| |
| |||||||
Log-Analyse und Auswertung: Norton online funktioniert nicht mehrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
12.01.2013, 20:18
| #1 |
 |  Norton online funktioniert nicht mehr Hallo, ich hatte mir vor einiger Zeit den GVU-Trojaner eingefangen, und hatte den mit Norton 360 in Quarantäne geschoben und hatte dann keine Schwierigkeiten mehr. Heute (einige Monate nach de Infizierung) habe ich festgestellt, dass mein Norton nicht mehr reagiert. Über Startleiste aufgerufen, kurzes Laden, aber nichts passiert. Daraufhin habe ich mich im Internet schlau gemacht. Habe Antivar deinstalliert (ja es lief parallel). Dennoch lief Norton nicht. Daraufhin habe ich Antimaleware rüber laufen lassen und da wurde der Virus gefunden. Keine Ahnung, ob ich ihn mir wieder eingefangen habe, oder er immer noch aktiv war, weil ich das letzte Mal dem Ganzen keine weitere Beachtung schenkte. Hier die Daten der Auswertung von Antimaleware: Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.12.07 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Jd :: JD-PC [Administrator] Schutz: Aktiviert 12.01.2013 18:31:21 mbam-log-2013-01-12 (18-31-21).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 293238 Laufzeit: 38 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Dannach habe ich den OTL Scan durchgeführt: OTL logfile created on: 12.01.2013 19:54:39 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jd\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 50,89% Memory free 3,98 Gb Paging File | 2,79 Gb Available in Paging File | 70,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,66 Gb Total Space | 393,64 Gb Free Space | 84,53% Space Free | Partition Type: NTFS Computer Name: JD-PC | User Name: Jd | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jd\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\drivers\o2flash.exe (O2Micro International) PRC - C:\Program Files\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.) PRC - C:\Windows\OEM13Mon.exe (Creative Technology Ltd.) ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (N360) -- C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe (Symantec Corporation) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (o2flash) -- C:\Windows\System32\drivers\o2flash.exe (O2Micro International) ========== Driver Services (SafeList) ========== DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20121017.020\NAVEX15.SYS File not found DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20121017.020\NAVENG.SYS File not found DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20120901.001\IDSVix86.sys File not found DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20120928.001\BHDrvx86.sys File not found DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SRTSP) -- C:\Windows\System32\drivers\N360\1402000.013\srtsp.sys (Symantec Corporation) DRV - (SymEFA) -- C:\Windows\System32\drivers\N360\1402000.013\symefa.sys (Symantec Corporation) DRV - (SymDS) -- C:\Windows\System32\drivers\N360\1402000.013\symds.sys (Symantec Corporation) DRV - (ccSet_N360) -- C:\Windows\System32\drivers\N360\1402000.013\ccsetx86.sys (Symantec Corporation) DRV - (SymNetS) -- C:\Windows\System32\drivers\N360\1402000.013\symnets.sys (Symantec Corporation) DRV - (SymIRON) -- C:\Windows\System32\drivers\N360\1402000.013\ironx86.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\Windows\System32\drivers\N360\1402000.013\srtspx.sys (Symantec Corporation) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (MQAC) -- C:\Windows\System32\drivers\mqac.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (O2MDRDR) -- C:\Windows\System32\drivers\o2media.sys (O2Micro ) DRV - (O2SDRDR) -- C:\Windows\System32\drivers\o2sd.sys (O2Micro ) DRV - (OEM13Vid) -- C:\Windows\System32\drivers\OEM13Vid.sys (Creative Technology Ltd.) DRV - (OEM13Vfx) -- C:\Windows\System32\drivers\OEM13Vfx.sys (EyePower Games Pte. Ltd.) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B DB 53 00 02 99 CD 01 [binary data] IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=114874&tt=120912_nocpc_3812_8&babsrc=SP_ss&mntrId=244511a500000000000000225f346ee1 IE - HKU\S-1-5-21-2286783814-2036696160-2845618320-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013.01.09 22:52:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013.01.06 17:23:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\onetab@onetab.net: C:\Users\Jd\AppData\Roaming\OneTab\xpi [2012.09.23 07:57:19 | 000,000,000 | ---D | M] [2012.09.23 07:57:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (OneTab Add-on) - {16ADEA98-D215-4F51-80AF-5E5ED660B9C0} - C:\Users\Jd\AppData\Roaming\OneTab\OneTab.dll (OnPageAds) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.2.0.19\coIEPlg.dll File not found O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.2.0.19\IPS\IPSBHO.DLL File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.2.0.19\coIEPlg.dll File not found O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jd\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB (DellSystem.Scanner) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12A70D17-D861-4488-AD5D-52DFFAFDAEDE}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CEE771D8-7E8C-4431-B740-E8D2E51D588D}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.12 19:39:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jd\Desktop\OTL.exe [2013.01.12 18:30:08 | 000,000,000 | ---D | C] -- C:\Users\Jd\AppData\Roaming\Malwarebytes [2013.01.12 18:29:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.01.12 18:29:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.01.12 18:29:50 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.01.12 18:29:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.01.12 18:29:33 | 000,000,000 | ---D | C] -- C:\Users\Jd\AppData\Local\Programs [2013.01.12 18:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013.01.12 18:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.01.12 18:03:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\SDA [2013.01.12 18:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\O2Micro Flash Memory Card Driver [2013.01.09 23:06:14 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.09 23:05:48 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.01.09 23:05:48 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.01.09 23:05:48 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.01.09 23:05:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.09 23:05:47 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.01.09 23:05:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.09 23:05:47 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.09 23:05:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.09 23:05:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.01.09 23:05:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.01.09 23:05:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.09 23:05:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.01.09 23:05:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.01.09 23:05:15 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs [2013.01.09 23:05:15 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs [2013.01.09 23:05:15 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs [2013.01.09 23:05:15 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs [2013.01.09 23:05:15 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs [2013.01.09 23:05:15 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs [2013.01.09 23:05:15 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2013.01.09 23:05:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs [2013.01.09 23:05:15 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs [2013.01.09 23:05:14 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2013.01.09 23:05:14 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2013.01.09 23:05:14 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs [2013.01.09 23:05:13 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs [2013.01.09 23:05:13 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2013.01.09 23:05:13 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs [2013.01.09 23:05:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs [2013.01.09 23:03:01 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.09 23:03:00 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013.01.06 19:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2013.01.06 19:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2012.12.21 02:42:27 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.21 02:42:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.20 