichere TDSSKiller Anleitung. |
|
20.10.2012, 21:16
| #10 |
| | ukash trojaner Bei TDSSKiller habe ich bei Settings zusätzlich zu den Default-Einstellungen auch die AdditionalOptions "Verify the digital signatures" und "Detect TDLFS file system" aktiviert (sah wie hier aus : http://www.trojaner-board.de/125608-...tml#post938814 ) Die TDSSKiller Log-Datei (ist zu lang um auf einmal gepostet zu werden, ich musste die Datei in 2 trennen): Code:
ATTFilter 21:47:09.0219 3524 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
21:47:09.0656 3524 ============================================================
21:47:09.0656 3524 Current date / time: 2012/10/20 21:47:09.0656
21:47:09.0656 3524 SystemInfo:
21:47:09.0656 3524
21:47:09.0656 3524 OS Version: 6.1.7601 ServicePack: 1.0
21:47:09.0656 3524 Product type: Workstation
21:47:09.0656 3524 ComputerName: TAMAD-PC_UP
21:47:09.0656 3524 UserName: tamad
21:47:09.0656 3524 Windows directory: C:\Windows
21:47:09.0656 3524 System windows directory: C:\Windows
21:47:09.0656 3524 Running under WOW64
21:47:09.0656 3524 Processor architecture: Intel x64
21:47:09.0656 3524 Number of processors: 4
21:47:09.0656 3524 Page size: 0x1000
21:47:09.0656 3524 Boot type: Normal boot
21:47:09.0656 3524 ============================================================
21:47:11.0543 3524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:47:11.0559 3524 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:47:11.0621 3524 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:47:11.0653 3524 ============================================================
21:47:11.0653 3524 \Device\Harddisk0\DR0:
21:47:11.0653 3524 MBR partitions:
21:47:11.0653 3524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x15F90DA4
21:47:11.0653 3524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15F90DE3, BlocksNum 0x658FBA5
21:47:11.0653 3524 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1C520988, BlocksNum 0x1DE642B9
21:47:11.0653 3524 \Device\Harddisk1\DR1:
21:47:11.0653 3524 MBR partitions:
21:47:11.0653 3524 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A97E608
21:47:11.0653 3524 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3A97E647, BlocksNum 0x39D8737A
21:47:11.0653 3524 \Device\Harddisk2\DR2:
21:47:11.0653 3524 MBR partitions:
21:47:11.0653 3524 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
21:47:11.0653 3524 ============================================================
21:47:11.0653 3524 C: <-> \Device\Harddisk0\DR0\Partition1
21:47:11.0653 3524 D: <-> \Device\Harddisk1\DR1\Partition1
21:47:11.0668 3524 E: <-> \Device\Harddisk2\DR2\Partition1
21:47:11.0699 3524 F: <-> \Device\Harddisk0\DR0\Partition2
21:47:11.0715 3524 G: <-> \Device\Harddisk0\DR0\Partition3
21:47:11.0746 3524 H: <-> \Device\Harddisk1\DR1\Partition2
21:47:11.0746 3524 ============================================================
21:47:11.0746 3524 Initialize success
21:47:11.0746 3524 ============================================================
21:47:43.0991 0380 ============================================================
21:47:43.0991 0380 Scan started
21:47:43.0991 0380 Mode: Manual;
21:47:43.0991 0380 ============================================================
21:47:44.0709 0380 ================ Scan system memory ========================
21:47:44.0709 0380 System memory - ok
21:47:44.0709 0380 ================ Scan services =============================
21:47:44.0849 0380 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:47:44.0849 0380 1394ohci - ok
21:47:44.0896 0380 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
21:47:44.0896 0380 acedrv11 - ok
21:47:44.0943 0380 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:47:44.0943 0380 ACPI - ok
21:47:44.0974 0380 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:47:44.0974 0380 AcpiPmi - ok
21:47:45.0099 0380 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:47:45.0099 0380 AdobeFlashPlayerUpdateSvc - ok
21:47:45.0146 0380 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:47:45.0161 0380 adp94xx - ok
21:47:45.0193 0380 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:47:45.0193 0380 adpahci - ok
21:47:45.0224 0380 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:47:45.0224 0380 adpu320 - ok
21:47:45.0255 0380 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:47:45.0255 0380 AeLookupSvc - ok
21:47:45.0302 0380 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:47:45.0302 0380 AFD - ok
21:47:45.0333 0380 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:47:45.0333 0380 agp440 - ok
21:47:45.0349 0380 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:47:45.0364 0380 ALG - ok
21:47:45.0380 0380 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:47:45.0380 0380 aliide - ok
21:47:45.0411 0380 [ 1EA72552BC6AB3A5D02E16A3004B3B97 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:47:45.0411 0380 AMD External Events Utility - ok
21:47:45.0473 0380 AMD FUEL Service - ok
21:47:45.0489 0380 [ DD27F6C3DE9BFE50635C721E09EDC5DD ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
21:47:45.0489 0380 AMD Reservation Manager - ok
21:47:45.0520 0380 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:47:45.0520 0380 amdide - ok
21:47:45.0551 0380 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
21:47:45.0551 0380 amdiox64 - ok
21:47:45.0567 0380 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:47:45.0567 0380 AmdK8 - ok
21:47:45.0754 0380 [ BFA9657ADF7DDC29242A6E0E88DE36FA ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:47:45.0957 0380 amdkmdag - ok
21:47:45.0973 0380 [ 8C493027D9B2399283E724E9862EBB42 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:47:45.0988 0380 amdkmdap - ok
21:47:46.0004 0380 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:47:46.0004 0380 AmdPPM - ok
21:47:46.0035 0380 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:47:46.0035 0380 amdsata - ok
21:47:46.0066 0380 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:47:46.0066 0380 amdsbs - ok
21:47:46.0082 0380 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:47:46.0082 0380 amdxata - ok
21:47:46.0097 0380 AODDriver4.0 - ok
21:47:46.0113 0380 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:47:46.0113 0380 AppID - ok
21:47:46.0129 0380 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:47:46.0129 0380 AppIDSvc - ok
21:47:46.0160 0380 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:47:46.0160 0380 Appinfo - ok
21:47:46.0191 0380 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:47:46.0191 0380 AppMgmt - ok
21:47:46.0207 0380 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:47:46.0207 0380 arc - ok
21:47:46.0222 0380 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:47:46.0222 0380 arcsas - ok
21:47:46.0300 0380 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:47:46.0300 0380 aspnet_state - ok
21:47:46.0331 0380 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:47:46.0331 0380 AsyncMac - ok
21:47:46.0363 0380 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:47:46.0363 0380 atapi - ok
21:47:46.0409 0380 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:47:46.0409 0380 AtiHDAudioService - ok
21:47:46.0597 0380 [ BFA9657ADF7DDC29242A6E0E88DE36FA ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:47:46.0628 0380 atikmdag - ok
21:47:46.0659 0380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:47:46.0675 0380 AudioEndpointBuilder - ok
21:47:46.0675 0380 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:47:46.0675 0380 AudioSrv - ok
21:47:46.0737 0380 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:47:46.0737 0380 AVM WLAN Connection Service - ok
21:47:46.0768 0380 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:47:46.0768 0380 avmeject - ok
21:47:46.0815 0380 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:47:46.0815 0380 AxInstSV - ok
21:47:46.0846 0380 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:47:46.0846 0380 b06bdrv - ok
21:47:46.0893 0380 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:47:46.0893 0380 b57nd60a - ok
21:47:46.0940 0380 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:47:46.0940 0380 BDESVC - ok
21:47:46.0955 0380 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:47:46.0955 0380 Beep - ok
21:47:47.0002 0380 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:47:47.0018 0380 BFE - ok
21:47:47.0189 0380 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120928.001\BHDrvx64.sys
21:47:47.0221 0380 BHDrvx64 - ok
21:47:47.0283 0380 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:47:47.0299 0380 BITS - ok
21:47:47.0314 0380 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:47:47.0314 0380 blbdrive - ok
21:47:47.0330 0380 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:47:47.0330 0380 bowser - ok
21:47:47.0345 0380 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:47:47.0345 0380 BrFiltLo - ok
21:47:47.0361 0380 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:47:47.0361 0380 BrFiltUp - ok
21:47:47.0392 0380 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:47:47.0392 0380 Browser - ok
21:47:47.0408 0380 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:47:47.0408 0380 Brserid - ok
21:47:47.0423 0380 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:47:47.0423 0380 BrSerWdm - ok
21:47:47.0439 0380 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:47:47.0439 0380 BrUsbMdm - ok
21:47:47.0455 0380 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:47:47.0455 0380 BrUsbSer - ok
21:47:47.0470 0380 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:47:47.0470 0380 BthEnum - ok
21:47:47.0486 0380 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:47:47.0486 0380 BTHMODEM - ok
21:47:47.0517 0380 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:47:47.0517 0380 BthPan - ok
21:47:47.0564 0380 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:47:47.0579 0380 BTHPORT - ok
21:47:47.0595 0380 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:47:47.0611 0380 bthserv - ok
21:47:47.0626 0380 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:47:47.0642 0380 BTHUSB - ok
21:47:47.0657 0380 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:47:47.0657 0380 btwaudio - ok
21:47:47.0704 0380 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
21:47:47.0704 0380 btwavdt - ok
21:47:47.0767 0380 [ 9B3BD0ECD82CC08409C55A36D8F56B93 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:47:47.0782 0380 btwdins - ok
21:47:47.0813 0380 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:47:47.0813 0380 btwl2cap - ok
21:47:47.0829 0380 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:47:47.0829 0380 btwrchid - ok
21:47:47.0876 0380 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys
21:47:47.0876 0380 ccSet_NIS - ok
21:47:47.0907 0380 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:47:47.0907 0380 cdfs - ok
21:47:47.0969 0380 [ D6696435EEFD7BBDB4226C60A5B343DC ] CDMA Device Service C:\Program Files\SAMSUNG\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
21:47:47.0969 0380 CDMA Device Service - ok
21:47:48.0016 0380 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:47:48.0016 0380 cdrom - ok
21:47:48.0063 0380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:47:48.0063 0380 CertPropSvc - ok
21:47:48.0094 0380 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:47:48.0094 0380 circlass - ok
21:47:48.0125 0380 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:47:48.0125 0380 CLFS - ok
21:47:48.0172 0380 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:47:48.0172 0380 clr_optimization_v2.0.50727_32 - ok
21:47:48.0203 0380 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:47:48.0203 0380 clr_optimization_v2.0.50727_64 - ok
21:47:48.0250 0380 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:47:48.0266 0380 clr_optimization_v4.0.30319_32 - ok
21:47:48.0281 0380 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:47:48.0281 0380 clr_optimization_v4.0.30319_64 - ok
21:47:48.0297 0380 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:47:48.0297 0380 CmBatt - ok
21:47:48.0328 0380 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:47:48.0328 0380 cmdide - ok
21:47:48.0359 0380 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:47:48.0359 0380 CNG - ok
21:47:48.0375 0380 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:47:48.0375 0380 Compbatt - ok
21:47:48.0406 0380 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:47:48.0406 0380 CompositeBus - ok
21:47:48.0406 0380 COMSysApp - ok
21:47:48.0422 0380 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:47:48.0422 0380 crcdisk - ok
21:47:48.0453 0380 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:47:48.0469 0380 CryptSvc - ok
21:47:48.0500 0380 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:47:48.0515 0380 CSC - ok
21:47:48.0547 0380 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:47:48.0547 0380 CscService - ok
21:47:48.0562 0380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:47:48.0578 0380 DcomLaunch - ok
21:47:48.0593 0380 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:47:48.0609 0380 defragsvc - ok
21:47:48.0625 0380 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:47:48.0625 0380 DfsC - ok
21:47:48.0656 0380 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:47:48.0656 0380 dg_ssudbus - ok
21:47:48.0671 0380 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:47:48.0671 0380 Dhcp - ok
21:47:48.0687 0380 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:47:48.0687 0380 discache - ok
21:47:48.0718 0380 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:47:48.0718 0380 Disk - ok
21:47:48.0734 0380 dlbk_device - ok
21:47:48.0796 0380 [ A77C2DF75A947CDD5C1F26039361F48C ] DLNADB C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Status Monitor\dlp1Adb.exe
21:47:48.0796 0380 DLNADB - ok
21:47:48.0827 0380 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:47:48.0827 0380 Dnscache - ok
21:47:48.0874 0380 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:47:48.0874 0380 dot3svc - ok
21:47:48.0905 0380 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:47:48.0905 0380 DPS - ok
21:47:48.0937 0380 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:47:48.0937 0380 drmkaud - ok
21:47:48.0983 0380 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:47:48.0999 0380 DXGKrnl - ok
21:47:49.0030 0380 [ C3CDC19B715514200F5CEC8BE5B9C9A8 ] Dyn Updater C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
21:47:49.0030 0380 Dyn Updater - ok
21:47:49.0046 0380 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:47:49.0046 0380 EapHost - ok
21:47:49.0124 0380 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:47:49.0186 0380 ebdrv - ok
21:47:49.0233 0380 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:47:49.0233 0380 eeCtrl - ok
21:47:49.0264 0380 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:47:49.0264 0380 EFS - ok
21:47:49.0295 0380 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:47:49.0311 0380 ehRecvr - ok
21:47:49.0327 0380 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:47:49.0327 0380 ehSched - ok
21:47:49.0358 0380 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:47:49.0373 0380 elxstor - ok
21:47:49.0405 0380 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:47:49.0405 0380 EraserUtilRebootDrv - ok
21:47:49.0436 0380 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:47:49.0436 0380 ErrDev - ok
21:47:49.0467 0380 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:47:49.0467 0380 EventSystem - ok
21:47:49.0483 0380 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:47:49.0483 0380 exfat - ok
21:47:49.0498 0380 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:47:49.0498 0380 fastfat - ok
21:47:49.0529 0380 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:47:49.0545 0380 Fax - ok
21:47:49.0576 0380 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:47:49.0576 0380 fdc - ok
21:47:49.0576 0380 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:47:49.0576 0380 fdPHost - ok
21:47:49.0592 0380 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:47:49.0592 0380 FDResPub - ok
21:47:49.0607 0380 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:47:49.0607 0380 FileInfo - ok
21:47:49.0623 0380 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:47:49.0623 0380 Filetrace - ok
21:47:49.0623 0380 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:47:49.0623 0380 flpydisk - ok
21:47:49.0654 0380 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:47:49.0654 0380 FltMgr - ok
21:47:49.0701 0380 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:47:49.0732 0380 FontCache - ok
21:47:49.0795 0380 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:47:49.0795 0380 FontCache3.0.0.0 - ok
21:47:49.0810 0380 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:47:49.0810 0380 FsDepends - ok
21:47:49.0841 0380 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:47:49.0841 0380 Fs_Rec - ok
21:47:49.0873 0380 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:47:49.0873 0380 fvevol - ok
21:47:49.0919 0380 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
21:47:49.0919 0380 FWLANUSB - ok
21:47:49.0997 0380 [ 4632BB93B668004965246D7911E2DD05 ] fwlanusb4 C:\Windows\system32\DRIVERS\fwlanusb4.sys
21:47:50.0029 0380 fwlanusb4 - ok
21:47:50.0091 0380 [ 15585492E45E2F30768B2D5B57929D99 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
21:47:50.0107 0380 fwlanusbn - ok
21:47:50.0107 0380 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:47:50.0107 0380 gagp30kx - ok
21:47:50.0153 0380 [ 5F60F21D3E7D70746242BDBEE5DC93DB ] GKCDTDNS C:\PROGRA~2\GKC\GKCDTDNS\GKCDTDNSNT.exe
21:47:50.0153 0380 GKCDTDNS - ok
21:47:50.0200 0380 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:47:50.0216 0380 gpsvc - ok
21:47:50.0278 0380 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:47:50.0278 0380 gupdate - ok
21:47:50.0294 0380 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:47:50.0294 0380 gupdatem - ok
21:47:50.0341 0380 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:47:50.0341 0380 gusvc - ok
21:47:50.0372 0380 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:47:50.0372 0380 hcw85cir - ok
21:47:50.0403 0380 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:47:50.0419 0380 HdAudAddService - ok
21:47:50.0434 0380 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:47:50.0434 0380 HDAudBus - ok
21:47:50.0450 0380 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:47:50.0450 0380 HidBatt - ok
21:47:50.0465 0380 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:47:50.0465 0380 HidBth - ok
21:47:50.0481 0380 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:47:50.0481 0380 HidIr - ok
21:47:50.0497 0380 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:47:50.0497 0380 hidserv - ok
21:47:50.0512 0380 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:47:50.0512 0380 HidUsb - ok
21:47:50.0543 0380 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:47:50.0543 0380 hkmsvc - ok
21:47:50.0575 0380 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:47:50.0575 0380 HomeGroupListener - ok
21:47:50.0606 0380 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:47:50.0606 0380 HomeGroupProvider - ok
21:47:50.0637 0380 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:47:50.0637 0380 HpSAMD - ok
21:47:50.0653 0380 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:47:50.0653 0380 HTCAND64 - ok
21:47:50.0699 0380 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
21:47:50.0699 0380 htcnprot - ok
21:47:50.0746 0380 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:47:50.0762 0380 HTTP - ok
21:47:50.0777 0380 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:47:50.0777 0380 hwpolicy - ok
21:47:50.0809 0380 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:47:50.0809 0380 i8042prt - ok
21:47:50.0855 0380 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:47:50.0855 0380 iaStorV - ok
21:47:50.0902 0380 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:47:50.0918 0380 idsvc - ok
21:47:50.0996 0380 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20121019.001\IDSvia64.sys