01:21:58 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2012.12.19 22:51:22 | 000,000,000 | ---D | C] -- C:\Users\Jd\AppData\Local\Diagnostics [2012.12.19 21:57:08 | 000,000,000 | ---D | C] -- C:\Users\Jd\AppData\Local\NPE ========== Files - Modified Within 30 Days ========== [2013.01.12 19:39:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jd\Desktop\OTL.exe [2013.01.12 18:29:53 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.12 18:21:09 | 000,014,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.12 18:21:09 | 000,014,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.12 18:13:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.12 18:13:00 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys [2013.01.12 15:46:32 | 000,001,283 | ---- | M] () -- C:\Users\Jd\Desktop\Norton Installation Files.lnk [2013.01.10 03:26:07 | 000,268,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.10 03:25:24 | 001,443,737 | ---- | M] () -- C:\Windows\System32\drivers\N360\1402000.013\Cat.DB [2013.01.10 03:05:43 | 000,676,214 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.10 03:05:43 | 000,126,890 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.06 10:11:27 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS [2013.01.06 10:11:27 | 000,007,446 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT [2013.01.06 10:11:27 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF [2013.01.04 03:52:13 | 000,069,549 | ---- | M] () -- C:\Users\Jd\Desktop\61313_10151143737022666_1781801791_n.jpg [2013.01.04 03:46:16 | 000,034,290 | ---- | M] () -- C:\Users\Jd\Desktop\148939_10151160642602666_1563280116_n.jpg [2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys ========== Files Created - No Company Name ========== [2013.01.12 18:29:53 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.12 15:37:09 | 000,001,283 | ---- | C] () -- C:\Users\Jd\Desktop\Norton Installation Files.lnk [2013.01.04 03:53:12 | 000,069,549 | ---- | C] () -- C:\Users\Jd\Desktop\61313_10151143737022666_1781801791_n.jpg [2013.01.04 03:46:55 | 000,034,290 | ---- | C] () -- C:\Users\Jd\Desktop\148939_10151160642602666_1563280116_n.jpg [2012.11.03 20:32:16 | 000,006,144 | ---- | C] () -- C:\Users\Jd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.23 08:05:28 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012.09.23 07:41:34 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2011.06.10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > und die "Extras" OTL Extras logfile created on: 12.01.2013 19:54:39 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jd\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 50,89% Memory free 3,98 Gb Paging File | 2,79 Gb Available in Paging File | 70,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,66 Gb Total Space | 393,64 Gb Free Space | 84,53% Space Free | Partition Type: NTFS Computer Name: JD-PC | User Name: Jd | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1665B9EB-B99F-4426-B8A7-C247216BC7D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{26FED042-E6B4-4B02-BD66-44C69050E518}" = lport=2869 | protocol=6 | dir=in | app=system | "{303C029E-0326-42EB-86B0-062BFA81EB6C}" = rport=10243 | protocol=6 | dir=out | app=system | "{5F0D47A7-4E49-4E02-9FF9-E845FA6B5311}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{61499EB9-E2C9-45E7-AB81-27A5993CA85D}" = lport=3389 | protocol=6 | dir=in | app=system | "{649813AB-0059-4D47-8EEC-C69FE15EAA2D}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe | "{6C2D050C-4142-4184-9789-7C3451622404}" = rport=139 | protocol=6 | dir=out | app=system | "{7AF8B2FB-3570-4A27-9A53-DB1E2B371C33}" = lport=139 | protocol=6 | dir=in | app=system | "{7E7F745E-5A65-40CC-9178-5D8A48A30C8D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{8748AF68-7154-4952-8564-76A1C0AABA59}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{8F3C257A-7148-488A-B130-CFA3ECFA6899}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9631A404-C487-482A-80C5-CD8EFA52C0D3}" = lport=445 | protocol=6 | dir=in | app=system | "{97583896-06A3-4EC5-9A89-5DAB03E013ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A2216489-6FCB-4BEB-B65A-A0294F4FFAC6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A27AA20F-A3A7-4B31-9926-53250946ECC1}" = lport=10243 | protocol=6 | dir=in | app=system | "{B01A6AD4-AA00-43FA-8C98-EE41266E37E9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B67334C7-7742-4AE4-AC0B-F4EFB5BA57D2}" = lport=138 | protocol=17 | dir=in | app=system | "{B67B0219-B65E-4A76-A51D-E8D07B1A2A18}" = lport=137 | protocol=17 | dir=in | app=system | "{B98CEBF1-A3C8-4B0B-9780-C378224073FB}" = rport=445 | protocol=6 | dir=out | app=system | "{C269F01A-C381-4DEA-9DBC-D183D87C066B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{C5B60560-3B6F-45AD-B641-D7C4E2515374}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CBCC3860-AAF5-49F2-8D2A-1F2957837FA8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{E3D048D0-4C9F-4FC4-8BB8-88DA2439CEF8}" = rport=137 | protocol=17 | dir=out | app=system | "{E9AB778D-7D8D-46EC-B43B-3424B23CC4EA}" = rport=138 | protocol=17 | dir=out | app=system | "{F30A1F37-D1AD-4E12-9283-51FE6908AD5C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0147177B-399C-4454-8BB6-855BCA7D3C95}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{0B173CDA-6CD4-4729-AD87-AF845B875B8F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{0E1CA6D5-81EA-4E3D-9BB0-CFFAF7057C9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{0F328125-FC37-4599-9624-4966DF783B1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1072D377-F221-4701-8E1C-82E3D62812CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{13356DE0-3724-43CD-9FCE-2405D9F0141A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{22EEEE46-58EB-4E64-AA51-0CADCEC86E41}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3097AA5C-FFF5-49AB-9302-E0F6F77172DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5A66C682-DC5F-41F4-A937-0C449BDC9154}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6446D27E-C9A8-481C-8927-76699C94E525}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{77EAD79B-B83A-49C0-80A0-945AB83C3976}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{816FA0DA-3FEF-47D9-B2F0-7B2B17BEFB8F}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9EC39914-25D0-42B2-936F-D1F45F792376}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{AD09FF3F-EA7B-4F66-9BE7-25762077486B}" = protocol=6 | dir=out | app=system | "{BCE31B02-56E5-4578-A7D9-5D9C4A4A6C5D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{BD971C1D-6DA8-4525-B99E-C2EE20D655DE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C9C5C3F3-1599-460A-A4A2-6E88B9A39543}" = dir=in | app=c:\users\jd\appdata\local\microsoft\skydrive\skydrive.exe | "{D800E56E-C86A-453D-BE4B-9E0AA36B0FD2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DB3A9B1A-D721-4A6C-8B4D-314A169462D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{F1D52493-F9D8-4F67-96E5-978D6B07DD54}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack "{1B947146-366B-42CD-86D5-219993CE3EE2}" = Windows Live MIME IFilter "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger "{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources "{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 37 "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer "{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update "{4926AA2D-3C66-443D-A456-53AE3FA44144}" = Windows Live Family Safety "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker "{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety "{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety "{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer "{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch "{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger "{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack "{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common "{E2867240-F889-4D76-9AAF-252D9A1A623E}" = O2Micro Flash Memory Card Reader Driver (x86) "{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "CCleaner" = CCleaner "CDex" = CDex - Open Source Digital Audio CD Extractor "Creative OEM013" = Laptop Integrated Webcam Driver (1.01.01.0529) "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212 "HDMI" = Intel(R) Graphics Media Accelerator Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "N360" = Norton 360 "OneTab" = OneTab "SynTPDeinstKey" = Synaptics Pointing Device Driver "TVWiz" = Intel(R) TV Wizard "WinLiveSuite" = Windows Live Essentials ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2286783814-2036696160-2845618320-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "SkyDriveSetup.exe" = Microsoft SkyDrive ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 12.01.2013 12:59:32 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: WSCStub.exe, version: 20.2.0.19, time stamp: 0x50810276 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0x27c Faulting application start time: 0x01cdf0e63133c86c Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\WSCStub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 6f01a690-5cd9-11e2-8c09-002170c40828 Error - 12.01.2013 13:00:29 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: WSCStub.exe, version: 20.2.0.19, time stamp: 0x50810276 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0xdc0 Faulting application start time: 0x01cdf0e653053531 Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\WSCStub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 90c72c73-5cd9-11e2-8c09-002170c40828 Error - 12.01.2013 13:04:11 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: WSCStub.exe, version: 20.2.0.19, time stamp: 0x50810276 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0x9f8 Faulting application start time: 0x01cdf0e6d75a0993 Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\WSCStub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 153fb57a-5cda-11e2-8c09-002170c40828 Error - 12.01.2013 13:13:58 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: ccSvcHst.exe, version: 12.2.0.8, time stamp: 0x5075eeaf Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0x740 Faulting application start time: 0x01cdf0e82ca74c96 Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 734f7793-5cdb-11e2-a8a6-002170c40828 Error - 12.01.2013 13:14:13 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: uistub.exe, version: 20.2.0.19, time stamp: 0x5081038c Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0xce0 Faulting application start time: 0x01cdf0e83eb3ca5d Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\uistub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 7c69dabf-5cdb-11e2-a8a6-002170c40828 Error - 12.01.2013 13:14:38 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: uistub.exe, version: 20.2.0.19, time stamp: 0x5081038c Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0xd64 Faulting application start time: 0x01cdf0e84d378e69 Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\uistub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 8b056c8d-5cdb-11e2-a8a6-002170c40828 Error - 12.01.2013 13:16:06 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: WSCStub.exe, version: 20.2.0.19, time stamp: 0x50810276 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0xd10 Faulting application start time: 0x01cdf0e88174b01c Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\WSCStub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: bf76ec86-5cdb-11e2-a8a6-002170c40828 Error - 12.01.2013 13:18:53 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: WSCStub.exe, version: 20.2.0.19, time stamp: 0x50810276 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0x9e0 Faulting application start time: 0x01cdf0e8e48217ec Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\WSCStub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 22f43503-5cdc-11e2-a8a6-002170c40828 Error - 12.01.2013 13:23:19 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: WSCStub.exe, version: 20.2.0.19, time stamp: 0x50810276 Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0xcb4 Faulting application start time: 0x01cdf0e9836248c2 Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\WSCStub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: c1a04ffc-5cdc-11e2-a8a6-002170c40828 Error - 12.01.2013 13:25:45 | Computer Name = Jd-PC | Source = Application Error | ID = 1000 Description = Faulting application name: uistub.exe, version: 20.2.0.19, time stamp: 0x5081038c Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83b16 Exception code: 0xc06d007e Fault offset: 0x0000812f Faulting process id: 0x31c Faulting application start time: 0x01cdf0e9d9e44929 Faulting application path: C:\Program Files\Norton 360\Engine\20.2.0.19\uistub.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 187a1ae4-5cdd-11e2-a8a6-002170c40828 [ System Events ] Error - 12.01.2013 10:47:00 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7000 Description = The Norton 360 service failed to start due to the following error: %%1053 Error - 12.01.2013 12:24:26 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Norton 360 service to connect. Error - 12.01.2013 12:24:26 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7000 Description = The Norton 360 service failed to start due to the following error: %%1053 Error - 12.01.2013 12:46:49 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Norton 360 service to connect. Error - 12.01.2013 12:46:49 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7000 Description = The Norton 360 service failed to start due to the following error: %%1053 Error - 12.01.2013 12:46:54 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7023 Description = The Server service terminated with the following error: %%1062 Error - 12.01.2013 12:51:20 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Norton 360 service to connect. Error - 12.01.2013 12:51:20 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7000 Description = The Norton 360 service failed to start due to the following error: %%1053 Error - 12.01.2013 13:14:00 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Norton 360 service to connect. Error - 12.01.2013 13:14:00 | Computer Name = Jd-PC | Source = Service Control Manager | ID = 7000 Description = The Norton 360 service failed to start due to the following error: %%1053 < End of report > Was ist der nächste Schritt, den ich tun muss? Vielen Dank vorab! |
|
13.01.2013, 20:50
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Norton online funktioniert nicht mehr Hallo und
__________________ Zitat:
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?
__________________ |
|
13.01.2013, 21:27
| #3 |
| | Norton online funktioniert nicht mehr Hi Cosinus,
__________________ersteres ist der Fall. Bei Bedarf nutze ich das Notebook auch für Firmenzwecke. VG Schlump |
|
13.01.2013, 21:35
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Norton online funktioniert nicht mehr Firmenrechner werden hier eigentlich nicht bereinigt Siehe => http://www.trojaner-board.de/108422-...-anfragen.html Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.01.2013, 00:15
| #5 |
| | Norton online funktioniert nicht mehr Es handelt sich um meinen privaten PC, von dem ich auch "home office" mache. Also ist es kein gewerblich genutzter Rechner, wir haben auch keine IT-Abteilung. Die Professional Version habe ich nur drauf, weil mir letztes Jahr die Festplatte kaputt gegangen ist und ich netter Weise eine Lizenz von einem Kollegen bekam. |
|
14.01.2013, 08:41
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Norton online funktioniert nicht mehr Ok. Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ --> Norton online funktioniert nicht mehr |
|
14.01.2013, 19:33
| #7 |
| | Norton online funktioniert nicht mehr nein, habe ich nicht. |
|
14.01.2013, 22:13
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Norton online funktioniert nicht mehr Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.01.2013, 19:56
| #9 |
| | Norton online funktioniert nicht mehr Laut dem Scan war kein Clean up notwendig. Habe das Programm dann nur normal über "Exit" verlassen. Hier das Logfile Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.15.12
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Jd :: JD-PC [administrator]
15.01.2013 19:51:17
mbar-log-2013-01-15 (19-51-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 27342
Time elapsed: 9 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
16.01.2013, 14:21
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Norton online funktioniert nicht mehr 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.01.2013, 23:08
| #11 |
| | Norton online funktioniert nicht mehr Erst hatte der Scan mit aswMBR nach der Aktualisierung nicht funktioniert. Nachdem ich nochmals die aktuelle Version downgeloaded habe, funktionierte der Scan. Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-16 22:36:59
-----------------------------
22:36:59.508 OS Version: Windows 6.1.7601 Service Pack 1
22:36:59.508 Number of processors: 2 586 0xF0D
22:36:59.524 ComputerName: JD-PC UserName: Jd
22:37:05.670 Initialze error C000010E - driver not loaded
22:40:27.732 AVAST engine defs: 13011600
22:41:05.001 Scan error: Incorrect function.