21:47:51.0011 0380 IDSVia64 - ok
21:47:51.0027 0380 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:47:51.0027 0380 iirsp - ok
21:47:51.0074 0380 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:47:51.0105 0380 IKEEXT - ok
21:47:51.0105 0380 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:47:51.0105 0380 intelide - ok
21:47:51.0121 0380 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:47:51.0121 0380 intelppm - ok
21:47:51.0152 0380 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:47:51.0152 0380 IPBusEnum - ok
21:47:51.0167 0380 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:47:51.0167 0380 IpFilterDriver - ok
21:47:51.0199 0380 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:47:51.0214 0380 iphlpsvc - ok
21:47:51.0230 0380 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:47:51.0230 0380 IPMIDRV - ok
21:47:51.0245 0380 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:47:51.0261 0380 IPNAT - ok
21:47:51.0261 0380 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:47:51.0261 0380 IRENUM - ok
21:47:51.0277 0380 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:47:51.0277 0380 isapnp - ok
21:47:51.0292 0380 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:47:51.0292 0380 iScsiPrt - ok
21:47:51.0308 0380 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:47:51.0308 0380 kbdclass - ok
21:47:51.0323 0380 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:47:51.0323 0380 kbdhid - ok
21:47:51.0339 0380 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:47:51.0339 0380 KeyIso - ok
21:47:51.0370 0380 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:47:51.0370 0380 KSecDD - ok
21:47:51.0417 0380 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:47:51.0417 0380 KSecPkg - ok
21:47:51.0448 0380 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:47:51.0448 0380 ksthunk - ok
21:47:51.0479 0380 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:47:51.0479 0380 KtmRm - ok
21:47:51.0511 0380 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:47:51.0511 0380 LanmanServer - ok
21:47:51.0542 0380 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:47:51.0542 0380 LanmanWorkstation - ok
21:47:51.0557 0380 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:47:51.0557 0380 lltdio - ok
21:47:51.0589 0380 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:47:51.0589 0380 lltdsvc - ok
21:47:51.0604 0380 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:47:51.0620 0380 lmhosts - ok
21:47:51.0635 0380 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:47:51.0635 0380 LSI_FC - ok
21:47:51.0651 0380 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:47:51.0651 0380 LSI_SAS - ok
21:47:51.0667 0380 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:47:51.0667 0380 LSI_SAS2 - ok
21:47:51.0682 0380 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:47:51.0682 0380 LSI_SCSI - ok
21:47:51.0698 0380 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:47:51.0698 0380 luafv - ok
21:47:51.0729 0380 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:47:51.0729 0380 LVRS64 - ok
21:47:51.0885 0380 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:47:51.0994 0380 LVUVC64 - ok
21:47:52.0010 0380 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:47:52.0010 0380 Mcx2Svc - ok
21:47:52.0025 0380 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:47:52.0025 0380 megasas - ok
21:47:52.0025 0380 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:47:52.0025 0380 MegaSR - ok
21:47:52.0072 0380 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:47:52.0072 0380 Microsoft Office Groove Audit Service - ok
21:47:52.0088 0380 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:47:52.0088 0380 MMCSS - ok
21:47:52.0103 0380 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:47:52.0103 0380 Modem - ok
21:47:52.0119 0380 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:47:52.0119 0380 monitor - ok
21:47:52.0135 0380 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:47:52.0150 0380 mouclass - ok
21:47:52.0150 0380 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:47:52.0166 0380 mouhid - ok
21:47:52.0181 0380 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:47:52.0181 0380 mountmgr - ok
21:47:52.0228 0380 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:47:52.0244 0380 MozillaMaintenance - ok
21:47:52.0259 0380 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:47:52.0259 0380 mpio - ok
21:47:52.0275 0380 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:47:52.0275 0380 mpsdrv - ok
21:47:52.0306 0380 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:47:52.0337 0380 MpsSvc - ok
21:47:52.0353 0380 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:47:52.0353 0380 MRxDAV - ok
21:47:52.0384 0380 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:47:52.0384 0380 mrxsmb - ok
21:47:52.0415 0380 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:47:52.0415 0380 mrxsmb10 - ok
21:47:52.0431 0380 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:47:52.0447 0380 mrxsmb20 - ok
21:47:52.0478 0380 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:47:52.0478 0380 msahci - ok
21:47:52.0509 0380 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:47:52.0509 0380 msdsm - ok
21:47:52.0525 0380 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:47:52.0540 0380 MSDTC - ok
21:47:52.0556 0380 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:47:52.0571 0380 Msfs - ok
21:47:52.0587 0380 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:47:52.0587 0380 mshidkmdf - ok
21:47:52.0603 0380 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:47:52.0603 0380 msisadrv - ok
21:47:52.0634 0380 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:47:52.0634 0380 MSiSCSI - ok
21:47:52.0649 0380 msiserver - ok
21:47:52.0665 0380 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:47:52.0665 0380 MSKSSRV - ok
21:47:52.0681 0380 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:47:52.0681 0380 MSPCLOCK - ok
21:47:52.0696 0380 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:47:52.0696 0380 MSPQM - ok
21:47:52.0727 0380 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:47:52.0727 0380 MsRPC - ok
21:47:52.0743 0380 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:47:52.0743 0380 mssmbios - ok
21:47:52.0790 0380 MSSQL$SQLEXPRESS - ok
21:47:52.0852 0380 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:47:52.0852 0380 MSSQLServerADHelper100 - ok
21:47:52.0868 0380 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:47:52.0868 0380 MSTEE - ok
21:47:52.0883 0380 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:47:52.0883 0380 MTConfig - ok
21:47:52.0915 0380 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:47:52.0915 0380 MTsensor - ok
21:47:52.0930 0380 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:47:52.0930 0380 Mup - ok
21:47:52.0977 0380 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:47:52.0977 0380 napagent - ok
21:47:53.0024 0380 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:47:53.0024 0380 NativeWifiP - ok
21:47:53.0117 0380 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
21:47:53.0133 0380 NAUpdate - ok
21:47:53.0195 0380 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20121019.022\ENG64.SYS
21:47:53.0195 0380 NAVENG - ok
21:47:53.0258 0380 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20121019.022\EX64.SYS
21:47:53.0289 0380 NAVEX15 - ok
21:47:53.0336 0380 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:47:53.0383 0380 NDIS - ok
21:47:53.0461 0380 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:47:53.0461 0380 NdisCap - ok
21:47:53.0570 0380 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:47:53.0570 0380 NdisTapi - ok
21:47:53.0601 0380 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:47:53.0601 0380 Ndisuio - ok
21:47:53.0648 0380 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:47:53.0648 0380 NdisWan - ok
21:47:53.0679 0380 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:47:53.0679 0380 NDProxy - ok
21:47:53.0695 0380 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:47:53.0695 0380 NetBIOS - ok
21:47:53.0741 0380 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:47:53.0741 0380 NetBT - ok
21:47:53.0757 0380 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:47:53.0757 0380 Netlogon - ok
21:47:53.0788 0380 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:47:53.0804 0380 Netman - ok
21:47:53.0835 0380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:47:53.0835 0380 NetMsmqActivator - ok
21:47:53.0851 0380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:47:53.0851 0380 NetPipeActivator - ok
21:47:53.0882 0380 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:47:53.0882 0380 netprofm - ok
21:47:53.0882 0380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:47:53.0882 0380 NetTcpActivator - ok
21:47:53.0897 0380 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:47:53.0897 0380 NetTcpPortSharing - ok
21:47:53.0913 0380 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:47:53.0913 0380 nfrd960 - ok
21:47:53.0975 0380 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
21:47:53.0975 0380 NIS - ok
21:47:54.0007 0380 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:47:54.0007 0380 NlaSvc - ok
21:47:54.0038 0380 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:47:54.0053 0380 Npfs - ok
21:47:54.0069 0380 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:47:54.0069 0380 nsi - ok
21:47:54.0069 0380 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:47:54.0069 0380 nsiproxy - ok
21:47:54.0147 0380 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:47:54.0178 0380 Ntfs - ok
21:47:54.0209 0380 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:47:54.0209 0380 Null - ok
21:47:54.0256 0380 [ 8EBCB9165EE7F1571842F4D9D624A74C ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:47:54.0256 0380 nusb3hub - ok
21:47:54.0287 0380 [ 5D54DBB12BBFE07CC283FD39F2CD6D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:47:54.0303 0380 nusb3xhc - ok
21:47:54.0319 0380 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:47:54.0319 0380 nvraid - ok
21:47:54.0350 0380 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:47:54.0350 0380 nvstor - ok
21:47:54.0381 0380 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:47:54.0381 0380 nv_agp - ok
21:47:54.0443 0380 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:47:54.0443 0380 odserv - ok
21:47:54.0475 0380 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:47:54.0490 0380 ohci1394 - ok
21:47:54.0521 0380 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:47:54.0521 0380 ose - ok
21:47:54.0553 0380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:47:54.0553 0380 p2pimsvc - ok
21:47:54.0584 0380 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:47:54.0584 0380 p2psvc - ok
21:47:54.0615 0380 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:47:54.0615 0380 Parport - ok
21:47:54.0631 0380 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:47:54.0631 0380 partmgr - ok
21:47:54.0693 0380 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
21:47:54.0693 0380 PassThru Service - ok
21:47:54.0709 0380 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:47:54.0709 0380 PcaSvc - ok
21:47:54.0740 0380 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:47:54.0740 0380 pci - ok
21:47:54.0771 0380 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:47:54.0771 0380 pciide - ok
21:47:54.0787 0380 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:47:54.0802 0380 pcmcia - ok
21:47:54.0818 0380 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:47:54.0818 0380 pcw - ok
21:47:54.0896 0380 [ 054974057FEEB7B4228D8B6C767C4E0F ] PDFProFiltSrvPP C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PaperPort\PDFProFiltSrvPP.exe
21:47:54.0896 0380 PDFProFiltSrvPP - ok
21:47:54.0927 0380 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:47:54.0943 0380 PEAUTH - ok
21:47:54.0989 0380 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:47:55.0021 0380 PeerDistSvc - ok
21:47:55.0099 0380 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:47:55.0099 0380 PerfHost - ok
21:47:55.0177 0380 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:47:55.0223 0380 pla - ok
21:47:55.0270 0380 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:47:55.0270 0380 PlugPlay - ok
21:47:55.0286 0380 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:47:55.0301 0380 PNRPAutoReg - ok
21:47:55.0317 0380 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:47:55.0333 0380 PNRPsvc - ok
21:47:55.0348 0380 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:47:55.0348 0380 PolicyAgent - ok
21:47:55.0379 0380 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:47:55.0379 0380 Power - ok
21:47:55.0395 0380 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:47:55.0395 0380 PptpMiniport - ok
21:47:55.0411 0380 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:47:55.0411 0380 Processor - ok
21:47:55.0442 0380 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:47:55.0442 0380 ProfSvc - ok
21:47:55.0442 0380 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:47:55.0457 0380 ProtectedStorage - ok
21:47:55.0473 0380 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:47:55.0473 0380 Psched - ok
21:47:55.0520 0380 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:47:55.0535 0380 ql2300 - ok
21:47:55.0551 0380 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:47:55.0551 0380 ql40xx - ok
21:47:55.0567 0380 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:47:55.0567 0380 QWAVE - ok
21:47:55.0582 0380 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:47:55.0582 0380 QWAVEdrv - ok
21:47:55.0598 0380 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:47:55.0598 0380 RasAcd - ok
21:47:55.0613 0380 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:47:55.0613 0380 RasAgileVpn - ok
21:47:55.0629 0380 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:47:55.0629 0380 RasAuto - ok
21:47:55.0660 0380 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:47:55.0660 0380 Rasl2tp - ok
21:47:55.0691 0380 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:47:55.0707 0380 RasMan - ok
21:47:55.0707 0380 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:47:55.0723 0380 RasPppoe - ok
21:47:55.0738 0380 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:47:55.0738 0380 RasSstp - ok
21:47:55.0754 0380 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:47:55.0754 0380 rdbss - ok
21:47:55.0769 0380 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:47:55.0769 0380 rdpbus - ok
21:47:55.0769 0380 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:47:55.0769 0380 RDPCDD - ok
21:47:55.0801 0380 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:47:55.0801 0380 RDPDR - ok
21:47:55.0832 0380 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:47:55.0832 0380 RDPENCDD - ok
21:47:55.0847 0380 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:47:55.0847 0380 RDPREFMP - ok
21:47:55.0910 0380 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:47:55.0910 0380 RdpVideoMiniport - ok
21:47:55.0941 0380 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:47:55.0941 0380 RDPWD - ok
21:47:55.0972 0380 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:47:55.0972 0380 rdyboost - ok
21:47:56.0003 0380 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:47:56.0003 0380 RemoteAccess - ok
21:47:56.0019 0380 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:47:56.0035 0380 RemoteRegistry - ok
21:47:56.0066 0380 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:47:56.0066 0380 RFCOMM - ok
21:47:56.0081 0380 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:47:56.0081 0380 RpcEptMapper - ok
21:47:56.0097 0380 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:47:56.0097 0380 RpcLocator - ok
21:47:56.0144 0380 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:47:56.0144 0380 RpcSs - ok
21:47:56.0175 0380 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
21:47:56.0191 0380 RsFx0103 - ok
21:47:56.0206 0380 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:47:56.0206 0380 rspndr - ok
21:47:56.0237 0380 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:47:56.0237 0380 RTL8167 - ok
21:47:56.0269 0380 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:47:56.0269 0380 s3cap - ok
21:47:56.0284 0380 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:47:56.0300 0380 SamSs - ok
21:47:56.0315 0380 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:47:56.0331 0380 sbp2port - ok
21:47:56.0331 0380 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:47:56.0331 0380 SCardSvr - ok
21:47:56.0362 0380 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:47:56.0362 0380 scfilter - ok
21:47:56.0409 0380 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:47:56.0456 0380 Schedule - ok
21:47:56.0487 0380 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:47:56.0487 0380 SCPolicySvc - ok
21:47:56.0518 0380 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:47:56.0518 0380 SDRSVC - ok
21:47:56.0534 0380 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:47:56.0534 0380 secdrv - ok
21:47:56.0565 0380 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:47:56.0565 0380 seclogon - ok
21:47:56.0581 0380 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:47:56.0596 0380 SENS - ok
21:47:56.0596 0380 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:47:56.0596 0380 SensrSvc - ok
21:47:56.0612 0380 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:47:56.0627 0380 Serenum - ok
21:47:56.0643 0380 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:47:56.0643 0380 Serial - ok
21:47:56.0674 0380 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:47:56.0674 0380 sermouse - ok
21:47:56.0705 0380 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:47:56.0705 0380 SessionEnv - ok
21:47:56.0737 0380 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:47:56.0737 0380 sffdisk - ok
21:47:56.0752 0380 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:47:56.0752 0380 sffp_mmc - ok
21:47:56.0768 0380 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:47:56.0768 0380 sffp_sd - ok
21:47:56.0768 0380 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:47:56.0768 0380 sfloppy - ok
21:47:56.0799 0380 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:47:56.0799 0380 SharedAccess - ok
21:47:56.0830 0380 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:47:56.0830 0380 ShellHWDetection - ok
21:47:56.0861 0380 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:47:56.0861 0380 SiSRaid2 - ok
21:47:56.0861 0380 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:47:56.0861 0380 SiSRaid4 - ok
21:47:56.0939 0380 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:47:56.0939 0380 SkypeUpdate - ok
21:47:56.0971 0380 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:47:56.0971 0380 Smb - ok
21:47:56.0986 0380 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:47:56.0986 0380 SNMPTRAP - ok
21:47:57.0002 0380 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:47:57.0002 0380 spldr - ok
21:47:57.0033 0380 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:47:57.0033 0380 Spooler - ok
21:47:57.0127 0380 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:47:57.0189 0380 sppsvc - ok
21:47:57.0205 0380 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:47:57.0205 0380 sppuinotify - ok
21:47:57.0251 0380 [ AA90A319BB067E0D149B4C95608C4B05 ] sptd C:\Windows\system32\Drivers\sptd.sys
21:47:57.0251 0380 sptd - ok
21:47:57.0329 0380 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:47:57.0345 0380 SQLAgent$SQLEXPRESS - ok
21:47:57.0376 0380 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:47:57.0392 0380 SQLBrowser - ok
21:47:57.0407 0380 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:47:57.0407 0380 SQLWriter - ok
21:47:57.0485 0380 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS
21:47:57.0501 0380 SRTSP - ok
21:47:57.0517 0380 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS
21:47:57.0517 0380 SRTSPX - ok
21:47:57.0548 0380 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:47:57.0563 0380 srv - ok
21:47:57.0579 0380 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:47:57.0579 0380 srv2 - ok
21:47:57.0595 0380 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:47:57.0595 0380 srvnet - ok
21:47:57.0626 0380 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:47:57.0626 0380 SSDPSRV - ok
21:47:57.0626 0380 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:47:57.0626 0380 SstpSvc - ok
21:47:57.0673 0380 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:47:57.0673 0380 ssudmdm - ok
21:47:57.0704 0380 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:47:57.0704 0380 stexstor - ok
21:47:57.0751 0380 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:47:57.0766 0380 stisvc - ok
21:47:57.0813 0380 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:47:57.0813 0380 storflt - ok
21:47:57.0829 0380 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:47:57.0829 0380 storvsc - ok
21:47:57.0860 0380 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:47:57.0860 0380 swenum - ok
21:47:57.0891 0380 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:47:57.0907 0380 swprv - ok
21:47:57.0938 0380 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS
21:47:57.0953 0380 SymDS - ok
21:47:57.0985 0380 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS
21:47:58.0000 0380 SymEFA - ok
21:47:58.0016 0380 [ 894579207E39C465737E850A252CE4F2 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:47:58.0016 0380 SymEvent - ok
21:47:58.0031 0380 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS
21:47:58.0047 0380 SymIRON - ok
21:47:58.0063 0380 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS
21:47:58.0063 0380 SymNetS - ok
21:47:58.0078 0380 Synth3dVsc - ok
21:47:58.0141 0380 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:47:58.0187 0380 SysMain - ok
21:47:58.0203 0380 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:47:58.0203 0380 TabletInputService - ok
21:47:58.0234 0380 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:47:58.0250 0380 TapiSrv - ok
21:47:58.0265 0380 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:47:58.0265 0380 TBS - ok
21:47:58.0312 0380 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:47:58.0343 0380 Tcpip - ok
21:47:58.0390 0380 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:47:58.0406 0380 TCPIP6 - ok
21:47:58.0421 0380 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:47:58.0421 0380 tcpipreg - ok
21:47:58.0437 0380 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:47:58.0437 0380 TDPIPE - ok
21:47:58.0468 0380 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:47:58.0468 0380 TDTCP - ok
21:47:58.0484 0380 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:47:58.0499 0380 tdx - ok
21:47:58.0515 0380 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:47:58.0515 0380 TermDD - ok
21:47:58.0562 0380 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:47:58.0624 0380 TermService - ok
21:47:58.0640 0380 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:47:58.0640 0380 Themes - ok
21:47:58.0671 0380 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:47:58.0671 0380 THREADORDER - ok
21:47:58.0702 0380 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:47:58.0702 0380 TrkWks - ok
21:47:58.0733 0380 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:47:58.0749 0380 TrustedInstaller - ok
21:47:58.0780 0380 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:47:58.0780 0380 tssecsrv - ok
21:47:58.0811 0380 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:47:58.0827 0380 TsUsbFlt - ok
21:47:58.0827 0380 tsusbhub - ok
21:47:58.0874 0380 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:47:58.0874 0380 tunnel - ok
21:47:58.0905 0380 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:47:58.0905 0380 uagp35 - ok
21:47:58.0936 0380 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:47:58.0936 0380 udfs - ok
21:47:58.0967 0380 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:47:58.0967 0380 UI0Detect - ok
21:47:58.0983 0380 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:47:58.0983 0380 uliagpkx - ok
21:47:58.0999 0380 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:47:58.0999 0380 umbus - ok
21:47:59.0014 0380 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:47:59.0014 0380 UmPass - ok
21:47:59.0030 0380 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:47:59.0030 0380 UmRdpService - ok
21:47:59.0092 0380 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:47:59.0092 0380 UMVPFSrv - ok
21:47:59.0123 0380 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:47:59.0139 0380 upnphost - ok
21:47:59.0155 0380 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:47:59.0155 0380 usbaudio - ok
21:47:59.0170 0380 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:47:59.0170 0380 usbccgp - ok
21:47:59.0201 0380 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:47:59.0201 0380 usbcir - ok
21:47:59.0217 0380 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:47:59.0217 0380 usbehci - ok
21:47:59.0233 0380 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:47:59.0248 0380 usbhub - ok
21:47:59.0264 0380 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:47:59.0264 0380 usbohci - ok
21:47:59.0264 0380 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:47:59.0264 0380 usbprint - ok
21:47:59.0295 0380 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:47:59.0295 0380 usbscan - ok
21:47:59.0295 0380 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:47:59.0311 0380 USBSTOR - ok
21:47:59.0311 0380 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:47:59.0311 0380 usbuhci - ok
21:47:59.0357 0380 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
21:47:59.0357 0380 usb_rndisx - ok
21:47:59.0357 0380 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:47:59.0373 0380 UxSms - ok
21:47:59.0389 0380 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:47:59.0389 0380 VaultSvc - ok
21:47:59.0404 0380 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:47:59.0404 0380 vdrvroot - ok
21:47:59.0451 0380 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:47:59.0451 0380 vds - ok
21:47:59.0482 0380 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:47:59.0482 0380 vga - ok
21:47:59.0498 0380 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:47:59.0498 0380 VgaSave - ok
21:47:59.0498 0380 VGPU - ok
21:47:59.0513 0380 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:47:59.0513 0380 vhdmp - ok
21:47:59.0529 0380 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:47:59.0529 0380 viaide - ok
21:47:59.0545 0380 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:47:59.0545 0380 vmbus - ok
21:47:59.0560 0380 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:47:59.0560 0380 VMBusHID - ok
21:47:59.0560 0380 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:47:59.0576 0380 volmgr - ok
21:47:59.0591 0380 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:47:59.0607 0380 volmgrx - ok
21:47:59.0607 0380 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:47:59.0623 0380 volsnap - ok
21:47:59.0638 0380 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:47:59.0638 0380 vsmraid - ok
21:47:59.0701 0380 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:47:59.0732 0380 VSS - ok
21:47:59.0763 0380 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:47:59.0763 0380 vwifibus - ok
21:47:59.0794 0380 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:47:59.0810 0380 W32Time - ok
21:47:59.0825 0380 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:47:59.0825 0380 WacomPen - ok
21:47:59.0857 0380 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:47:59.0857 0380 WANARP - ok
21:47:59.0872 0380 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:47:59.0872 0380 Wanarpv6 - ok
21:47:59.0935 0380 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:47:59.0966 0380 WatAdminSvc - ok
21:48:00.0028 0380 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:48:00.0059 0380 wbengine - ok
21:48:00.0075 0380 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:48:00.0075 0380 WbioSrvc - ok
21:48:00.0106 0380 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:48:00.0106 0380 wcncsvc - ok
21:48:00.0122 0380 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:48:00.0122 0380 WcsPlugInService - ok
21:48:00.0137 0380 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:48:00.0137 0380 Wd - ok
21:48:00.0153 0380 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:48:00.0153 0380 Wdf01000 - ok
21:48:00.0169 0380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:48:00.0169 0380 WdiServiceHost - ok
21:48:00.0169 0380 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:48:00.0169 0380 WdiSystemHost - ok
21:48:00.0200 0380 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:48:00.0200 0380 WebClient - ok
21:48:00.0215 0380 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:48:00.0231 0380 Wecsvc - ok
21:48:00.0231 0380 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:48:00.0231 0380 wercplsupport - ok
21:48:00.0262 0380 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:48:00.0262 0380 WerSvc - ok
21:48:00.0262 0380 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:48:00.0262 0380 WfpLwf - ok
21:48:00.0278 0380 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:48:00.0278 0380 WIMMount - ok
21:48:00.0278 0380 WinDefend - ok
21:48:00.0278 0380 WinHttpAutoProxySvc - ok
21:48:00.0309 0380 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:48:00.0309 0380 Winmgmt - ok
21:48:00.0387 0380 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:48:00.0434 0380 WinRM - ok
21:48:00.0465 0380 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
21:48:00.0465 0380 WinUSB - ok
21:48:00.0512 0380 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:48:00.0543 0380 Wlansvc - ok
21:48:00.0637 0380 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:48:00.0699 0380 wlidsvc - ok
21:48:00.0715 0380 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:48:00.0715 0380 WmiAcpi - ok
21:48:00.0730 0380 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:48:00.0730 0380 wmiApSrv - ok
21:48:00.0746 0380 WMPNetworkSvc - ok
21:48:00.0746 0380 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:48:00.0746 0380 WPCSvc - ok
21:48:00.0777 0380 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:48:00.0777 0380 WPDBusEnum - ok
21:48:00.0793 0380 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:48:00.0793 0380 ws2ifsl - ok
21:48:00.0793 0380 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:48:00.0808 0380 wscsvc - ok
21:48:00.0808 0380 WSearch - ok
21:48:00.0886 0380 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:48:00.0933 0380 wuauserv - ok
21:48:00.0964 0380 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:48:00.0964 0380 WudfPf - ok
21:48:00.0980 0380 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:48:00.0995 0380 WUDFRd - ok
21:48:01.0027 0380 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:48:01.0027 0380 wudfsvc - ok
21:48:01.0042 0380 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:48:01.0058 0380 WwanSvc - ok
21:48:01.0105 0380 ================ Scan global ===============================
21:48:01.0120 0380 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:48:01.0151 0380 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:48:01.0167 0380 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:48:01.0183 0380 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:48:01.0198 0380 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:48:01.0214 0380 [Global] - ok
21:48:01.0214 0380 ================ Scan MBR ==================================
21:48:01.0214 0380 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:48:01.0432 0380 \Device\Harddisk0\DR0 - ok
21:48:01.0432 0380 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:48:01.0432 0380 \Device\Harddisk1\DR1 - ok
21:48:01.0448 0380 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
21:48:01.0448 0380 \Device\Harddisk2\DR2 - ok
21:48:01.0448 0380 ================ Scan VBR ==================================
21:48:01.0448 0380 [ 7727ADD017B7C438E69FBC5E4CBC4375 ] \Device\Harddisk0\DR0\Partition1
21:48:01.0448 0380 \Device\Harddisk0\DR0\Partition1 - ok
21:48:01.0463 0380 [ FECADD8468D1A398FA33330B15C54987 ] \Device\Harddisk0\DR0\Partition2
21:48:01.0463 0380 \Device\Harddisk0\DR0\Partition2 - ok
21:48:01.0479 0380 [ F904C8DE9ED8B618A41F5C6178F155EB ] \Device\Harddisk0\DR0\Partition3
21:48:01.0479 0380 \Device\Harddisk0\DR0\Partition3 - ok
21:48:01.0495 0380 [ F14224398E320A269AB8DD09CA29F2FB ] \Device\Harddisk1\DR1\Partition1
21:48:01.0495 0380 \Device\Harddisk1\DR1\Partition1 - ok
21:48:01.0495 0380 [ 7CCC2A91C50F147DCA7AF9705DD3AAFD ] \Device\Harddisk1\DR1\Partition2
21:48:01.0495 0380 \Device\Harddisk1\DR1\Partition2 - ok
21:48:01.0495 0380 [ 327CE04EF78337D41BF4E586C1EF4567 ] \Device\Harddisk2\DR2\Partition1
21:48:01.0495 0380 \Device\Harddisk2\DR2\Partition1 - ok
21:48:01.0495 0380 ============================================================
21:48:01.0495 0380 Scan finished
21:48:01.0495 0380 ============================================================
21:48:01.0510 1264 Detected object count: 0
21:48:01.0510 1264 Actual detected object count: 0
21:59:29.0244 4672 ============================================================
21:59:29.0244 4672 Scan started
21:59:29.0244 4672 Mode: Manual; SigCheck; TDLFS;
21:59:29.0244 4672 ============================================================
21:59:30.0024 4672 ================ Scan system memory ========================
21:59:30.0024 4672 System memory - ok
21:59:30.0024 4672 ================ Scan services =============================
21:59:30.0149 4672 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:59:30.0274 4672 1394ohci - ok
21:59:30.0321 4672 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
21:59:30.0367 4672 acedrv11 - ok
21:59:30.0414 4672 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:59:30.0477 4672 ACPI - ok
21:59:30.0555 4672 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:59:30.0726 4672 AcpiPmi - ok
21:59:30.0945 4672 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:59:30.0976 4672 AdobeFlashPlayerUpdateSvc - ok
21:59:31.0101 4672 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:59:31.0147 4672 adp94xx - ok
21:59:31.0210 4672 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:59:31.0241 4672 adpahci - ok
21:59:31.0303 4672 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:59:31.0335 4672 adpu320 - ok
21:59:31.0366 4672 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:59:31.0725 4672 AeLookupSvc - ok
21:59:31.0834 4672 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:59:31.0912 4672 AFD - ok
21:59:31.0974 4672 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:59:32.0005 4672 agp440 - ok
21:59:32.0052 4672 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:59:32.0208 4672 ALG - ok
21:59:32.0239 4672 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:59:32.0271 4672 aliide - ok
21:59:32.0333 4672 [ 1EA72552BC6AB3A5D02E16A3004B3B97 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:59:32.0505 4672 AMD External Events Utility - ok
21:59:32.0598 4672 AMD FUEL Service - ok
21:59:32.0645 4672 [ DD27F6C3DE9BFE50635C721E09EDC5DD ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
21:59:32.0676 4672 AMD Reservation Manager - ok
21:59:32.0739 4672 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:59:32.0770 4672 amdide - ok
21:59:32.0817 4672 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
21:59:32.0832 4672 amdiox64 - ok
21:59:32.0879 4672 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:59:33.0019 4672 AmdK8 - ok
21:59:33.0425 4672 [ BFA9657ADF7DDC29242A6E0E88DE36FA ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:59:33.0534 4672 amdkmdag - ok
21:59:33.0628 4672 [ 8C493027D9B2399283E724E9862EBB42 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:59:33.0706 4672 amdkmdap - ok
21:59:33.0753 4672 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:59:33.0831 4672 AmdPPM - ok
21:59:33.0877 4672 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:59:33.0893 4672 amdsata - ok
21:59:33.0940 4672 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:59:33.0971 4672 amdsbs - ok
21:59:34.0018 4672 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:59:34.0018 4672 amdxata - ok
21:59:34.0033 4672 AODDriver4.0 - ok
21:59:34.0065 4672 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:59:34.0158 4672 AppID - ok
21:59:34.0189 4672 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:59:34.0283 4672 AppIDSvc - ok
21:59:34.0330 4672 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:59:34.0423 4672 Appinfo - ok
21:59:34.0486 4672 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:59:34.0626 4672 AppMgmt - ok
21:59:34.0689 4672 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:59:34.0735 4672 arc - ok
21:59:34.0751 4672 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:59:34.0767 4672 arcsas - ok
21:59:35.0094 4672 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:59:35.0125 4672 aspnet_state - ok
21:59:35.0157 4672 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:59:35.0266 4672 AsyncMac - ok
21:59:35.0297 4672 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:59:35.0313 4672 atapi - ok
21:59:35.0328 4672 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:59:35.0344 4672 AtiHDAudioService - ok
21:59:35.0515 4672 [ BFA9657ADF7DDC29242A6E0E88DE36FA ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:59:35.0609 4672 atikmdag - ok
21:59:35.0640 4672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:59:35.0671 4672 AudioEndpointBuilder - ok
21:59:35.0687 4672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:59:35.0718 4672 AudioSrv - ok
21:59:35.0765 4672 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:59:35.0796 4672 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
21:59:35.0796 4672 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
21:59:35.0827 4672 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:59:35.0859 4672 avmeject - ok
21:59:35.0890 4672 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:59:35.0968 4672 AxInstSV - ok
21:59:35.0999 4672 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:59:36.0030 4672 b06bdrv - ok
21:59:36.0046 4672 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:59:36.0077 4672 b57nd60a - ok
21:59:36.0093 4672 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:59:36.0124 4672 BDESVC - ok
21:59:36.0139 4672 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:59:36.0202 4672 Beep - ok
21:59:36.0233 4672 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:59:36.0264 4672 BFE - ok
21:59:36.0436 4672 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120928.001\BHDrvx64.sys
21:59:36.0483 4672 BHDrvx64 - ok
21:59:36.0514 4672 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:59:36.0576 4672 BITS - ok
21:59:36.0592 4672 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:59:36.0607 4672 blbdrive - ok
21:59:36.0623 4672 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:59:36.0654 4672 bowser - ok
21:59:36.0670 4672 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:59:36.0748 4672 BrFiltLo - ok
21:59:36.0763 4672 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:59:36.0779 4672 BrFiltUp - ok
21:59:36.0795 4672 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:59:36.0826 4672 Browser - ok
21:59:36.0841 4672 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:59:36.0873 4672 Brserid - ok
21:59:36.0873 4672 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:59:36.0904 4672 BrSerWdm - ok
21:59:36.0919 4672 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:59:36.0935 4672 BrUsbMdm - ok
21:59:36.0951 4672 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:59:36.0966 4672 BrUsbSer - ok
21:59:36.0982 4672 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:59:37.0107 4672 BthEnum - ok