22:41:49.239 The log file has been saved successfully to "C:\Users\Jd\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-16 22:36:24
-----------------------------
22:36:24.370 OS Version: Windows 6.1.7601 Service Pack 1
22:36:24.370 Number of processors: 2 586 0xF0D
22:36:24.510 ComputerName: JD-PC UserName: Jd
22:37:05.998 Initialize success
22:37:06.060 write error "aswEngin.dll". The process cannot access the file because it is being used by another process.
22:44:13.139 AVAST engine defs: 13011600
22:44:19.130 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
22:44:19.145 Disk 0 Vendor: ST500LM011_HM501II 2AJ10001 Size: 476940MB BusType: 11
22:44:19.161 Disk 0 MBR read successfully
22:44:19.176 Disk 0 MBR scan
22:44:19.176 Disk 0 Windows 7 default MBR code
22:44:19.239 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:44:19.254 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
22:44:19.270 Disk 0 scanning sectors +976771072
22:44:19.364 Disk 0 scanning C:\Windows\system32\drivers
22:44:33.482 Service scanning
22:45:03.070 Modules scanning
22:45:15.176 Disk 0 trace - called modules:
22:45:15.223 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
22:45:15.238 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8566f030]
22:45:15.254 3 CLASSPNP.SYS[88a0459e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x85540030]
22:45:17.547 AVAST engine scan C:\Windows
22:45:20.542 AVAST engine scan C:\Windows\system32
22:49:26.693 AVAST engine scan C:\Windows\system32\drivers
22:49:46.474 AVAST engine scan C:\Users\Jd
22:53:35.675 AVAST engine scan C:\ProgramData
22:54:16.500 Scan finished successfully
22:54:33.402 Disk 0 MBR has been saved successfully to "C:\Users\Jd\Desktop\MBR.dat"
22:54:33.418 The log file has been saved successfully to "C:\Users\Jd\Desktop\aswMBR.txt"
Der Scan mit TDDS Killer verlief ohne Probleme. Code:
ATTFilter
22:57:30.0015 3432 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:57:30.0234 3432 ============================================================
22:57:30.0234 3432 Current date / time: 2013/01/16 22:57:30.0234
22:57:30.0234 3432 SystemInfo:
22:57:30.0234 3432
22:57:30.0234 3432 OS Version: 6.1.7601 ServicePack: 1.0
22:57:30.0234 3432 Product type: Workstation
22:57:30.0234 3432 ComputerName: JD-PC
22:57:30.0234 3432 UserName: Jd
22:57:30.0234 3432 Windows directory: C:\Windows
22:57:30.0234 3432 System windows directory: C:\Windows
22:57:30.0234 3432 Processor architecture: Intel x86
22:57:30.0234 3432 Number of processors: 2
22:57:30.0234 3432 Page size: 0x1000
22:57:30.0234 3432 Boot type: Normal boot
22:57:30.0234 3432 ============================================================
22:57:31.0778 3432 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:57:31.0794 3432 ============================================================
22:57:31.0794 3432 \Device\Harddisk0\DR0:
22:57:31.0794 3432 MBR partitions:
22:57:31.0794 3432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:57:31.0794 3432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
22:57:31.0794 3432 ============================================================
22:57:31.0825 3432 C: <-> \Device\Harddisk0\DR0\Partition2
22:57:31.0825 3432 ============================================================
22:57:31.0825 3432 Initialize success
22:57:31.0825 3432 ============================================================
22:58:28.0251 3096 ============================================================
22:58:28.0251 3096 Scan started
22:58:28.0251 3096 Mode: Manual; SigCheck; TDLFS;
22:58:28.0251 3096 ============================================================
22:58:28.0750 3096 ================ Scan system memory ========================
22:58:28.0750 3096 System memory - ok
22:58:28.0750 3096 ================ Scan services =============================
22:58:28.0938 3096 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:58:29.0109 3096 1394ohci - ok
22:58:29.0156 3096 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:58:29.0203 3096 ACPI - ok
22:58:29.0250 3096 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:58:29.0312 3096 AcpiPmi - ok
22:58:29.0421 3096 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:58:29.0452 3096 AdobeARMservice - ok
22:58:29.0515 3096 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:58:29.0577 3096 adp94xx - ok
22:58:29.0593 3096 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:58:29.0640 3096 adpahci - ok
22:58:29.0655 3096 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:58:29.0686 3096 adpu320 - ok
22:58:29.0718 3096 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:58:29.0764 3096 AeLookupSvc - ok
22:58:29.0811 3096 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
22:58:29.0874 3096 AFD - ok
22:58:29.0905 3096 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
22:58:29.0936 3096 agp440 - ok
22:58:29.0983 3096 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
22:58:30.0014 3096 aic78xx - ok
22:58:30.0076 3096 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
22:58:30.0123 3096 ALG - ok
22:58:30.0154 3096 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
22:58:30.0186 3096 aliide - ok
22:58:30.0201 3096 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:58:30.0232 3096 amdagp - ok
22:58:30.0248 3096 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
22:58:30.0279 3096 amdide - ok
22:58:30.0326 3096 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:58:30.0373 3096 AmdK8 - ok
22:58:30.0373 3096 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:58:30.0420 3096 AmdPPM - ok
22:58:30.0466 3096 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:58:30.0498 3096 amdsata - ok
22:58:30.0529 3096 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:58:30.0560 3096 amdsbs - ok
22:58:30.0591 3096 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:58:30.0622 3096 amdxata - ok
22:58:30.0716 3096 [ D1AF38FBAC0DC7E6D796B0ED01707EE0 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
22:58:30.0763 3096 AppHostSvc - ok
22:58:30.0810 3096 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
22:58:30.0966 3096 AppID - ok
22:58:31.0028 3096 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:58:31.0106 3096 AppIDSvc - ok
22:58:31.0153 3096 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
22:58:31.0246 3096 Appinfo - ok
22:58:31.0418 3096 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
22:58:31.0465 3096 AppMgmt - ok
22:58:31.0512 3096 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
22:58:31.0543 3096 arc - ok
22:58:31.0558 3096 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:58:31.0590 3096 arcsas - ok
22:58:31.0621 3096 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:58:31.0761 3096 AsyncMac - ok
22:58:31.0792 3096 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
22:58:31.0824 3096 atapi - ok
22:58:31.0886 3096 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:58:31.0980 3096 AudioEndpointBuilder - ok
22:58:31.0995 3096 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:58:32.0073 3096 Audiosrv - ok
22:58:32.0120 3096 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:58:32.0167 3096 AxInstSV - ok
22:58:32.0245 3096 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
22:58:32.0307 3096 b06bdrv - ok
22:58:32.0354 3096 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:58:32.0385 3096 b57nd60x - ok
22:58:32.0526 3096 [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
22:58:32.0666 3096 BCM43XX - ok
22:58:32.0713 3096 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
22:58:32.0760 3096 BDESVC - ok
22:58:32.0806 3096 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
22:58:32.0884 3096 Beep - ok
22:58:32.0931 3096 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
22:58:33.0025 3096 BFE - ok
22:58:33.0196 3096 BHDrvx86 - ok
22:58:33.0228 3096 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
22:58:33.0337 3096 BITS - ok
22:58:33.0368 3096 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:58:33.0415 3096 blbdrive - ok
22:58:33.0446 3096 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:58:33.0477 3096 bowser - ok
22:58:33.0524 3096 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:58:33.0555 3096 BrFiltLo - ok
22:58:33.0586 3096 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:58:33.0649 3096 BrFiltUp - ok
22:58:33.0680 3096 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
22:58:33.0742 3096 Browser - ok
22:58:33.0836 3096 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:58:33.0883 3096 Brserid - ok
22:58:33.0898 3096 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:58:33.0945 3096 BrSerWdm - ok
22:58:33.0961 3096 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:58:34.0008 3096 BrUsbMdm - ok
22:58:34.0023 3096 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:58:34.0070 3096 BrUsbSer - ok
22:58:34.0101 3096 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:58:34.0148 3096 BTHMODEM - ok
22:58:34.0195 3096 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
22:58:34.0273 3096 bthserv - ok
22:58:34.0366 3096 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\Windows\system32\drivers\N360\1402000.013\ccSetx86.sys
22:58:34.0398 3096 ccSet_N360 - ok
22:58:34.0429 3096 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:58:34.0522 3096 cdfs - ok
22:58:34.0585 3096 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:58:34.0616 3096 cdrom - ok
22:58:34.0663 3096 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
22:58:34.0725 3096 CertPropSvc - ok
22:58:34.0772 3096 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:58:34.0819 3096 circlass - ok
22:58:34.0850 3096 [ 3E2AFAFA158C9ED670C106842BDCC81E ] CISVC C:\Windows\system32\CISVC.EXE
22:58:34.0897 3096 CISVC - ok
22:58:34.0959 3096 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
22:58:35.0006 3096 CLFS - ok
22:58:35.0084 3096 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:58:35.0115 3096 clr_optimization_v2.0.50727_32 - ok
22:58:35.0209 3096 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:58:35.0240 3096 clr_optimization_v4.0.30319_32 - ok
22:58:35.0271 3096 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:58:35.0318 3096 CmBatt - ok
22:58:35.0334 3096 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:58:35.0365 3096 cmdide - ok
22:58:35.0396 3096 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
22:58:35.0458 3096 CNG - ok
22:58:35.0505 3096 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:58:35.0536 3096 Compbatt - ok
22:58:35.0583 3096 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:58:35.0614 3096 CompositeBus - ok
22:58:35.0630 3096 COMSysApp - ok
22:58:35.0661 3096 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:58:35.0692 3096 crcdisk - ok
22:58:35.0755 3096 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:58:35.0802 3096 CryptSvc - ok
22:58:35.0848 3096 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
22:58:35.0895 3096 CSC - ok
22:58:35.0942 3096 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
22:58:35.0989 3096 CscService - ok
22:58:36.0020 3096 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
22:58:36.0098 3096 DcomLaunch - ok
22:58:36.0129 3096 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
22:58:36.0223 3096 defragsvc - ok
22:58:36.0270 3096 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:58:36.0363 3096 DfsC - ok
22:58:36.0441 3096 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:58:36.0488 3096 Dhcp - ok
22:58:36.0535 3096 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
22:58:36.0660 3096 discache - ok
22:58:36.0753 3096 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:58:36.0784 3096 Disk - ok
22:58:36.0831 3096 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:58:36.0878 3096 Dnscache - ok
22:58:36.0940 3096 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
22:58:37.0018 3096 dot3svc - ok
22:58:37.0050 3096 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
22:58:37.0128 3096 DPS - ok
22:58:37.0174 3096 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:58:37.0237 3096 drmkaud - ok
22:58:37.0330 3096 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:58:37.0393 3096 DXGKrnl - ok
22:58:37.0440 3096 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
22:58:37.0518 3096 EapHost - ok
22:58:37.0658 3096 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
22:58:37.0814 3096 ebdrv - ok
22:58:37.0876 3096 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:58:37.0908 3096 eeCtrl - ok
22:58:37.0939 3096 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
22:58:37.0986 3096 EFS - ok
22:58:38.0064 3096 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:58:38.0110 3096 ehRecvr - ok
22:58:38.0173 3096 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
22:58:38.0220 3096 ehSched - ok
22:58:38.0298 3096 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:58:38.0344 3096 elxstor - ok
22:58:38.0391 3096 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:58:38.0407 3096 EraserUtilRebootDrv - ok
22:58:38.0454 3096 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:58:38.0500 3096 ErrDev - ok
22:58:38.0547 3096 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
22:58:38.0641 3096 EventSystem - ok
22:58:38.0672 3096 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
22:58:38.0750 3096 exfat - ok
22:58:38.0797 3096 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:58:38.0859 3096 fastfat - ok
22:58:38.0922 3096 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
22:58:38.0968 3096 Fax - ok
22:58:39.0000 3096 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:58:39.0031 3096 fdc - ok
22:58:39.0078 3096 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
22:58:39.0140 3096 fdPHost - ok
22:58:39.0156 3096 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
22:58:39.0249 3096 FDResPub - ok
22:58:39.0296 3096 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:58:39.0327 3096 FileInfo - ok
22:58:39.0343 3096 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:58:39.0421 3096 Filetrace - ok
22:58:39.0436 3096 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:58:39.0483 3096 flpydisk - ok
22:58:39.0514 3096 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:58:39.0561 3096 FltMgr - ok
22:58:39.0608 3096 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
22:58:39.0686 3096 FontCache - ok
22:58:39.0764 3096 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:58:39.0780 3096 FontCache3.0.0.0 - ok
22:58:39.0811 3096 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:58:39.0842 3096 FsDepends - ok
22:58:39.0904 3096 [ 2ED0BABD4CD98ED820FD0D0BCBE96721 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
22:58:39.0936 3096 fssfltr - ok
22:58:40.0029 3096 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
22:58:40.0138 3096 fsssvc - ok
22:58:40.0185 3096 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:58:40.0216 3096 Fs_Rec - ok
22:58:40.0263 3096 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:58:40.0310 3096 fvevol - ok
22:58:40.0357 3096 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:58:40.0388 3096 gagp30kx - ok
22:58:40.0435 3096 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
22:58:40.0528 3096 gpsvc - ok
22:58:40.0560 3096 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:58:40.0622 3096 hcw85cir - ok
22:58:40.0669 3096 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:58:40.0716 3096 HdAudAddService - ok
22:58:40.0762 3096 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:58:40.0809 3096 HDAudBus - ok
22:58:40.0825 3096 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:58:40.0856 3096 HidBatt - ok
22:58:40.0903 3096 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:58:40.0950 3096 HidBth - ok
22:58:40.0981 3096 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:58:41.0043 3096 HidIr - ok