21:59:37.0122 4672 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:59:37.0138 4672 BTHMODEM - ok
21:59:37.0169 4672 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:59:37.0200 4672 BthPan - ok
21:59:37.0231 4672 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:59:37.0278 4672 BTHPORT - ok
21:59:37.0294 4672 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:59:37.0325 4672 bthserv - ok
21:59:37.0356 4672 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:59:37.0372 4672 BTHUSB - ok
21:59:37.0387 4672 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:59:37.0387 4672 btwaudio - ok
21:59:37.0419 4672 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
21:59:37.0434 4672 btwavdt - ok
21:59:37.0497 4672 [ 9B3BD0ECD82CC08409C55A36D8F56B93 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:59:37.0543 4672 btwdins - ok
21:59:37.0575 4672 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:59:37.0575 4672 btwl2cap - ok
21:59:37.0590 4672 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:59:37.0590 4672 btwrchid - ok
21:59:37.0653 4672 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys
21:59:37.0684 4672 ccSet_NIS - ok
21:59:37.0699 4672 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:59:37.0762 4672 cdfs - ok
21:59:37.0809 4672 [ D6696435EEFD7BBDB4226C60A5B343DC ] CDMA Device Service C:\Program Files\SAMSUNG\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
21:59:37.0824 4672 CDMA Device Service ( UnsignedFile.Multi.Generic ) - warning
21:59:37.0824 4672 CDMA Device Service - detected UnsignedFile.Multi.Generic (1)
21:59:37.0855 4672 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:59:37.0902 4672 cdrom - ok
21:59:37.0918 4672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:59:37.0949 4672 CertPropSvc - ok
21:59:37.0965 4672 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:59:37.0980 4672 circlass - ok
21:59:37.0996 4672 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:59:38.0011 4672 CLFS - ok
21:59:38.0043 4672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:59:38.0074 4672 clr_optimization_v2.0.50727_32 - ok
21:59:38.0105 4672 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:59:38.0136 4672 clr_optimization_v2.0.50727_64 - ok
21:59:38.0355 4672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:59:38.0386 4672 clr_optimization_v4.0.30319_32 - ok
21:59:38.0401 4672 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:59:38.0417 4672 clr_optimization_v4.0.30319_64 - ok
21:59:38.0417 4672 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:59:38.0448 4672 CmBatt - ok
21:59:38.0464 4672 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:59:38.0479 4672 cmdide - ok
21:59:38.0511 4672 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:59:38.0526 4672 CNG - ok
21:59:38.0542 4672 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:59:38.0557 4672 Compbatt - ok
21:59:38.0589 4672 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:59:38.0604 4672 CompositeBus - ok
21:59:38.0604 4672 COMSysApp - ok
21:59:38.0620 4672 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:59:38.0635 4672 crcdisk - ok
21:59:38.0667 4672 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:59:38.0698 4672 CryptSvc - ok
21:59:38.0713 4672 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:59:38.0760 4672 CSC - ok
21:59:38.0791 4672 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:59:38.0823 4672 CscService - ok
21:59:38.0854 4672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:59:38.0901 4672 DcomLaunch - ok
21:59:38.0932 4672 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:59:38.0994 4672 defragsvc - ok
21:59:39.0010 4672 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:59:39.0041 4672 DfsC - ok
21:59:39.0072 4672 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:59:39.0088 4672 dg_ssudbus - ok
21:59:39.0103 4672 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:59:39.0150 4672 Dhcp - ok
21:59:39.0150 4672 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:59:39.0197 4672 discache - ok
21:59:39.0197 4672 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:59:39.0213 4672 Disk - ok
21:59:39.0213 4672 dlbk_device - ok
21:59:39.0259 4672 [ A77C2DF75A947CDD5C1F26039361F48C ] DLNADB C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Status Monitor\dlp1Adb.exe
21:59:39.0275 4672 DLNADB - ok
21:59:39.0291 4672 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:59:39.0322 4672 Dnscache - ok
21:59:39.0353 4672 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:59:39.0415 4672 dot3svc - ok
21:59:39.0447 4672 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:59:39.0509 4672 DPS - ok
21:59:39.0525 4672 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:59:39.0540 4672 drmkaud - ok
21:59:39.0571 4672 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:59:39.0587 4672 DXGKrnl - ok
21:59:39.0618 4672 [ C3CDC19B715514200F5CEC8BE5B9C9A8 ] Dyn Updater C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
21:59:39.0634 4672 Dyn Updater - ok
21:59:39.0649 4672 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:59:39.0681 4672 EapHost - ok
21:59:39.0759 4672 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:59:39.0805 4672 ebdrv - ok
21:59:39.0837 4672 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:59:39.0852 4672 eeCtrl - ok
21:59:39.0868 4672 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:59:39.0883 4672 EFS - ok
21:59:39.0915 4672 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:59:39.0946 4672 ehRecvr - ok
21:59:39.0961 4672 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:59:39.0977 4672 ehSched - ok
21:59:39.0993 4672 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
|
|
20.10.2012, 21:17
| #11 |
| | ukash trojaner Und TDSKiller Log Teil 2 Code:
ATTFilter 21:59:40.0008 4672 elxstor - ok
21:59:40.0039 4672 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:59:40.0039 4672 EraserUtilRebootDrv - ok
21:59:40.0055 4672 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:59:40.0071 4672 ErrDev - ok
21:59:40.0086 4672 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:59:40.0117 4672 EventSystem - ok
21:59:40.0133 4672 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:59:40.0164 4672 exfat - ok
21:59:40.0180 4672 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:59:40.0211 4672 fastfat - ok
21:59:40.0242 4672 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:59:40.0289 4672 Fax - ok
21:59:40.0289 4672 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:59:40.0305 4672 fdc - ok
21:59:40.0320 4672 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:59:40.0351 4672 fdPHost - ok
21:59:40.0367 4672 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:59:40.0383 4672 FDResPub - ok
21:59:40.0398 4672 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:59:40.0414 4672 FileInfo - ok
21:59:40.0414 4672 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:59:40.0445 4672 Filetrace - ok
21:59:40.0461 4672 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:59:40.0476 4672 flpydisk - ok
21:59:40.0507 4672 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:59:40.0523 4672 FltMgr - ok
21:59:40.0554 4672 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:59:40.0585 4672 FontCache - ok
21:59:40.0632 4672 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:59:40.0663 4672 FontCache3.0.0.0 - ok
21:59:40.0695 4672 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:59:40.0710 4672 FsDepends - ok
21:59:40.0726 4672 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:59:40.0741 4672 Fs_Rec - ok
21:59:40.0773 4672 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:59:40.0788 4672 fvevol - ok
21:59:40.0804 4672 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
21:59:40.0835 4672 FWLANUSB - ok
21:59:40.0882 4672 [ 4632BB93B668004965246D7911E2DD05 ] fwlanusb4 C:\Windows\system32\DRIVERS\fwlanusb4.sys
21:59:40.0913 4672 fwlanusb4 - ok
21:59:40.0960 4672 [ 15585492E45E2F30768B2D5B57929D99 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
21:59:40.0991 4672 fwlanusbn - ok
21:59:41.0007 4672 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:59:41.0022 4672 gagp30kx - ok
21:59:41.0069 4672 [ 5F60F21D3E7D70746242BDBEE5DC93DB ] GKCDTDNS C:\PROGRA~2\GKC\GKCDTDNS\GKCDTDNSNT.exe
21:59:41.0069 4672 GKCDTDNS ( UnsignedFile.Multi.Generic ) - warning
21:59:41.0069 4672 GKCDTDNS - detected UnsignedFile.Multi.Generic (1)
21:59:41.0116 4672 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:59:41.0178 4672 gpsvc - ok
21:59:41.0225 4672 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:41.0256 4672 gupdate - ok
21:59:41.0256 4672 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:41.0272 4672 gupdatem - ok
21:59:41.0303 4672 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:59:41.0319 4672 gusvc - ok
21:59:41.0319 4672 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:59:41.0365 4672 hcw85cir - ok
21:59:41.0381 4672 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:59:41.0412 4672 HdAudAddService - ok
21:59:41.0412 4672 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:59:41.0443 4672 HDAudBus - ok
21:59:41.0443 4672 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:59:41.0459 4672 HidBatt - ok
21:59:41.0475 4672 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:59:41.0490 4672 HidBth - ok
21:59:41.0490 4672 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:59:41.0521 4672 HidIr - ok
21:59:41.0537 4672 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:59:41.0568 4672 hidserv - ok
21:59:41.0599 4672 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:59:41.0599 4672 HidUsb - ok
21:59:41.0631 4672 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:59:41.0693 4672 hkmsvc - ok
21:59:41.0709 4672 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:59:41.0724 4672 HomeGroupListener - ok
21:59:41.0755 4672 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:59:41.0787 4672 HomeGroupProvider - ok
21:59:41.0802 4672 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:59:41.0818 4672 HpSAMD - ok
21:59:41.0849 4672 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:59:41.0880 4672 HTCAND64 - ok
21:59:41.0911 4672 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
21:59:41.0911 4672 htcnprot - ok
21:59:41.0943 4672 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:59:41.0989 4672 HTTP - ok
21:59:42.0021 4672 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:59:42.0036 4672 hwpolicy - ok
21:59:42.0052 4672 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:59:42.0067 4672 i8042prt - ok
21:59:42.0099 4672 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:59:42.0114 4672 iaStorV - ok
21:59:42.0130 4672 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:59:42.0145 4672 idsvc - ok
21:59:42.0223 4672 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20121019.001\IDSvia64.sys
21:59:42.0270 4672 IDSVia64 - ok
21:59:42.0301 4672 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:59:42.0333 4672 iirsp - ok
21:59:42.0364 4672 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:59:42.0395 4672 IKEEXT - ok
21:59:42.0411 4672 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:59:42.0426 4672 intelide - ok
21:59:42.0442 4672 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:59:42.0457 4672 intelppm - ok
21:59:42.0457 4672 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:59:42.0504 4672 IPBusEnum - ok
21:59:42.0520 4672 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:59:42.0551 4672 IpFilterDriver - ok
21:59:42.0582 4672 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:59:42.0613 4672 iphlpsvc - ok
21:59:42.0629 4672 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:59:42.0645 4672 IPMIDRV - ok
21:59:42.0660 4672 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:59:42.0691 4672 IPNAT - ok
21:59:42.0691 4672 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:59:42.0769 4672 IRENUM - ok
21:59:42.0785 4672 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:59:42.0801 4672 isapnp - ok
21:59:42.0832 4672 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:59:42.0847 4672 iScsiPrt - ok
21:59:42.0863 4672 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:59:42.0863 4672 kbdclass - ok
21:59:42.0894 4672 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:59:42.0894 4672 kbdhid - ok
21:59:42.0910 4672 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:59:42.0925 4672 KeyIso - ok
21:59:42.0957 4672 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:59:42.0957 4672 KSecDD - ok
21:59:42.0988 4672 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:59:43.0019 4672 KSecPkg - ok
21:59:43.0050 4672 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:59:43.0097 4672 ksthunk - ok
21:59:43.0113 4672 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:59:43.0144 4672 KtmRm - ok
21:59:43.0159 4672 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:59:43.0191 4672 LanmanServer - ok
21:59:43.0206 4672 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:59:43.0237 4672 LanmanWorkstation - ok
21:59:43.0253 4672 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:59:43.0284 4672 lltdio - ok
21:59:43.0315 4672 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:59:43.0362 4672 lltdsvc - ok
21:59:43.0362 4672 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:59:43.0393 4672 lmhosts - ok
21:59:43.0456 4672 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:59:43.0487 4672 LSI_FC - ok
21:59:43.0503 4672 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:59:43.0503 4672 LSI_SAS - ok
21:59:43.0518 4672 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:59:43.0534 4672 LSI_SAS2 - ok
21:59:43.0549 4672 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:59:43.0549 4672 LSI_SCSI - ok
21:59:43.0565 4672 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:59:43.0596 4672 luafv - ok
21:59:43.0627 4672 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:59:43.0643 4672 LVRS64 - ok
21:59:43.0752 4672 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:59:43.0830 4672 LVUVC64 - ok
21:59:43.0846 4672 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:59:43.0861 4672 Mcx2Svc - ok
21:59:43.0877 4672 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:59:43.0893 4672 megasas - ok
21:59:43.0893 4672 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:59:43.0908 4672 MegaSR - ok
21:59:43.0939 4672 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:59:43.0971 4672 Microsoft Office Groove Audit Service - ok
21:59:44.0002 4672 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:59:44.0033 4672 MMCSS - ok
21:59:44.0049 4672 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:59:44.0080 4672 Modem - ok
21:59:44.0095 4672 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:59:44.0111 4672 monitor - ok
21:59:44.0111 4672 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:59:44.0127 4672 mouclass - ok
21:59:44.0127 4672 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:59:44.0158 4672 mouhid - ok
21:59:44.0173 4672 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:59:44.0189 4672 mountmgr - ok
21:59:44.0205 4672 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:59:44.0220 4672 MozillaMaintenance - ok
21:59:44.0236 4672 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:59:44.0236 4672 mpio - ok
21:59:44.0251 4672 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:59:44.0267 4672 mpsdrv - ok
21:59:44.0298 4672 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:59:44.0329 4672 MpsSvc - ok
21:59:44.0345 4672 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:59:44.0361 4672 MRxDAV - ok
21:59:44.0392 4672 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:59:44.0439 4672 mrxsmb - ok
21:59:44.0470 4672 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:59:44.0501 4672 mrxsmb10 - ok
21:59:44.0517 4672 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:59:44.0532 4672 mrxsmb20 - ok
21:59:44.0563 4672 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:59:44.0563 4672 msahci - ok
21:59:44.0595 4672 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:59:44.0610 4672 msdsm - ok
21:59:44.0626 4672 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:59:44.0641 4672 MSDTC - ok
21:59:44.0657 4672 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:59:44.0688 4672 Msfs - ok
21:59:44.0688 4672 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:59:44.0735 4672 mshidkmdf - ok
21:59:44.0751 4672 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:59:44.0766 4672 msisadrv - ok
21:59:44.0782 4672 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:59:44.0813 4672 MSiSCSI - ok
21:59:44.0813 4672 msiserver - ok
21:59:44.0829 4672 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:59:44.0860 4672 MSKSSRV - ok
21:59:44.0875 4672 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:59:44.0891 4672 MSPCLOCK - ok
21:59:44.0907 4672 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:59:44.0938 4672 MSPQM - ok
21:59:44.0969 4672 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:59:44.0985 4672 MsRPC - ok
21:59:45.0000 4672 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:59:45.0000 4672 mssmbios - ok
21:59:45.0047 4672 MSSQL$SQLEXPRESS - ok
21:59:45.0109 4672 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:59:45.0125 4672 MSSQLServerADHelper100 - ok
21:59:45.0141 4672 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:59:45.0187 4672 MSTEE - ok
21:59:45.0187 4672 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:59:45.0203 4672 MTConfig - ok
21:59:45.0219 4672 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:59:45.0234 4672 MTsensor - ok
21:59:45.0250 4672 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:59:45.0250 4672 Mup - ok
21:59:45.0328 4672 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:59:45.0421 4672 napagent - ok
21:59:45.0437 4672 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:59:45.0484 4672 NativeWifiP - ok
21:59:45.0609 4672 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
21:59:45.0640 4672 NAUpdate - ok
21:59:45.0733 4672 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20121019.022\ENG64.SYS
21:59:45.0765 4672 NAVENG - ok
21:59:45.0921 4672 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20121019.022\EX64.SYS
21:59:45.0967 4672 NAVEX15 - ok
21:59:45.0999 4672 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:59:46.0030 4672 NDIS - ok
21:59:46.0030 4672 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:59:46.0061 4672 NdisCap - ok
21:59:46.0061 4672 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:59:46.0092 4672 NdisTapi - ok
21:59:46.0123 4672 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:59:46.0155 4672 Ndisuio - ok
21:59:46.0170 4672 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:59:46.0233 4672 NdisWan - ok
21:59:46.0248 4672 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:59:46.0295 4672 NDProxy - ok
21:59:46.0295 4672 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:59:46.0404 4672 NetBIOS - ok
21:59:46.0482 4672 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:59:46.0591 4672 NetBT - ok
21:59:46.0607 4672 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:59:46.0623 4672 Netlogon - ok
21:59:46.0654 4672 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:59:46.0732 4672 Netman - ok
21:59:46.0763 4672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:46.0794 4672 NetMsmqActivator - ok
21:59:46.0794 4672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:46.0810 4672 NetPipeActivator - ok
21:59:46.0825 4672 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:59:46.0872 4672 netprofm - ok
21:59:46.0872 4672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:46.0872 4672 NetTcpActivator - ok
21:59:46.0888 4672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:46.0888 4672 NetTcpPortSharing - ok
21:59:46.0903 4672 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:59:46.0919 4672 nfrd960 - ok
21:59:46.0966 4672 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
21:59:46.0997 4672 NIS - ok
21:59:47.0028 4672 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:59:47.0059 4672 NlaSvc - ok