22:58:41.0059 3096 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
22:58:41.0152 3096 hidserv - ok
22:58:41.0199 3096 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:58:41.0246 3096 HidUsb - ok
22:58:41.0262 3096 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:58:41.0355 3096 hkmsvc - ok
22:58:41.0386 3096 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:58:41.0433 3096 HomeGroupListener - ok
22:58:41.0480 3096 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:58:41.0542 3096 HomeGroupProvider - ok
22:58:41.0574 3096 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:58:41.0605 3096 HpSAMD - ok
22:58:41.0683 3096 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:58:41.0761 3096 HTTP - ok
22:58:41.0823 3096 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:58:41.0854 3096 hwpolicy - ok
22:58:41.0901 3096 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:58:41.0932 3096 i8042prt - ok
22:58:41.0979 3096 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:58:42.0026 3096 iaStorV - ok
22:58:42.0088 3096 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:58:42.0151 3096 idsvc - ok
22:58:42.0182 3096 IDSVix86 - ok
22:58:42.0432 3096 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:58:42.0728 3096 igfx - ok
22:58:42.0790 3096 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:58:42.0822 3096 iirsp - ok
22:58:42.0884 3096 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
22:58:42.0993 3096 IKEEXT - ok
22:58:43.0040 3096 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
22:58:43.0071 3096 intelide - ok
22:58:43.0118 3096 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:58:43.0149 3096 intelppm - ok
22:58:43.0196 3096 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:58:43.0290 3096 IPBusEnum - ok
22:58:43.0321 3096 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:58:43.0399 3096 IpFilterDriver - ok
22:58:43.0461 3096 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:58:43.0524 3096 iphlpsvc - ok
22:58:43.0555 3096 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:58:43.0602 3096 IPMIDRV - ok
22:58:43.0648 3096 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:58:43.0742 3096 IPNAT - ok
22:58:43.0758 3096 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:58:43.0820 3096 IRENUM - ok
22:58:43.0851 3096 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:58:43.0882 3096 isapnp - ok
22:58:43.0929 3096 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:58:43.0960 3096 iScsiPrt - ok
22:58:43.0992 3096 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:58:44.0023 3096 kbdclass - ok
22:58:44.0070 3096 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:58:44.0101 3096 kbdhid - ok
22:58:44.0116 3096 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
22:58:44.0163 3096 KeyIso - ok
22:58:44.0241 3096 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:58:44.0272 3096 KSecDD - ok
22:58:44.0304 3096 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:58:44.0335 3096 KSecPkg - ok
22:58:44.0382 3096 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
22:58:44.0475 3096 KtmRm - ok
22:58:44.0538 3096 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
22:58:44.0616 3096 LanmanServer - ok
22:58:44.0662 3096 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:58:44.0740 3096 LanmanWorkstation - ok
22:58:44.0787 3096 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:58:44.0881 3096 lltdio - ok
22:58:44.0912 3096 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:58:45.0006 3096 lltdsvc - ok
22:58:45.0021 3096 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
22:58:45.0099 3096 lmhosts - ok
22:58:45.0146 3096 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:58:45.0177 3096 LSI_FC - ok
22:58:45.0193 3096 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:58:45.0224 3096 LSI_SAS - ok
22:58:45.0240 3096 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:58:45.0271 3096 LSI_SAS2 - ok
22:58:45.0286 3096 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:58:45.0318 3096 LSI_SCSI - ok
22:58:45.0349 3096 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
22:58:45.0427 3096 luafv - ok
22:58:45.0474 3096 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:58:45.0505 3096 MBAMProtector - ok
22:58:45.0552 3096 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:58:45.0598 3096 MBAMScheduler - ok
22:58:45.0630 3096 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:58:45.0676 3096 MBAMService - ok
22:58:45.0708 3096 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:58:45.0754 3096 Mcx2Svc - ok
22:58:45.0786 3096 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:58:45.0817 3096 megasas - ok
22:58:45.0832 3096 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:58:45.0879 3096 MegaSR - ok
22:58:45.0926 3096 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
22:58:46.0020 3096 MMCSS - ok
22:58:46.0051 3096 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
22:58:46.0129 3096 Modem - ok
22:58:46.0144 3096 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:58:46.0207 3096 monitor - ok
22:58:46.0222 3096 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:58:46.0254 3096 mouclass - ok
22:58:46.0285 3096 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:58:46.0332 3096 mouhid - ok
22:58:46.0378 3096 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:58:46.0410 3096 mountmgr - ok
22:58:46.0425 3096 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
22:58:46.0472 3096 mpio - ok
22:58:46.0488 3096 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:58:46.0550 3096 mpsdrv - ok
22:58:46.0597 3096 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:58:46.0706 3096 MpsSvc - ok
22:58:46.0753 3096 [ A5888C609EFCC07B060DD823FA3D474A ] MQAC C:\Windows\system32\drivers\mqac.sys
22:58:46.0800 3096 MQAC - ok
22:58:46.0831 3096 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:58:46.0878 3096 MRxDAV - ok
22:58:46.0924 3096 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:58:46.0971 3096 mrxsmb - ok
22:58:47.0002 3096 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:58:47.0034 3096 mrxsmb10 - ok
22:58:47.0049 3096 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:58:47.0096 3096 mrxsmb20 - ok
22:58:47.0143 3096 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
22:58:47.0190 3096 msahci - ok
22:58:47.0221 3096 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:58:47.0252 3096 msdsm - ok
22:58:47.0283 3096 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
22:58:47.0330 3096 MSDTC - ok
22:58:47.0392 3096 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:58:47.0455 3096 Msfs - ok
22:58:47.0470 3096 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:58:47.0548 3096 mshidkmdf - ok
22:58:47.0580 3096 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:58:47.0611 3096 msisadrv - ok
22:58:47.0642 3096 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:58:47.0720 3096 MSiSCSI - ok
22:58:47.0736 3096 msiserver - ok
22:58:47.0782 3096 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:58:47.0860 3096 MSKSSRV - ok
22:58:47.0892 3096 [ E582B9E88EF4980C3B76276620FE667B ] MSMQ C:\Windows\system32\mqsvc.exe
22:58:47.0938 3096 MSMQ - ok
22:58:47.0970 3096 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:58:48.0048 3096 MSPCLOCK - ok
22:58:48.0048 3096 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:58:48.0126 3096 MSPQM - ok
22:58:48.0172 3096 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:58:48.0204 3096 MsRPC - ok
22:58:48.0250 3096 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:58:48.0282 3096 mssmbios - ok
22:58:48.0297 3096 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:58:48.0375 3096 MSTEE - ok
22:58:48.0406 3096 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:58:48.0453 3096 MTConfig - ok
22:58:48.0500 3096 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
22:58:48.0531 3096 Mup - ok
22:58:48.0594 3096 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe
22:58:48.0625 3096 N360 - ok
22:58:48.0656 3096 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
22:58:48.0750 3096 napagent - ok
22:58:48.0812 3096 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:58:48.0859 3096 NativeWifiP - ok
22:58:48.0890 3096 NAVENG - ok
22:58:48.0906 3096 NAVEX15 - ok
22:58:48.0952 3096 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:58:48.0999 3096 NDIS - ok
22:58:49.0030 3096 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:58:49.0093 3096 NdisCap - ok
22:58:49.0140 3096 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:58:49.0218 3096 NdisTapi - ok
22:58:49.0264 3096 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:58:49.0327 3096 Ndisuio - ok
22:58:49.0358 3096 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:58:49.0420 3096 NdisWan - ok
22:58:49.0467 3096 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:58:49.0530 3096 NDProxy - ok
22:58:49.0545 3096 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:58:49.0623 3096 NetBIOS - ok
22:58:49.0670 3096 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:58:49.0748 3096 NetBT - ok
22:58:49.0779 3096 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
22:58:49.0810 3096 Netlogon - ok
22:58:49.0873 3096 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
22:58:49.0951 3096 Netman - ok
22:58:49.0966 3096 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
22:58:50.0060 3096 netprofm - ok
22:58:50.0091 3096 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:58:50.0107 3096 NetTcpPortSharing - ok
22:58:50.0154 3096 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:58:50.0185 3096 nfrd960 - ok
22:58:50.0216 3096 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:58:50.0278 3096 NlaSvc - ok
22:58:50.0310 3096 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:58:50.0372 3096 Npfs - ok
22:58:50.0403 3096 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
22:58:50.0481 3096 nsi - ok
22:58:50.0497 3096 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:58:50.0575 3096 nsiproxy - ok
22:58:50.0668 3096 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:58:50.0746 3096 Ntfs - ok
22:58:50.0778 3096 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
22:58:50.0856 3096 Null - ok
22:58:50.0902 3096 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:58:50.0934 3096 nvraid - ok
22:58:50.0965 3096 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:58:51.0012 3096 nvstor - ok
22:58:51.0027 3096 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:58:51.0058 3096 nv_agp - ok
22:58:51.0121 3096 [ BBD5503999F331278DB39046888D559C ] o2flash C:\Windows\system32\DRIVERS\o2flash.exe
22:58:51.0136 3096 o2flash - ok
22:58:51.0168 3096 [ 305E0EC480EBC7A24D4B691DA76E008C ] O2MDRDR C:\Windows\system32\DRIVERS\o2media.sys
22:58:51.0183 3096 O2MDRDR - ok
22:58:51.0214 3096 [ 6E590C91F97AE5E3408453C8AE9A3000 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sd.sys
22:58:51.0230 3096 O2SDRDR - ok
22:58:51.0261 3096 [ 86326062A90494BDD79CE383511D7D69 ] OEM13Vfx C:\Windows\system32\DRIVERS\OEM13Vfx.sys
22:58:51.0308 3096 OEM13Vfx - ok
22:58:51.0324 3096 [ 12539B57ED05DE7552403A12B3E0161C ] OEM13Vid C:\Windows\system32\DRIVERS\OEM13Vid.sys
22:58:51.0370 3096 OEM13Vid - ok
22:58:51.0402 3096 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:58:51.0448 3096 ohci1394 - ok
22:58:51.0495 3096 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:58:51.0558 3096 p2pimsvc - ok
22:58:51.0589 3096 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
22:58:51.0651 3096 p2psvc - ok
22:58:51.0682 3096 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:58:51.0714 3096 Parport - ok
22:58:51.0760 3096 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:58:51.0792 3096 partmgr - ok
22:58:51.0807 3096 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
22:58:51.0854 3096 Parvdm - ok
22:58:51.0901 3096 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:58:51.0948 3096 PcaSvc - ok
22:58:51.0963 3096 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
22:58:51.0994 3096 pci - ok
22:58:52.0026 3096 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
22:58:52.0057 3096 pciide - ok
22:58:52.0088 3096 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:58:52.0119 3096 pcmcia - ok
22:58:52.0150 3096 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
22:58:52.0182 3096 pcw - ok
22:58:52.0260 3096 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:58:52.0369 3096 PEAUTH - ok
22:58:52.0431 3096 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:58:52.0494 3096 PeerDistSvc - ok
22:58:52.0603 3096 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
22:58:52.0728 3096 pla - ok
22:58:52.0774 3096 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:58:52.0852 3096 PlugPlay - ok
22:58:52.0884 3096 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:58:52.0930 3096 PNRPAutoReg - ok
22:58:52.0962 3096 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:58:53.0008 3096 PNRPsvc - ok
22:58:53.0055 3096 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:58:53.0149 3096 PolicyAgent - ok
22:58:53.0211 3096 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
22:58:53.0274 3096 Power - ok
22:58:53.0320 3096 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:58:53.0414 3096 PptpMiniport - ok
22:58:53.0445 3096 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:58:53.0476 3096 Processor - ok
22:58:53.0508 3096 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
22:58:53.0554 3096 ProfSvc - ok
22:58:53.0586 3096 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:58:53.0617 3096 ProtectedStorage - ok
22:58:53.0632 3096 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:58:53.0710 3096 Psched - ok
22:58:53.0773 3096 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:58:53.0866 3096 ql2300 - ok
22:58:53.0882 3096 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:58:53.0913 3096 ql40xx - ok
22:58:53.0944 3096 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
22:58:54.0007 3096 QWAVE - ok
22:58:54.0038 3096 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:58:54.0085 3096 QWAVEdrv - ok
22:58:54.0116 3096 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:58:54.0194 3096 RasAcd - ok
22:58:54.0225 3096 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:58:54.0303 3096 RasAgileVpn - ok
22:58:54.0319 3096 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
22:58:54.0397 3096 RasAuto - ok
22:58:54.0412 3096 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:58:54.0490 3096 Rasl2tp - ok
22:58:54.0537 3096 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
22:58:54.0615 3096 RasMan - ok
22:58:54.0646 3096 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:58:54.0709 3096 RasPppoe - ok
22:58:54.0740 3096 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:58:54.0818 3096 RasSstp - ok
22:58:54.0880 3096 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:58:54.0958 3096 rdbss - ok
22:58:54.0990 3096 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:58:55.0021 3096 rdpbus - ok
22:58:55.0052 3096 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:58:55.0114 3096 RDPCDD - ok
22:58:55.0146 3096 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:58:55.0192 3096 RDPDR - ok
22:58:55.0208 3096 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:58:55.0286 3096 RDPENCDD - ok
22:58:55.0317 3096 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:58:55.0395 3096 RDPREFMP - ok
22:58:55.0426 3096 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:58:55.0473 3096 RDPWD - ok
22:58:55.0520 3096 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:58:55.0567 3096 rdyboost - ok
22:58:55.0598 3096 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
22:58:55.0692 3096 RemoteAccess - ok
22:58:55.0738 3096 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:58:55.0816 3096 RemoteRegistry - ok