21:59:47.0075 4672 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:59:47.0091 4672 Npfs - ok
21:59:47.0106 4672 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:59:47.0137 4672 nsi - ok
21:59:47.0137 4672 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:59:47.0169 4672 nsiproxy - ok
21:59:47.0215 4672 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:59:47.0247 4672 Ntfs - ok
21:59:47.0247 4672 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:59:47.0293 4672 Null - ok
21:59:47.0309 4672 [ 8EBCB9165EE7F1571842F4D9D624A74C ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:59:47.0340 4672 nusb3hub - ok
21:59:47.0371 4672 [ 5D54DBB12BBFE07CC283FD39F2CD6D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:59:47.0403 4672 nusb3xhc - ok
21:59:47.0418 4672 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:59:47.0434 4672 nvraid - ok
21:59:47.0449 4672 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:59:47.0465 4672 nvstor - ok
21:59:47.0481 4672 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:59:47.0481 4672 nv_agp - ok
21:59:47.0543 4672 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:59:47.0590 4672 odserv - ok
21:59:47.0605 4672 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:59:47.0621 4672 ohci1394 - ok
21:59:47.0637 4672 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:59:47.0652 4672 ose - ok
21:59:47.0683 4672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:59:47.0699 4672 p2pimsvc - ok
21:59:47.0715 4672 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:59:47.0730 4672 p2psvc - ok
21:59:47.0746 4672 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:59:47.0746 4672 Parport - ok
21:59:47.0777 4672 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:59:47.0777 4672 partmgr - ok
21:59:47.0808 4672 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
21:59:47.0839 4672 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
21:59:47.0839 4672 PassThru Service - detected UnsignedFile.Multi.Generic (1)
21:59:47.0855 4672 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:59:47.0886 4672 PcaSvc - ok
21:59:47.0886 4672 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:59:47.0902 4672 pci - ok
21:59:47.0933 4672 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:59:47.0933 4672 pciide - ok
21:59:47.0949 4672 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:59:47.0964 4672 pcmcia - ok
21:59:47.0964 4672 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:59:47.0980 4672 pcw - ok
21:59:48.0027 4672 [ 054974057FEEB7B4228D8B6C767C4E0F ] PDFProFiltSrvPP C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PaperPort\PDFProFiltSrvPP.exe
21:59:48.0027 4672 PDFProFiltSrvPP - ok
21:59:48.0058 4672 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:59:48.0105 4672 PEAUTH - ok
21:59:48.0136 4672 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:59:48.0167 4672 PeerDistSvc - ok
21:59:48.0229 4672 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:59:48.0245 4672 PerfHost - ok
21:59:48.0292 4672 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:59:48.0339 4672 pla - ok
21:59:48.0370 4672 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:59:48.0385 4672 PlugPlay - ok
21:59:48.0401 4672 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:59:48.0417 4672 PNRPAutoReg - ok
21:59:48.0448 4672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:59:48.0463 4672 PNRPsvc - ok
21:59:48.0479 4672 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:59:48.0526 4672 PolicyAgent - ok
21:59:48.0557 4672 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:59:48.0604 4672 Power - ok
21:59:48.0619 4672 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:59:48.0682 4672 PptpMiniport - ok
21:59:48.0697 4672 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:59:48.0697 4672 Processor - ok
21:59:48.0729 4672 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:59:48.0775 4672 ProfSvc - ok
21:59:48.0791 4672 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:59:48.0791 4672 ProtectedStorage - ok
21:59:48.0822 4672 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:59:48.0853 4672 Psched - ok
21:59:48.0885 4672 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:59:48.0916 4672 ql2300 - ok
21:59:48.0931 4672 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:59:48.0931 4672 ql40xx - ok
21:59:48.0963 4672 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:59:48.0978 4672 QWAVE - ok
21:59:48.0994 4672 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:59:49.0025 4672 QWAVEdrv - ok
21:59:49.0025 4672 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:59:49.0056 4672 RasAcd - ok
21:59:49.0072 4672 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:59:49.0103 4672 RasAgileVpn - ok
21:59:49.0103 4672 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:59:49.0150 4672 RasAuto - ok
21:59:49.0165 4672 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:59:49.0197 4672 Rasl2tp - ok
21:59:49.0228 4672 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:59:49.0259 4672 RasMan - ok
21:59:49.0275 4672 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:59:49.0290 4672 RasPppoe - ok
21:59:49.0306 4672 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:59:49.0321 4672 RasSstp - ok
21:59:49.0353 4672 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:59:49.0384 4672 rdbss - ok
21:59:49.0384 4672 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:59:49.0399 4672 rdpbus - ok
21:59:49.0415 4672 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:59:49.0431 4672 RDPCDD - ok
21:59:49.0462 4672 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:59:49.0493 4672 RDPDR - ok
21:59:49.0509 4672 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:59:49.0540 4672 RDPENCDD - ok
21:59:49.0555 4672 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:59:49.0587 4672 RDPREFMP - ok
21:59:49.0633 4672 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:59:49.0680 4672 RdpVideoMiniport - ok
21:59:49.0711 4672 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:59:49.0774 4672 RDPWD - ok
21:59:49.0805 4672 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:59:49.0836 4672 rdyboost - ok
21:59:49.0852 4672 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:59:49.0899 4672 RemoteAccess - ok
21:59:49.0914 4672 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:59:49.0961 4672 RemoteRegistry - ok
21:59:49.0977 4672 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:59:49.0992 4672 RFCOMM - ok
21:59:50.0008 4672 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:59:50.0055 4672 RpcEptMapper - ok
21:59:50.0070 4672 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:59:50.0101 4672 RpcLocator - ok
21:59:50.0133 4672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:59:50.0195 4672 RpcSs - ok
21:59:50.0211 4672 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
21:59:50.0226 4672 RsFx0103 - ok
21:59:50.0242 4672 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:59:50.0273 4672 rspndr - ok
21:59:50.0304 4672 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:59:50.0367 4672 RTL8167 - ok
21:59:50.0398 4672 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:59:50.0445 4672 s3cap - ok
21:59:50.0460 4672 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:59:50.0476 4672 SamSs - ok
21:59:50.0507 4672 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:59:50.0523 4672 sbp2port - ok
21:59:50.0538 4672 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:59:50.0585 4672 SCardSvr - ok
21:59:50.0601 4672 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:59:50.0632 4672 scfilter - ok
21:59:50.0679 4672 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:59:50.0757 4672 Schedule - ok
21:59:50.0788 4672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:59:50.0850 4672 SCPolicySvc - ok
21:59:50.0866 4672 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:59:50.0897 4672 SDRSVC - ok
21:59:50.0897 4672 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:59:50.0928 4672 secdrv - ok
21:59:50.0944 4672 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:59:50.0975 4672 seclogon - ok
21:59:50.0991 4672 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:59:51.0022 4672 SENS - ok
21:59:51.0022 4672 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:59:51.0037 4672 SensrSvc - ok
21:59:51.0053 4672 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:59:51.0053 4672 Serenum - ok
21:59:51.0069 4672 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:59:51.0084 4672 Serial - ok
21:59:51.0100 4672 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:59:51.0115 4672 sermouse - ok
21:59:51.0147 4672 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:59:51.0209 4672 SessionEnv - ok
21:59:51.0225 4672 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:59:51.0256 4672 sffdisk - ok
21:59:51.0271 4672 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:59:51.0287 4672 sffp_mmc - ok
21:59:51.0303 4672 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:59:51.0318 4672 sffp_sd - ok
21:59:51.0318 4672 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:59:51.0349 4672 sfloppy - ok
21:59:51.0365 4672 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:59:51.0412 4672 SharedAccess - ok
21:59:51.0443 4672 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:59:51.0474 4672 ShellHWDetection - ok
21:59:51.0490 4672 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:59:51.0505 4672 SiSRaid2 - ok
21:59:51.0505 4672 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:59:51.0521 4672 SiSRaid4 - ok
21:59:51.0552 4672 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:59:51.0583 4672 SkypeUpdate - ok
21:59:51.0599 4672 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:59:51.0646 4672 Smb - ok
21:59:51.0661 4672 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:59:51.0661 4672 SNMPTRAP - ok
21:59:51.0677 4672 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:59:51.0677 4672 spldr - ok
21:59:51.0724 4672 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:59:51.0739 4672 Spooler - ok
21:59:51.0849 4672 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:59:51.0911 4672 sppsvc - ok
21:59:51.0927 4672 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:59:51.0958 4672 sppuinotify - ok
21:59:51.0989 4672 [ AA90A319BB067E0D149B4C95608C4B05 ] sptd C:\Windows\system32\Drivers\sptd.sys
21:59:52.0005 4672 sptd - ok
21:59:52.0083 4672 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:59:52.0114 4672 SQLAgent$SQLEXPRESS - ok
21:59:52.0161 4672 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:59:52.0176 4672 SQLBrowser - ok
21:59:52.0192 4672 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:59:52.0207 4672 SQLWriter - ok
21:59:52.0270 4672 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS
21:59:52.0332 4672 SRTSP - ok
21:59:52.0332 4672 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS
21:59:52.0348 4672 SRTSPX - ok
21:59:52.0379 4672 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:59:52.0410 4672 srv - ok
21:59:52.0426 4672 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:59:52.0457 4672 srv2 - ok
21:59:52.0473 4672 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:59:52.0488 4672 srvnet - ok
21:59:52.0504 4672 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:59:52.0535 4672 SSDPSRV - ok
21:59:52.0551 4672 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:59:52.0566 4672 SstpSvc - ok
21:59:52.0597 4672 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:59:52.0613 4672 ssudmdm - ok
21:59:52.0629 4672 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:59:52.0629 4672 stexstor - ok
21:59:52.0660 4672 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:59:52.0691 4672 stisvc - ok
21:59:52.0722 4672 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:59:52.0722 4672 storflt - ok
21:59:52.0753 4672 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:59:52.0753 4672 storvsc - ok
21:59:52.0785 4672 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:59:52.0785 4672 swenum - ok
21:59:52.0816 4672 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:59:52.0847 4672 swprv - ok
21:59:52.0878 4672 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS
21:59:52.0894 4672 SymDS - ok
21:59:52.0941 4672 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS
21:59:52.0987 4672 SymEFA - ok
21:59:53.0019 4672 [ 894579207E39C465737E850A252CE4F2 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:59:53.0034 4672 SymEvent - ok
21:59:53.0050 4672 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS
21:59:53.0065 4672 SymIRON - ok
21:59:53.0081 4672 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS
21:59:53.0097 4672 SymNetS - ok
21:59:53.0112 4672 Synth3dVsc - ok
21:59:53.0159 4672 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:59:53.0206 4672 SysMain - ok
21:59:53.0221 4672 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:59:53.0237 4672 TabletInputService - ok
21:59:53.0268 4672 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:59:53.0299 4672 TapiSrv - ok
21:59:53.0299 4672 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:59:53.0346 4672 TBS - ok
21:59:53.0393 4672 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:59:53.0424 4672 Tcpip - ok
21:59:53.0455 4672 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:59:53.0487 4672 TCPIP6 - ok
21:59:53.0502 4672 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:59:53.0549 4672 tcpipreg - ok
21:59:53.0565 4672 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:59:53.0580 4672 TDPIPE - ok
21:59:53.0596 4672 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:59:53.0611 4672 TDTCP - ok
21:59:53.0643 4672 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:59:53.0705 4672 tdx - ok
21:59:53.0721 4672 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:59:53.0736 4672 TermDD - ok
21:59:53.0767 4672 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:59:53.0830 4672 TermService - ok
21:59:53.0830 4672 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:59:53.0861 4672 Themes - ok
21:59:53.0877 4672 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:59:53.0892 4672 THREADORDER - ok
21:59:53.0908 4672 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:59:53.0939 4672 TrkWks - ok
21:59:53.0970 4672 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:59:54.0033 4672 TrustedInstaller - ok
21:59:54.0048 4672 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:59:54.0079 4672 tssecsrv - ok
21:59:54.0095 4672 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:59:54.0111 4672 TsUsbFlt - ok
21:59:54.0126 4672 tsusbhub - ok
21:59:54.0157 4672 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:59:54.0204 4672 tunnel - ok
21:59:54.0220 4672 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:59:54.0220 4672 uagp35 - ok
21:59:54.0251 4672 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:59:54.0282 4672 udfs - ok
21:59:54.0298 4672 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:59:54.0298 4672 UI0Detect - ok
21:59:54.0313 4672 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:59:54.0313 4672 uliagpkx - ok
21:59:54.0329 4672 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:59:54.0360 4672 umbus - ok
21:59:54.0360 4672 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:59:54.0376 4672 UmPass - ok
21:59:54.0391 4672 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:59:54.0407 4672 UmRdpService - ok
21:59:54.0454 4672 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:59:54.0469 4672 UMVPFSrv - ok
21:59:54.0485 4672 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:59:54.0501 4672 upnphost - ok
21:59:54.0516 4672 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:59:54.0532 4672 usbaudio - ok
21:59:54.0532 4672 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:59:54.0563 4672 usbccgp - ok
21:59:54.0579 4672 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:59:54.0594 4672 usbcir - ok
21:59:54.0594 4672 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:59:54.0625 4672 usbehci - ok
21:59:54.0641 4672 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:59:54.0672 4672 usbhub - ok
21:59:54.0688 4672 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:59:54.0703 4672 usbohci - ok
21:59:54.0719 4672 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:59:54.0735 4672 usbprint - ok
21:59:54.0750 4672 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:59:54.0766 4672 usbscan - ok
21:59:54.0766 4672 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:59:54.0797 4672 USBSTOR - ok
21:59:54.0813 4672 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:59:54.0828 4672 usbuhci - ok
21:59:54.0844 4672 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
21:59:54.0875 4672 usb_rndisx - ok
21:59:54.0891 4672 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:59:54.0937 4672 UxSms - ok
21:59:54.0937 4672 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:59:54.0953 4672 VaultSvc - ok
21:59:54.0953 4672 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:59:54.0969 4672 vdrvroot - ok
21:59:55.0000 4672 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:59:55.0031 4672 vds - ok
21:59:55.0047 4672 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:59:55.0062 4672 vga - ok
21:59:55.0062 4672 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:59:55.0093 4672 VgaSave - ok
21:59:55.0093 4672 VGPU - ok
21:59:55.0125 4672 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:59:55.0140 4672 vhdmp - ok
21:59:55.0140 4672 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:59:55.0156 4672 viaide - ok
21:59:55.0171 4672 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:59:55.0187 4672 vmbus - ok
21:59:55.0187 4672 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:59:55.0203 4672 VMBusHID - ok
21:59:55.0218 4672 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:59:55.0234 4672 volmgr - ok
21:59:55.0265 4672 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:59:55.0265 4672 volmgrx - ok
21:59:55.0281 4672 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:59:55.0296 4672 volsnap - ok
21:59:55.0296 4672 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:59:55.0312 4672 vsmraid - ok
21:59:55.0359 4672 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:59:55.0405 4672 VSS - ok
21:59:55.0405 4672 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:59:55.0421 4672 vwifibus - ok
21:59:55.0452 4672 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:59:55.0483 4672 W32Time - ok
21:59:55.0483 4672 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:59:55.0515 4672 WacomPen - ok
21:59:55.0515 4672 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:59:55.0546 4672 WANARP - ok
21:59:55.0546 4672 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:59:55.0561 4672 Wanarpv6 - ok
21:59:55.0624 4672 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:59:55.0655 4672 WatAdminSvc - ok
21:59:55.0702 4672 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:59:55.0733 4672 wbengine - ok
21:59:55.0749 4672 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:59:55.0764 4672 WbioSrvc - ok
21:59:55.0780 4672 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:59:55.0795 4672 wcncsvc - ok
21:59:55.0811 4672 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:59:55.0827 4672 WcsPlugInService - ok
21:59:55.0842 4672 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:59:55.0842 4672 Wd - ok
21:59:55.0858 4672 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:59:55.0873 4672 Wdf01000 - ok
21:59:55.0889 4672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:59:55.0936 4672 WdiServiceHost - ok
21:59:55.0936 4672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:59:55.0951 4672 WdiSystemHost - ok
21:59:55.0983 4672 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:59:56.0029 4672 WebClient - ok
21:59:56.0045 4672 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:59:56.0092 4672 Wecsvc - ok
21:59:56.0107 4672 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:59:56.0139 4672 wercplsupport - ok
21:59:56.0154 4672 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:59:56.0185 4672 WerSvc - ok
21:59:56.0185 4672 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:59:56.0217 4672 WfpLwf - ok
21:59:56.0217 4672 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:59:56.0232 4672 WIMMount - ok
21:59:56.0248 4672 WinDefend - ok
21:59:56.0248 4672 WinHttpAutoProxySvc - ok
21:59:56.0279 4672 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:59:56.0310 4672 Winmgmt - ok
21:59:56.0388 4672 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:59:56.0435 4672 WinRM - ok
21:59:56.0466 4672 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
21:59:56.0482 4672 WinUSB - ok
21:59:56.0498 4672 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:59:56.0529 4672 Wlansvc - ok
21:59:56.0622 4672 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:59:56.0654 4672 wlidsvc - ok
21:59:56.0685 4672 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:59:56.0700 4672 WmiAcpi - ok
21:59:56.0716 4672 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:59:56.0732 4672 wmiApSrv - ok
21:59:56.0747 4672 WMPNetworkSvc - ok
21:59:56.0747 4672 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:59:56.0763 4672 WPCSvc - ok
21:59:56.0778 4672 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:59:56.0794 4672 WPDBusEnum - ok
21:59:56.0810 4672 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:59:56.0841 4672 ws2ifsl - ok
21:59:56.0841 4672 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:59:56.0872 4672 wscsvc - ok
21:59:56.0872 4672 WSearch - ok
21:59:56.0950 4672 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:59:56.0981 4672 wuauserv - ok
21:59:57.0012 4672 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:59:57.0044 4672 WudfPf - ok
21:59:57.0059 4672 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:59:57.0090 4672 WUDFRd - ok
21:59:57.0122 4672 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:59:57.0137 4672 wudfsvc - ok
21:59:57.0153 4672 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:59:57.0168 4672 WwanSvc - ok
21:59:57.0184 4672 ================ Scan global ===============================
21:59:57.0200 4672 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:59:57.0215 4672 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:59:57.0231 4672 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:59:57.0246 4672 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:59:57.0278 4672 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:59:57.0278 4672 [Global] - ok
21:59:57.0278 4672 ================ Scan MBR ==================================
21:59:57.0293 4672 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:59:57.0543 4672 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:59:57.0543 4672 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:59:57.0543 4672 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:59:57.0605 4672 \Device\Harddisk1\DR1 - ok
21:59:57.0605 4672 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
21:59:58.0323 4672 \Device\Harddisk2\DR2 - ok
21:59:58.0323 4672 ================ Scan VBR ==================================
21:59:58.0338 4672 [ 7727ADD017B7C438E69FBC5E4CBC4375 ] \Device\Harddisk0\DR0\Partition1
21:59:58.0338 4672 \Device\Harddisk0\DR0\Partition1 - ok
21:59:58.0354 4672 [ FECADD8468D1A398FA33330B15C54987 ] \Device\Harddisk0\DR0\Partition2
21:59:58.0354 4672 \Device\Harddisk0\DR0\Partition2 - ok
21:59:58.0370 4672 [ F904C8DE9ED8B618A41F5C6178F155EB ] \Device\Harddisk0\DR0\Partition3
21:59:58.0370 4672 \Device\Harddisk0\DR0\Partition3 - ok
21:59:58.0370 4672 [ F14224398E320A269AB8DD09CA29F2FB ] \Device\Harddisk1\DR1\Partition1
21:59:58.0370 4672 \Device\Harddisk1\DR1\Partition1 - ok
21:59:58.0370 4672 [ 7CCC2A91C50F147DCA7AF9705DD3AAFD ] \Device\Harddisk1\DR1\Partition2
21:59:58.0370 4672 \Device\Harddisk1\DR1\Partition2 - ok
21:59:58.0370 4672 [ 327CE04EF78337D41BF4E586C1EF4567 ] \Device\Harddisk2\DR2\Partition1
21:59:58.0370 4672 \Device\Harddisk2\DR2\Partition1 - ok
21:59:58.0370 4672 ============================================================
21:59:58.0370 4672 Scan finished
21:59:58.0370 4672 ============================================================
21:59:58.0385 5940 Detected object count: 5
21:59:58.0385 5940 Actual detected object count: 5
22:01:04.0576 5940 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:01:04.0576 5940 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:01:04.0576 5940 CDMA Device Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:01:04.0576 5940 CDMA Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:01:04.0576 5940 GKCDTDNS ( UnsignedFile.Multi.Generic ) - skipped by user
22:01:04.0576 5940 GKCDTDNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:01:04.0576 5940 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:01:04.0576 5940 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:01:04.0576 5940 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:01:04.0576 5940 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
23.10.2012, 07:12
| #12 |
| | ukash trojaner Ist mein PC jetzt wieder sauber, oder soll ich noch irgendwas scannen ? Danke im Voraus. Wie sind die TDSKiller Logs zu interpretieren ? |
|
24.10.2012, 08:35
| #13 | |
| /// Helfer-Team | ukash trojaner Starte TDSSKiller nochmal und lasse das entfernen: Zitat:
|
|
24.10.2012, 20:44
| #14 |
| | ukash trojaner Hier ist die neue TDSSKiller Log-Datei Code:
ATTFilter 21:40:05.0845 3688 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
21:40:06.0266 3688 ============================================================
21:40:06.0266 3688 Current date / time: 2012/10/24 21:40:06.0266
21:40:06.0266 3688 SystemInfo:
21:40:06.0266 3688
21:40:06.0266 3688 OS Version: 6.1.7601 ServicePack: 1.0
21:40:06.0266 3688 Product type: Workstation
21:40:06.0266 3688 ComputerName: TAMAD-PC_UP
21:40:06.0266 3688 UserName: tamad
21:40:06.0266 3688 Windows directory: C:\Windows
21:40:06.0266 3688 System windows directory: C:\Windows
21:40:06.0266 3688 Running under WOW64
21:40:06.0266 3688 Processor architecture: Intel x64
21:40:06.0266 3688 Number of processors: 4
21:40:06.0266 3688 Page size: 0x1000
21:40:06.0266 3688 Boot type: Normal boot
21:40:06.0266 3688 ============================================================
21:40:07.0358 3688 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:40:07.0374 3688 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:40:07.0389 3688 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:40:07.0389 3688 ============================================================
21:40:07.0389 3688 \Device\Harddisk0\DR0:
21:40:07.0389 3688 MBR partitions:
21:40:07.0389 3688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x15F90DA4
21:40:07.0389 3688 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15F90DE3, BlocksNum 0x658FBA5
21:40:07.0389 3688 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1C520988, BlocksNum 0x1DE642B9
21:40:07.0389 3688 \Device\Harddisk1\DR1:
21:40:07.0389 3688 MBR partitions:
21:40:07.0389 3688 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A97E608
21:40:07.0389 3688 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3A97E647, BlocksNum 0x39D8737A
21:40:07.0389 3688 \Device\Harddisk2\DR2:
21:40:07.0389 3688 MBR partitions:
21:40:07.0389 3688 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
21:40:07.0389 3688 ============================================================
21:40:07.0389 3688 C: <-> \Device\Harddisk0\DR0\Partition1
21:40:07.0405 3688 D: <-> \Device\Harddisk1\DR1\Partition1
21:40:07.0405 3688 E: <-> \Device\Harddisk2\DR2\Partition1
21:40:07.0421 3688 F: <-> \Device\Harddisk0\DR0\Partition2
21:40:07.0436 3688 G: <-> \Device\Harddisk0\DR0\Partition3
21:40:07.0467 3688 H: <-> \Device\Harddisk1\DR1\Partition2
21:40:07.0467 3688 ============================================================
21:40:07.0467 3688 Initialize success
21:40:07.0467 3688 ============================================================
21:40:45.0391 2660 ============================================================
21:40:45.0391 2660 Scan started
21:40:45.0391 2660 Mode: Manual; SigCheck; TDLFS;
21:40:45.0391 2660 ============================================================
21:40:46.0249 2660 ================ Scan system memory ========================
21:40:46.0249 2660 System memory - ok
21:40:46.0249 2660 ================ Scan services =============================
21:40:46.0405 2660 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:40:46.0483 2660 1394ohci - ok
21:40:46.0530 2660 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
21:40:46.0858 2660 acedrv11 - ok
21:40:46.0873 2660 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:40:46.0920 2660 ACPI - ok
21:40:46.0951 2660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:40:47.0014 2660 AcpiPmi - ok
21:40:47.0123 2660 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:40:47.0154 2660 AdobeFlashPlayerUpdateSvc - ok
21:40:47.0185 2660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:40:47.0232 2660 adp94xx - ok
21:40:47.0248 2660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:40:47.0263 2660 adpahci - ok
21:40:47.0279 2660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:40:47.0294 2660 adpu320 - ok
21:40:47.0310 2660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:40:47.0341 2660 AeLookupSvc - ok
21:40:47.0388 2660 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:40:47.0419 2660 AFD - ok
21:40:47.0450 2660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:40:47.0450 2660 agp440 - ok
21:40:47.0466 2660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:40:47.0513 2660 ALG - ok
21:40:47.0528 2660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:40:47.0544 2660 aliide - ok
21:40:47.0575 2660 [ 1EA72552BC6AB3A5D02E16A3004B3B97 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:40:47.0606 2660 AMD External Events Utility - ok
21:40:47.0638 2660 AMD FUEL Service - ok
21:40:47.0684 2660 [ DD27F6C3DE9BFE50635C721E09EDC5DD ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
21:40:47.0716 2660 AMD Reservation Manager - ok
21:40:47.0747 2660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:40:47.0778 2660 amdide - ok
21:40:47.0794 2660 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
21:40:47.0794 2660 amdiox64 - ok
21:40:47.0809 2660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:40:47.0840 2660 AmdK8 - ok
21:40:48.0542 2660 [ BFA9657ADF7DDC29242A6E0E88DE36FA ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:40:48.0761 2660 amdkmdag - ok
21:40:48.0776 2660 [ 8C493027D9B2399283E724E9862EBB42 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:40:48.0808 2660 amdkmdap - ok
21:40:48.0839 2660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:40:48.0854 2660 AmdPPM - ok
21:40:48.0886 2660 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:40:48.0886 2660 amdsata - ok
21:40:48.0901 2660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:40:48.0917 2660 amdsbs - ok
21:40:48.0917 2660 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:40:48.0932 2660 amdxata - ok
21:40:48.0932 2660 AODDriver4.0 - ok
21:40:48.0964 2660 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:40:49.0042 2660 AppID - ok
21:40:49.0057 2660 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:40:49.0088 2660 AppIDSvc - ok
21:40:49.0120 2660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:40:49.0166 2660 Appinfo - ok
21:40:49.0182 2660 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:40:49.0229 2660 AppMgmt - ok
21:40:49.0260 2660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:40:49.0291 2660 arc - ok
21:40:49.0291 2660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:40:49.0307 2660 arcsas - ok
21:40:49.0385 2660 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:40:49.0416 2660 aspnet_state - ok
21:40:49.0432 2660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:40:49.0463 2660 AsyncMac - ok
21:40:49.0494 2660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:40:49.0494 2660 atapi - ok
21:40:49.0541 2660 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:40:49.0572 2660 AtiHDAudioService - ok
21:40:49.0759 2660 [ BFA9657ADF7DDC29242A6E0E88DE36FA ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:40:49.0837 2660 atikmdag - ok
21:40:49.0884 2660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:40:49.0915 2660 AudioEndpointBuilder - ok
21:40:49.0931 2660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:40:49.0946 2660 AudioSrv - ok
21:40:50.0024 2660 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:40:50.0040 2660 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
21:40:50.0040 2660 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
21:40:50.0071 2660 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:40:50.0087 2660 avmeject - ok
21:40:50.0118 2660 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:40:50.0196 2660 AxInstSV - ok
21:40:50.0227 2660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:40:50.0243 2660 b06bdrv - ok
21:40:50.0258 2660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:40:50.0290 2660 b57nd60a - ok
21:40:50.0336 2660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:40:50.0352 2660 BDESVC - ok
21:40:50.0368 2660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:40:50.0446 2660 Beep - ok
21:40:50.0492 2660 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:40:50.0524 2660 BFE - ok
21:40:50.0711 2660 [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20121005.002\BHDrvx64.sys
21:40:50.0758 2660 BHDrvx64 - ok
21:40:50.0789 2660 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:40:50.0851 2660 BITS - ok
21:40:50.0867 2660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:40:50.0882 2660 blbdrive - ok
21:40:50.0914 2660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:40:50.0914 2660 bowser - ok
21:40:50.0945 2660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:40:51.0007 2660 BrFiltLo - ok
21:40:51.0007 2660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:40:51.0023 2660 BrFiltUp - ok
21:40:51.0054 2660 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:40:51.0101 2660 Browser - ok
21:40:51.0116 2660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:40:51.0148 2660 Brserid - ok
21:40:51.0163 2660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:40:51.0179 2660 BrSerWdm - ok
21:40:51.0194 2660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:40:51.0226 2660 BrUsbMdm - ok
21:40:51.0226 2660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:40:51.0241 2660 BrUsbSer - ok
21:40:51.0288 2660 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:40:51.0350 2660 BthEnum - ok
21:40:51.0366 2660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:40:51.0397 2660 BTHMODEM - ok
21:40:51.0413 2660 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:40:51.0444 2660 BthPan - ok
21:40:51.0475 2660 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:40:51.0506 2660 BTHPORT - ok
21:40:51.0538 2660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:40:51.0616 2660 bthserv - ok
21:40:51.0662 2660 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:40:51.0694 2660 BTHUSB - ok
21:40:51.0709 2660 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:40:51.0725 2660 btwaudio - ok
21:40:51.0740 2660 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
21:40:51.0756 2660 btwavdt - ok
21:40:51.0818 2660 [ 9B3BD0ECD82CC08409C55A36D8F56B93 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:40:51.0850 2660 btwdins - ok
21:40:51.0881 2660 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:40:51.0881 2660 btwl2cap - ok
21:40:51.0896 2660 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:40:51.0912 2660 btwrchid - ok
21:40:51.0974 2660 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys
21:40:52.0006 2660 ccSet_NIS - ok
21:40:52.0037 2660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:40:52.0099 2660 cdfs - ok
21:40:52.0162 2660 [ D6696435EEFD7BBDB4226C60A5B343DC ] CDMA Device Service C:\Program Files\SAMSUNG\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
21:40:52.0177 2660 CDMA Device Service ( UnsignedFile.Multi.Generic ) - warning
21:40:52.0177 2660 CDMA Device Service - detected UnsignedFile.Multi.Generic (1)
21:40:52.0208 2660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:40:52.0255 2660 cdrom - ok
21:40:52.0286 2660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:40:52.0318 2660 CertPropSvc - ok
21:40:52.0333 2660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:40:52.0349 2660 circlass - ok
21:40:52.0364 2660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:40:52.0411 2660 CLFS - ok
21:40:52.0552 2660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:40:52.0583 2660 clr_optimization_v2.0.50727_32 - ok
21:40:52.0614 2660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:40:52.0645 2660 clr_optimization_v2.0.50727_64 - ok
21:40:52.0692 2660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:40:52.0723 2660 clr_optimization_v4.0.30319_32 - ok
21:40:52.0739 2660 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:40:52.0739 2660 clr_optimization_v4.0.30319_64 - ok
21:40:52.0770 2660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:40:52.0786 2660 CmBatt - ok
21:40:52.0801 2660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:40:52.0817 2660 cmdide - ok
21:40:52.0848 2660 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:40:52.0910 2660 CNG - ok
21:40:52.0926 2660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:40:52.0926 2660 Compbatt - ok
21:40:52.0957 2660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:40:53.0004 2660 CompositeBus - ok
21:40:53.0020 2660 COMSysApp - ok
21:40:53.0020 2660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:40:53.0035 2660 crcdisk - ok
21:40:53.0082 2660 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:40:53.0098 2660 CryptSvc - ok
21:40:53.0129 2660 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:40:53.0191 2660 CSC - ok
21:40:53.0222 2660 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:40:53.0238 2660 CscService - ok
21:40:53.0269 2660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:40:53.0347 2660 DcomLaunch - ok
21:40:53.0363 2660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:40:53.0410 2660 defragsvc - ok
21:40:53.0441 2660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:40:53.0472 2660 DfsC - ok
21:40:53.0503 2660 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:40:53.0519 2660 dg_ssudbus - ok
21:40:53.0550 2660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:40:53.0581 2660 Dhcp - ok
21:40:53.0597 2660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:40:53.0628 2660 discache - ok
21:40:53.0659 2660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:40:53.0659 2660 Disk - ok
21:40:53.0675 2660 dlbk_device - ok
21:40:53.0737 2660 [ A77C2DF75A947CDD5C1F26039361F48C ] DLNADB C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\Status Monitor\dlp1Adb.exe
21:40:53.0753 2660 DLNADB - ok
21:40:53.0784 2660 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:40:53.0815 2660 Dnscache - ok
21:40:53.0846 2660 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:40:53.0878 2660 dot3svc - ok
21:40:53.0909 2660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:40:53.0987 2660 DPS - ok
21:40:54.0002 2660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:40:54.0018 2660 drmkaud - ok
21:40:54.0049 2660 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:40:54.0080 2660 DXGKrnl - ok
21:40:54.0112 2660 [ C3CDC19B715514200F5CEC8BE5B9C9A8 ] Dyn Updater C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
21:40:54.0143 2660 Dyn Updater - ok
21:40:54.0158 2660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:40:54.0205 2660 EapHost - ok
21:40:54.0283 2660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:40:54.0392 2660 ebdrv - ok
21:40:54.0424 2660 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:40:54.0439 2660 eeCtrl - ok
21:40:54.0455 2660 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:40:54.0470 2660 EFS - ok
21:40:54.0502 2660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:40:54.0580 2660 ehRecvr - ok
21:40:54.0595 2660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:40:54.0626 2660 ehSched - ok
21:40:54.0658 2660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:40:54.0673 2660 elxstor - ok
21:40:54.0704 2660 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:40:54.0736 2660 EraserUtilRebootDrv - ok
21:40:54.0751 2660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:40:54.0767 2660 ErrDev - ok
21:40:54.0814 2660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:40:54.0860 2660 EventSystem - ok
21:40:54.0907 2660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:40:54.0954 2660 exfat - ok
21:40:54.0985 2660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:40:55.0048 2660 fastfat - ok
21:40:55.0094 2660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:40:55.0172 2660 Fax - ok
21:40:55.0188 2660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:40:55.0219 2660 fdc - ok
21:40:55.0235 2660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:40:55.0282 2660 fdPHost - ok
21:40:55.0282 2660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:40:55.0328 2660 FDResPub - ok
21:40:55.0328 2660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:40:55.0344 2660 FileInfo - ok
21:40:55.0344 2660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:40:55.0391 2660 Filetrace - ok
21:40:55.0406 2660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:40:55.0406 2660 flpydisk - ok
21:40:55.0438 2660 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:40:55.0453 2660 FltMgr - ok
21:40:55.0484 2660 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:40:55.0578 2660 FontCache - ok
21:40:55.0625 2660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:40:55.0640 2660 FontCache3.0.0.0 - ok
21:40:55.0656 2660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:40:55.0656 2660 FsDepends - ok
21:40:55.0687 2660 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:40:55.0687 2660 Fs_Rec - ok
21:40:55.0734 2660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:40:55.0750 2660 fvevol - ok
21:40:55.0781 2660 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
21:40:55.0812 2660 FWLANUSB - ok
21:40:55.0874 2660 [ 4632BB93B668004965246D7911E2DD05 ] fwlanusb4 C:\Windows\system32\DRIVERS\fwlanusb4.sys
21:40:55.0952 2660 fwlanusb4 - ok
21:40:55.0999 2660 [ 15585492E45E2F30768B2D5B57929D99 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
21:40:56.0015 2660 fwlanusbn - ok
21:40:56.0030 2660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:40:56.0046 2660 gagp30kx - ok
21:40:56.0093 2660 [ 5F60F21D3E7D70746242BDBEE5DC93DB ] GKCDTDNS C:\PROGRA~2\GKC\GKCDTDNS\GKCDTDNSNT.exe
21:40:56.0108 2660 GKCDTDNS ( UnsignedFile.Multi.Generic ) - warning
21:40:56.0108 2660 GKCDTDNS - detected UnsignedFile.Multi.Generic (1)
21:40:56.0155 2660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:40:56.0202 2660 gpsvc - ok
21:40:56.0264 2660 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:40:56.0296 2660 gupdate - ok
21:40:56.0311 2660 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:40:56.0327 2660 gupdatem - ok
21:40:56.0389 2660 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:40:56.0420 2660 gusvc - ok
21:40:56.0436 2660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:40:56.0467 2660 hcw85cir - ok
21:40:56.0498 2660 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:40:56.0530 2660 HdAudAddService - ok
21:40:56.0545 2660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:40:56.0576 2660 HDAudBus - ok
21:40:56.0576 2660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:40:56.0592 2660 HidBatt - ok
21:40:56.0608 2660 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:40:56.0623 2660 HidBth - ok
21:40:56.0639 2660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:40:56.0670 2660 HidIr - ok
21:40:56.0686 2660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:40:56.0732 2660 hidserv - ok
21:40:56.0795 2660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:40:56.0826 2660 HidUsb - ok
21:40:56.0857 2660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:40:56.0935 2660 hkmsvc - ok
21:40:56.0935 2660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:40:56.0966 2660 HomeGroupListener - ok
21:40:56.0998 2660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:40:57.0029 2660 HomeGroupProvider - ok
21:40:57.0044 2660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:40:57.0060 2660 HpSAMD - ok
21:40:57.0091 2660 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:40:57.0154 2660 HTCAND64 - ok
21:40:57.0200 2660 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
21:40:57.0216 2660 htcnprot - ok
21:40:57.0263 2660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:40:57.0325 2660 HTTP - ok
21:40:57.0356 2660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:40:57.0356 2660 hwpolicy - ok
21:40:57.0403 2660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:40:57.0419 2660 i8042prt - ok
21:40:57.0450 2660 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:40:57.0466 2660 iaStorV - ok
21:40:57.0497 2660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:40:57.0512 2660 idsvc - ok
21:40:57.0622 2660 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20121023.002\IDSvia64.sys
21:40:57.0668 2660 IDSVia64 - ok
21:40:57.0700 2660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:40:57.0700 2660 iirsp - ok
21:40:57.0731 2660 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:40:57.0762 2660 IKEEXT - ok
21:40:57.0778 2660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:40:57.0793 2660 intelide - ok
21:40:57.0809 2660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:40:57.0809 2660 intelppm - ok
21:40:57.0824 2660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:40:57.0871 2660 IPBusEnum - ok
21:40:57.0887 2660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:40:57.0918 2660 IpFilterDriver - ok
21:40:57.0949 2660 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:40:58.0012 2660 iphlpsvc - ok
21:40:58.0027 2660 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:40:58.0043 2660 IPMIDRV - ok
21:40:58.0058 2660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:40:58.0090 2660 IPNAT - ok
21:40:58.0105 2660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:40:58.0121 2660 IRENUM - ok
21:40:58.0152 2660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:40:58.0168 2660 isapnp - ok
21:40:58.0183 2660 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:40:58.0199 2660 iScsiPrt - ok
21:40:58.0214 2660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:40:58.0230 2660 kbdclass - ok
21:40:58.0246 2660 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:40:58.0277 2660 kbdhid - ok
21:40:58.0277 2660 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:40:58.0292 2660 KeyIso - ok
21:40:58.0324 2660 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:40:58.0339 2660 KSecDD - ok
21:40:58.0355 2660 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:40:58.0370 2660 KSecPkg - ok
21:40:58.0386 2660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:40:58.0417 2660 ksthunk - ok
21:40:58.0448 2660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:40:58.0480 2660 KtmRm - ok
21:40:58.0495 2660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:40:58.0526 2660 LanmanServer - ok
21:40:58.0542 2660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:40:58.0573 2660 LanmanWorkstation - ok
21:40:58.0589 2660 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:40:58.0667 2660 lltdio - ok
21:40:58.0698 2660 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:40:58.0729 2660 lltdsvc - ok
21:40:58.0745 2660 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:40:58.0760 2660 lmhosts - ok
21:40:58.0792 2660 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:40:58.0807 2660 LSI_FC - ok
21:40:58.0807 2660 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:40:58.0823 2660 LSI_SAS - ok
21:40:58.0838 2660 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:40:58.0838 2660 LSI_SAS2 - ok
21:40:58.0854 2660 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:40:58.0870 2660 LSI_SCSI - ok
21:40:58.0870 2660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:40:58.0916 2660 luafv - ok
21:40:58.0948 2660 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:40:58.0948 2660 LVRS64 - ok
21:40:59.0072 2660 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:40:59.0135 2660 LVUVC64 - ok
21:40:59.0166 2660 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:40:59.0182 2660 Mcx2Svc - ok
21:40:59.0197 2660 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:40:59.0197 2660 megasas - ok
21:40:59.0213 2660 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:40:59.0213 2660 MegaSR - ok
21:40:59.0275 2660 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:40:59.0306 2660 Microsoft Office Groove Audit Service - ok
21:40:59.0338 2660 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:40:59.0369 2660 MMCSS - ok
21:40:59.0384 2660 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:40:59.0416 2660 Modem - ok
21:40:59.0431 2660 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:40:59.0447 2660 monitor - ok
21:40:59.0462 2660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:40:59.0478 2660 mouclass - ok
21:40:59.0478 2660 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:40:59.0509 2660 mouhid - ok
21:40:59.0540 2660 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:40:59.0540 2660 mountmgr - ok
21:40:59.0603 2660 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:40:59.0634 2660 MozillaMaintenance - ok
21:40:59.0650 2660 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:40:59.0665 2660 mpio - ok
21:40:59.0681 2660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:40:59.0712 2660 mpsdrv - ok
21:40:59.0743 2660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:40:59.0774 2660 MpsSvc - ok
21:40:59.0806 2660 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:40:59.0821 2660 MRxDAV - ok
21:40:59.0837 2660 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:40:59.0852 2660 mrxsmb - ok
21:40:59.0884 2660 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:40:59.0899 2660 mrxsmb10 - ok
21:40:59.0915 2660 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:40:59.0930 2660 mrxsmb20 - ok
21:40:59.0946 2660 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:40:59.0962 2660 msahci - ok
21:40:59.0977 2660 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:40:59.0993 2660 msdsm - ok
21:41:00.0008 2660 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:41:00.0024 2660 MSDTC - ok
21:41:00.0040 2660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:41:00.0055 2660 Msfs - ok
21:41:00.0071 2660 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:41:00.0149 2660 mshidkmdf - ok
21:41:00.0164 2660 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:41:00.0164 2660 msisadrv - ok
21:41:00.0180 2660 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:41:00.0227 2660 MSiSCSI - ok
21:41:00.0227 2660 msiserver - ok
21:41:00.0227 2660 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:41:00.0258 2660 MSKSSRV - ok
21:41:00.0274 2660 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:41:00.0289 2660 MSPCLOCK - ok
21:41:00.0305 2660 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:41:00.0336 2660 MSPQM - ok
21:41:00.0367 2660 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:41:00.0398 2660 MsRPC - ok
21:41:00.0414 2660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:41:00.0430 2660 mssmbios - ok
21:41:00.0492 2660 MSSQL$SQLEXPRESS - ok
21:41:00.0539 2660 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:41:00.0570 2660 MSSQLServerADHelper100 - ok
21:41:00.0586 2660 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:41:00.0632 2660 MSTEE - ok
21:41:00.0632 2660 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:41:00.0648 2660 MTConfig - ok
21:41:00.0664 2660 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:41:00.0679 2660 MTsensor - ok
21:41:00.0695 2660 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:41:00.0695 2660 Mup - ok
21:41:00.0726 2660 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:41:00.0757 2660 napagent - ok
21:41:00.0788 2660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:41:00.0820 2660 NativeWifiP - ok
21:41:00.0882 2660 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
21:41:00.0913 2660 NAUpdate - ok
21:41:00.0976 2660 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20121023.021\ENG64.SYS
21:41:01.0007 2660 NAVENG - ok
21:41:01.0069 2660 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20121023.021\EX64.SYS
21:41:01.0116 2660 NAVEX15 - ok
21:41:01.0225 2660 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:41:01.0303 2660 NDIS - ok
21:41:01.0381 2660 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:41:01.0428 2660 NdisCap - ok
21:41:01.0444 2660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:41:01.0475 2660 NdisTapi - ok
21:41:01.0490 2660 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:41:01.0537 2660 Ndisuio - ok
21:41:01.0553 2660 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:41:01.0584 2660 NdisWan - ok
21:41:01.0600 2660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:41:01.0631 2660 NDProxy - ok
21:41:01.0646 2660 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:41:01.0678 2660 NetBIOS - ok
21:41:01.0693 2660 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:41:01.0724 2660 NetBT - ok
21:41:01.0756 2660 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:41:01.0756 2660 Netlogon - ok
21:41:01.0787 2660 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:41:01.0849 2660 Netman - ok
21:41:01.0896 2660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:41:01.0927 2660 NetMsmqActivator - ok
21:41:01.0927 2660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:41:01.0943 2660 NetPipeActivator - ok
21:41:01.0958 2660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:41:01.0990 2660 netprofm - ok
21:41:02.0005 2660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:41:02.0005 2660 NetTcpActivator - ok
21:41:02.0005 2660 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:41:02.0021 2660 NetTcpPortSharing - ok
21:41:02.0036 2660 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:41:02.0052 2660 nfrd960 - ok
21:41:02.0099 2660 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
21:41:02.0130 2660 NIS - ok
21:41:02.0161 2660 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:41:02.0192 2660 NlaSvc - ok
21:41:02.0224 2660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:41:02.0255 2660 Npfs - ok
21:41:02.0270 2660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:41:02.0286 2660 nsi - ok
21:41:02.0302 2660 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:41:02.0333 2660 nsiproxy - ok
21:41:02.0395 2660 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:41:02.0458 2660 Ntfs - ok
21:41:02.0473 2660 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:41:02.0551 2660 Null - ok
21:41:02.0598 2660 [ 8EBCB9165EE7F1571842F4D9D624A74C ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:41:02.0629 2660 nusb3hub - ok
21:41:02.0660 2660 [ 5D54DBB12BBFE07CC283FD39F2CD6D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:41:02.0692 2660 nusb3xhc - ok
21:41:02.0707 2660 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:41:02.0723 2660 nvraid - ok
21:41:02.0754 2660 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:41:02.0770 2660 nvstor - ok
21:41:02.0785 2660 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:41:02.0801 2660 nv_agp - ok
21:41:02.0848 2660 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:41:02.0879 2660 odserv - ok
21:41:02.0894 2660 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:41:02.0926 2660 ohci1394 - ok
21:41:02.0957 2660 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:41:02.0957 2660 ose - ok
21:41:02.0988 2660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:41:03.0019 2660 p2pimsvc - ok
21:41:03.0035 2660 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:41:03.0050 2660 p2psvc - ok
21:41:03.0082 2660 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:41:03.0082 2660 Parport - ok
21:41:03.0113 2660 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:41:03.0113 2660 partmgr - ok
21:41:03.0160 2660 [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
21:41:03.0191 2660 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
21:41:03.0191 2660 PassThru Service - detected UnsignedFile.Multi.Generic (1)
21:41:03.0222 2660 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:41:03.0269 2660 PcaSvc - ok
21:41:03.0269 2660 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:41:03.0284 2660 pci - ok
21:41:03.0316 2660 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:41:03.0316 2660 pciide - ok
21:41:03.0331 2660 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:41:03.0347 2660 pcmcia - ok
21:41:03.0362 2660 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:41:03.0362 2660 pcw - ok
21:41:03.0440 2660 [ 054974057FEEB7B4228D8B6C767C4E0F ] PDFProFiltSrvPP C:\Program Files (x86)\Dell Printers\Dell 1355 Multifunction Color Printer\PaperPort\PDFProFiltSrvPP.exe
21:41:03.0456 2660 PDFProFiltSrvPP - ok
21:41:03.0487 2660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:41:03.0534 2660 PEAUTH - ok
21:41:03.0565 2660 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:41:03.0612 2660 PeerDistSvc - ok
21:41:03.0674 2660 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:41:03.0706 2660 PerfHost - ok
21:41:03.0752 2660 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:41:03.0815 2660 pla - ok
21:41:03.0862 2660 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:41:03.0908 2660 PlugPlay - ok
21:41:03.0924 2660 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:41:03.0924 2660 PNRPAutoReg - ok
21:41:03.0940 2660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:41:03.0955 2660 PNRPsvc - ok
21:41:03.0986 2660 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:41:04.0049 2660 PolicyAgent - ok
21:41:04.0080 2660 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:41:04.0111 2660 Power - ok
21:41:04.0142 2660 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:41:04.0158 2660 PptpMiniport - ok
21:41:04.0174 2660 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:41:04.0189 2660 Processor - ok
21:41:04.0205 2660 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:41:04.0236 2660 ProfSvc - ok
21:41:04.0252 2660 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:41:04.0252 2660 ProtectedStorage - ok
21:41:04.0283 2660 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:41:04.0345 2660 Psched - ok
21:41:04.0408 2660 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:41:04.0454 2660 ql2300 - ok
21:41:04.0470 2660 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:41:04.0486 2660 ql40xx - ok
21:41:04.0501 2660 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:41:04.0517 2660 QWAVE - ok
21:41:04.0517 2660 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:41:04.0548 2660 QWAVEdrv - ok
21:41:04.0564 2660 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:41:04.0579 2660 RasAcd - ok
21:41:04.0610 2660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:41:04.0626 2660 RasAgileVpn - ok
21:41:04.0642 2660 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:41:04.0673 2660 RasAuto - ok
21:41:04.0704 2660 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:41:04.0735 2660 Rasl2tp - ok
21:41:04.0751 2660 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:41:04.0798 2660 RasMan - ok
21:41:04.0798 2660 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:41:04.0829 2660 RasPppoe - ok
21:41:04.0860 2660 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:41:04.0876 2660 RasSstp - ok
21:41:04.0938 2660 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:41:05.0000 2660 rdbss - ok
21:41:05.0016 2660 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:41:05.0016 2660 rdpbus - ok
21:41:05.0032 2660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:41:05.0063 2660 RDPCDD - ok
21:41:05.0078 2660 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:41:05.0110 2660 RDPDR - ok
21:41:05.0125 2660 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:41:05.0156 2660 RDPENCDD - ok
21:41:05.0172 2660 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:41:05.0188 2660 RDPREFMP - ok
21:41:05.0250 2660 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:41:05.0297 2660 RdpVideoMiniport - ok
21:41:05.0328 2660 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:41:05.0375 2660 RDPWD - ok
21:41:05.0406 2660 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:41:05.0437 2660 rdyboost - ok
21:41:05.0453 2660 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:41:05.0500 2660 RemoteAccess - ok
21:41:05.0515 2660 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:41:05.0546 2660 RemoteRegistry - ok
21:41:05.0562 2660 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:41:05.0593 2660 RFCOMM - ok
21:41:05.0609 2660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:41:05.0640 2660 RpcEptMapper - ok
21:41:05.0656 2660 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:41:05.0671 2660 RpcLocator - ok
21:41:05.0702 2660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:41:05.0734 2660 RpcSs - ok
21:41:05.0765 2660 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
21:41:05.0796 2660 RsFx0103 - ok
21:41:05.0827 2660 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:41:05.0858 2660 rspndr - ok
21:41:05.0890 2660 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:41:05.0921 2660 RTL8167 - ok
21:41:05.0952 2660 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:41:05.0999 2660 s3cap - ok
21:41:06.0030 2660 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:41:06.0061 2660 SamSs - ok
21:41:06.0077 2660 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:41:06.0092 2660 sbp2port - ok
21:41:06.0124 2660 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:41:06.0155 2660 SCardSvr - ok
21:41:06.0186 2660 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:41:06.0202 2660 scfilter - ok
21:41:06.0264 2660 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:41:06.0342 2660 Schedule - ok
21:41:06.0358 2660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:41:06.0389 2660 SCPolicySvc - ok
21:41:06.0404 2660 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:41:06.0420 2660 SDRSVC - ok
21:41:06.0436 2660 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:41:06.0467 2660 secdrv - ok
21:41:06.0482 2660 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:41:06.0514 2660 seclogon - ok
21:41:06.0514 2660 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:41:06.0545 2660 SENS - ok
21:41:06.0560 2660 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:41:06.0560 2660 SensrSvc - ok
21:41:06.0576 2660 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:41:06.0592 2660 Serenum - ok
21:41:06.0592 2660 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:41:06.0623 2660 Serial - ok
21:41:06.0638 2660 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:41:06.0638 2660 sermouse - ok
21:41:06.0670 2660 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:41:06.0701 2660 SessionEnv - ok
21:41:06.0732 2660 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:41:06.0748 2660 sffdisk - ok
21:41:06.0763 2660 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:41:06.0779 2660 sffp_mmc - ok
21:41:06.0794 2660 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:41:06.0810 2660 sffp_sd - ok
21:41:06.0810 2660 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:41:06.0826 2660 sfloppy - ok
21:41:06.0857 2660 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:41:06.0872 2660 SharedAccess - ok
21:41:06.0919 2660 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:41:06.0935 2660 ShellHWDetection - ok
21:41:06.0950 2660 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:41:06.0966 2660 SiSRaid2 - ok
21:41:06.0982 2660 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:41:06.0982 2660 SiSRaid4 - ok
21:41:07.0060 2660 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:41:07.0091 2660 SkypeUpdate - ok
21:41:07.0138 2660 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:41:07.0184 2660 Smb - ok
21:41:07.0216 2660 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:41:07.0262 2660 SNMPTRAP - ok
21:41:07.0262 2660 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:41:07.0278 2660 spldr - ok
21:41:07.0309 2660 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:41:07.0340 2660 Spooler - ok
21:41:07.0450 2660 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:41:07.0574 2660 sppsvc - ok
21:41:07.0574 2660 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:41:07.0606 2660 sppuinotify - ok
21:41:07.0668 2660 [ AA90A319BB067E0D149B4C95608C4B05 ] sptd C:\Windows\system32\Drivers\sptd.sys
21:41:07.0715 2660 sptd - ok
21:41:07.0808 2660 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:41:07.0840 2660 SQLAgent$SQLEXPRESS - ok
21:41:07.0871 2660 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:41:07.0886 2660 SQLBrowser - ok
21:41:07.0918 2660 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:41:07.0933 2660 SQLWriter - ok
21:41:07.0996 2660 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS
21:41:08.0011 2660 SRTSP - ok
21:41:08.0027 2660 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS
21:41:08.0042 2660 SRTSPX - ok
21:41:08.0074 2660 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:41:08.0105 2660 srv - ok
21:41:08.0136 2660 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:41:08.0152 2660 srv2 - ok
21:41:08.0167 2660 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:41:08.0183 2660 srvnet - ok
21:41:08.0198 2660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:41:08.0245 2660 SSDPSRV - ok
21:41:08.0261 2660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:41:08.0292 2660 SstpSvc - ok
21:41:08.0323 2660 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:41:08.0339 2660 ssudmdm - ok
21:41:08.0354 2660 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:41:08.0370 2660 stexstor - ok
21:41:08.0401 2660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:41:08.0448 2660 stisvc - ok
21:41:08.0479 2660 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:41:08.0479 2660 storflt - ok
21:41:08.0495 2660 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:41:08.0510 2660 storvsc - ok
21:41:08.0526 2660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:41:08.0542 2660 swenum - ok
21:41:08.0557 2660 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:41:08.0604 2660 swprv - ok
21:41:08.0635 2660 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS
21:41:08.0666 2660 SymDS - ok
21:41:08.0729 2660 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS
21:41:08.0791 2660 SymEFA - ok
21:41:08.0822 2660 [ 894579207E39C465737E850A252CE4F2 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:41:08.0838 2660 SymEvent - ok
21:41:08.0854 2660 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS
21:41:08.0869 2660 SymIRON - ok
21:41:08.0885 2660 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS
21:41:08.0900 2660 SymNetS - ok
21:41:08.0916 2660 Synth3dVsc - ok
21:41:08.0963 2660 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:41:09.0025 2660 SysMain - ok
21:41:09.0056 2660 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:41:09.0056 2660 TabletInputService - ok
21:41:09.0088 2660 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:41:09.0134 2660 TapiSrv - ok
21:41:09.0150 2660 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:41:09.0181 2660 TBS - ok
21:41:09.0228 2660 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:41:09.0275 2660 Tcpip - ok
21:41:09.0306 2660 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:41:09.0337 2660 TCPIP6 - ok
21:41:09.0353 2660 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:41:09.0400 2660 tcpipreg - ok
21:41:09.0415 2660 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:41:09.0446 2660 TDPIPE - ok
21:41:09.0478 2660 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:41:09.0493 2660 TDTCP - ok
21:41:09.0524 2660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:41:09.0571 2660 tdx - ok
21:41:09.0602 2660 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:41:09.0602 2660 TermDD - ok
21:41:09.0634 2660 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:41:09.0665 2660 TermService - ok
21:41:09.0680 2660 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:41:09.0696 2660 Themes - ok
21:41:09.0727 2660 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:41:09.0743 2660 THREADORDER - ok
21:41:09.0758 2660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:41:09.0790 2660 TrkWks - ok
21:41:09.0836 2660 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:41:09.0852 2660 TrustedInstaller - ok
21:41:09.0883 2660 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:41:09.0899 2660 tssecsrv - ok
21:41:09.0946 2660 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:41:09.0992 2660 TsUsbFlt - ok
21:41:09.0992 2660 tsusbhub - ok
21:41:10.0039 2660 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:41:10.0070 2660 tunnel - ok
21:41:10.0086 2660 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:41:10.0086 2660 uagp35 - ok
21:41:10.0117 2660 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:41:10.0148 2660 udfs - ok
21:41:10.0164 2660 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:41:10.0180 2660 UI0Detect - ok
21:41:10.0195 2660 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:41:10.0195 2660 uliagpkx - ok
21:41:10.0226 2660 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:41:10.0258 2660 umbus - ok
21:41:10.0273 2660 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:41:10.0289 2660 UmPass - ok
21:41:10.0304 2660 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:41:10.0320 2660 UmRdpService - ok
21:41:10.0382 2660 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:41:10.0414 2660 UMVPFSrv - ok
21:41:10.0429 2660 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:41:10.0476 2660 upnphost - ok
21:41:10.0476 2660 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:41:10.0492 2660 usbaudio - ok
21:41:10.0523 2660 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:41:10.0554 2660 usbccgp - ok
21:41:10.0585 2660 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:41:10.0601 2660 usbcir - ok
21:41:10.0616 2660 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:41:10.0632 2660 usbehci - ok
21:41:10.0663 2660 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:41:10.0679 2660 usbhub - ok
21:41:10.0710 2660 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:41:10.0726 2660 usbohci - ok
21:41:10.0741 2660 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:41:10.0757 2660 usbprint - ok
21:41:10.0788 2660 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:41:10.0804 2660 usbscan - ok
21:41:10.0804 2660 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:41:10.0835 2660 USBSTOR - ok
21:41:10.0850 2660 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:41:10.0866 2660 usbuhci - ok
21:41:10.0897 2660 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
21:41:10.0928 2660 usb_rndisx - ok
21:41:10.0944 2660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:41:10.0991 2660 UxSms - ok
21:41:11.0006 2660 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:41:11.0006 2660 VaultSvc - ok
21:41:11.0038 2660 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:41:11.0038 2660 vdrvroot - ok
21:41:11.0084 2660 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:41:11.0147 2660 vds - ok
21:41:11.0162 2660 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:41:11.0178 2660 vga - ok
21:41:11.0178 2660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:41:11.0209 2660 VgaSave - ok
21:41:11.0225 2660 VGPU - ok
21:41:11.0256 2660 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:41:11.0287 2660 vhdmp - ok
21:41:11.0303 2660 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:41:11.0318 2660 viaide - ok
21:41:11.0334 2660 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:41:11.0350 2660 vmbus - ok
21:41:11.0381 2660 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:41:11.0396 2660 VMBusHID - ok
21:41:11.0412 2660 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:41:11.0428 2660 volmgr - ok
21:41:11.0443 2660 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:41:11.0490 2660 volmgrx - ok
21:41:11.0490 2660 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:41:11.0521 2660 volsnap - ok
21:41:11.0537 2660 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:41:11.0552 2660 vsmraid - ok
21:41:11.0615 2660 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:41:11.0677 2660 VSS - ok
21:41:11.0693 2660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:41:11.0708 2660 vwifibus - ok
21:41:11.0755 2660 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:41:11.0771 2660 W32Time - ok
21:41:11.0786 2660 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:41:11.0802 2660 WacomPen - ok
21:41:11.0833 2660 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:41:11.0864 2660 WANARP - ok
21:41:11.0864 2660 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:41:11.0896 2660 Wanarpv6 - ok
21:41:11.0958 2660 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:41:12.0020 2660 WatAdminSvc - ok
21:41:12.0052 2660 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:41:12.0098 2660 wbengine - ok
21:41:12.0114 2660 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:41:12.0130 2660 WbioSrvc - ok
21:41:12.0145 2660 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:41:12.0161 2660 wcncsvc - ok
21:41:12.0176 2660 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:41:12.0208 2660 WcsPlugInService - ok
21:41:12.0223 2660 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:41:12.0223 2660 Wd - ok
21:41:12.0239 2660 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:41:12.0254 2660 Wdf01000 - ok
21:41:12.0270 2660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:41:12.0332 2660 WdiServiceHost - ok
21:41:12.0332 2660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:41:12.0348 2660 WdiSystemHost - ok
21:41:12.0379 2660 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:41:12.0426 2660 WebClient - ok
21:41:12.0442 2660 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:41:12.0488 2660 Wecsvc - ok
21:41:12.0504 2660 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:41:12.0535 2660 wercplsupport - ok
21:41:12.0551 2660 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:41:12.0582 2660 WerSvc - ok
21:41:12.0598 2660 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:41:12.0629 2660 WfpLwf - ok
21:41:12.0644 2660 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:41:12.0644 2660 WIMMount - ok
21:41:12.0660 2660 WinDefend - ok
21:41:12.0660 2660 WinHttpAutoProxySvc - ok
21:41:12.0691 2660 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:41:12.0722 2660 Winmgmt - ok
21:41:12.0769 2660 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:41:12.0847 2660 WinRM - ok
21:41:12.0894 2660 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
21:41:12.0910 2660 WinUSB - ok
21:41:12.0925 2660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:41:12.0972 2660 Wlansvc - ok
21:41:13.0066 2660 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:41:13.0144 2660 wlidsvc - ok
21:41:13.0159 2660 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:41:13.0175 2660 WmiAcpi - ok
21:41:13.0190 2660 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:41:13.0206 2660 wmiApSrv - ok
21:41:13.0222 2660 WMPNetworkSvc - ok
21:41:13.0222 2660 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:41:13.0237 2660 WPCSvc - ok
21:41:13.0268 2660 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:41:13.0268 2660 WPDBusEnum - ok
21:41:13.0300 2660 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:41:13.0331 2660 ws2ifsl - ok
21:41:13.0331 2660 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:41:13.0346 2660 wscsvc - ok
21:41:13.0346 2660 WSearch - ok
21:41:13.0424 2660 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:41:13.0534 2660 wuauserv - ok
21:41:13.0565 2660 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:41:13.0612 2660 WudfPf - ok
21:41:13.0643 2660 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:41:13.0674 2660 WUDFRd - ok
21:41:13.0690 2660 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:41:13.0721 2660 wudfsvc - ok
21:41:13.0736 2660 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:41:13.0752 2660 WwanSvc - ok
21:41:13.0783 2660 ================ Scan global ===============================
21:41:13.0799 2660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:41:13.0814 2660 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:41:13.0830 2660 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:41:13.0846 2660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:41:13.0877 2660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:41:13.0877 2660 [Global] - ok
21:41:13.0877 2660 ================ Scan MBR ==================================
21:41:13.0892 2660 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:41:14.0142 2660 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:41:14.0142 2660 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:41:14.0142 2660 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:41:14.0189 2660 \Device\Harddisk1\DR1 - ok
21:41:14.0189 2660 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
21:41:14.0251 2660 \Device\Harddisk2\DR2 - ok
21:41:14.0251 2660 ================ Scan VBR ==================================
21:41:14.0267 2660 [ 7727ADD017B7C438E69FBC5E4CBC4375 ] \Device\Harddisk0\DR0\Partition1
21:41:14.0267 2660 \Device\Harddisk0\DR0\Partition1 - ok
21:41:14.0298 2660 [ FECADD8468D1A398FA33330B15C54987 ] \Device\Harddisk0\DR0\Partition2
21:41:14.0298 2660 \Device\Harddisk0\DR0\Partition2 - ok
21:41:14.0314 2660 [ F904C8DE9ED8B618A41F5C6178F155EB ] \Device\Harddisk0\DR0\Partition3
21:41:14.0314 2660 \Device\Harddisk0\DR0\Partition3 - ok
21:41:14.0314 2660 [ F14224398E320A269AB8DD09CA29F2FB ] \Device\Harddisk1\DR1\Partition1
21:41:14.0329 2660 \Device\Harddisk1\DR1\Partition1 - ok
21:41:14.0329 2660 [ 7CCC2A91C50F147DCA7AF9705DD3AAFD ] \Device\Harddisk1\DR1\Partition2
21:41:14.0329 2660 \Device\Harddisk1\DR1\Partition2 - ok
21:41:14.0345 2660 [ 327CE04EF78337D41BF4E586C1EF4567 ] \Device\Harddisk2\DR2\Partition1
21:41:14.0345 2660 \Device\Harddisk2\DR2\Partition1 - ok
21:41:14.0345 2660 ============================================================
21:41:14.0345 2660 Scan finished
21:41:14.0345 2660 ============================================================
21:41:14.0345 5364 Detected object count: 5
21:41:14.0345 5364 Actual detected object count: 5
21:42:15.0794 5364 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:42:15.0794 5364 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:42:15.0794 5364 CDMA Device Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:42:15.0794 5364 CDMA Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:42:15.0794 5364 GKCDTDNS ( UnsignedFile.Multi.Generic ) - skipped by user
21:42:15.0794 5364 GKCDTDNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:42:15.0810 5364 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:42:15.0810 5364 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:42:15.0857 5364 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
21:42:15.0857 5364 \Device\Harddisk0\DR0\TDLFS - deleted
21:42:15.0857 5364 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
21:42:24.0250 0288 Deinitialize success
|
|
24.10.2012, 22:13
| #15 |
| /// Helfer-Team | ukash trojaner Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit. |
|
| Themen zu ukash trojaner |
| 64-bit, abgesicherter, boot cd, entferne, entfernen, erstell, erstellt, extras.txt, infiziert., kaspersky, otl.txt, otlpe, probiert, rootkit.tdss.64, scan, troja, trojane, trojaner, ukash, ukash trojaner, unlocker, virus, virus entfernen, windows, windows 7, windows unlocker |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