22:58:55.0848 3096 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:58:55.0926 3096 RpcEptMapper - ok
22:58:55.0941 3096 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
22:58:55.0988 3096 RpcLocator - ok
22:58:56.0019 3096 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
22:58:56.0097 3096 RpcSs - ok
22:58:56.0144 3096 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:58:56.0222 3096 rspndr - ok
22:58:56.0269 3096 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
22:58:56.0316 3096 RTL8167 - ok
22:58:56.0347 3096 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:58:56.0378 3096 s3cap - ok
22:58:56.0409 3096 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
22:58:56.0440 3096 SamSs - ok
22:58:56.0472 3096 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:58:56.0503 3096 sbp2port - ok
22:58:56.0550 3096 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:58:56.0643 3096 SCardSvr - ok
22:58:56.0690 3096 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:58:56.0752 3096 scfilter - ok
22:58:56.0799 3096 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
22:58:56.0908 3096 Schedule - ok
22:58:56.0940 3096 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:58:57.0002 3096 SCPolicySvc - ok
22:58:57.0049 3096 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
22:58:57.0096 3096 sdbus - ok
22:58:57.0127 3096 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:58:57.0174 3096 SDRSVC - ok
22:58:57.0252 3096 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:58:57.0330 3096 secdrv - ok
22:58:57.0376 3096 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
22:58:57.0454 3096 seclogon - ok
22:58:57.0517 3096 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
22:58:57.0626 3096 SENS - ok
22:58:57.0657 3096 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:58:57.0704 3096 SensrSvc - ok
22:58:57.0720 3096 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:58:57.0751 3096 Serenum - ok
22:58:57.0782 3096 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:58:57.0813 3096 Serial - ok
22:58:57.0844 3096 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:58:57.0891 3096 sermouse - ok
22:58:57.0938 3096 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
22:58:58.0047 3096 SessionEnv - ok
22:58:58.0078 3096 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:58:58.0125 3096 sffdisk - ok
22:58:58.0141 3096 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:58:58.0188 3096 sffp_mmc - ok
22:58:58.0203 3096 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:58:58.0250 3096 sffp_sd - ok
22:58:58.0281 3096 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:58:58.0328 3096 sfloppy - ok
22:58:58.0375 3096 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:58:58.0453 3096 SharedAccess - ok
22:58:58.0484 3096 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:58:58.0578 3096 ShellHWDetection - ok
22:58:58.0609 3096 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:58:58.0640 3096 sisagp - ok
22:58:58.0671 3096 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:58:58.0702 3096 SiSRaid2 - ok
22:58:58.0718 3096 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:58:58.0749 3096 SiSRaid4 - ok
22:58:58.0796 3096 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:58:58.0827 3096 SkypeUpdate - ok
22:58:58.0858 3096 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:58:58.0921 3096 Smb - ok
22:58:58.0999 3096 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:58:59.0046 3096 SNMPTRAP - ok
22:58:59.0061 3096 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
22:58:59.0092 3096 spldr - ok
22:58:59.0139 3096 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
22:58:59.0202 3096 Spooler - ok
22:58:59.0326 3096 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
22:58:59.0514 3096 sppsvc - ok
22:58:59.0560 3096 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:58:59.0623 3096 sppuinotify - ok
22:58:59.0685 3096 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\Windows\system32\drivers\N360\1402000.013\SRTSP.SYS
22:58:59.0732 3096 SRTSP - ok
22:58:59.0779 3096 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\Windows\system32\drivers\N360\1402000.013\SRTSPX.SYS
22:58:59.0794 3096 SRTSPX - ok
22:58:59.0841 3096 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:58:59.0888 3096 srv - ok
22:58:59.0919 3096 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:58:59.0982 3096 srv2 - ok
22:59:00.0013 3096 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:59:00.0044 3096 srvnet - ok
22:59:00.0091 3096 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:59:00.0169 3096 SSDPSRV - ok
22:59:00.0200 3096 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:59:00.0278 3096 SstpSvc - ok
22:59:00.0309 3096 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:59:00.0340 3096 stexstor - ok
22:59:00.0372 3096 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
22:59:00.0450 3096 StiSvc - ok
22:59:00.0481 3096 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:59:00.0512 3096 storflt - ok
22:59:00.0543 3096 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
22:59:00.0574 3096 StorSvc - ok
22:59:00.0606 3096 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:59:00.0637 3096 storvsc - ok
22:59:00.0652 3096 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
22:59:00.0684 3096 swenum - ok
22:59:00.0730 3096 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
22:59:00.0824 3096 swprv - ok
22:59:00.0871 3096 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\Windows\system32\drivers\N360\1402000.013\SYMDS.SYS
22:59:00.0902 3096 SymDS - ok
22:59:00.0964 3096 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\Windows\system32\drivers\N360\1402000.013\SYMEFA.SYS
22:59:01.0027 3096 SymEFA - ok
22:59:01.0074 3096 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
22:59:01.0105 3096 SymEvent - ok
22:59:01.0136 3096 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\N360\1402000.013\Ironx86.SYS
22:59:01.0167 3096 SymIRON - ok
22:59:01.0214 3096 [ 21698476A90ACAA056B8CFE09A82785F ] SymNetS C:\Windows\system32\drivers\N360\1402000.013\SYMNETS.SYS
22:59:01.0245 3096 SymNetS - ok
22:59:01.0308 3096 [ 964524A9EDCCE945E82419ABE9DB94EE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:59:01.0323 3096 SynTP - ok
22:59:01.0401 3096 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
22:59:01.0479 3096 SysMain - ok
22:59:01.0510 3096 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:59:01.0557 3096 TabletInputService - ok
22:59:01.0604 3096 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
22:59:01.0698 3096 TapiSrv - ok
22:59:01.0744 3096 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
22:59:01.0838 3096 TBS - ok
22:59:01.0900 3096 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:59:01.0978 3096 Tcpip - ok
22:59:02.0041 3096 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:59:02.0119 3096 TCPIP6 - ok
22:59:02.0150 3096 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:59:02.0197 3096 tcpipreg - ok
22:59:02.0244 3096 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:59:02.0275 3096 TDPIPE - ok
22:59:02.0306 3096 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:59:02.0353 3096 TDTCP - ok
22:59:02.0400 3096 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:59:02.0478 3096 tdx - ok
22:59:02.0509 3096 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:59:02.0540 3096 TermDD - ok
22:59:02.0602 3096 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
22:59:02.0696 3096 TermService - ok
22:59:02.0743 3096 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
22:59:02.0790 3096 Themes - ok
22:59:02.0821 3096 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
22:59:02.0899 3096 THREADORDER - ok
22:59:02.0946 3096 [ CE92B84ED806F1C5C340A51DFD3E49BC ] TlntSvr C:\Windows\System32\tlntsvr.exe
22:59:02.0992 3096 TlntSvr - ok
22:59:03.0024 3096 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
22:59:03.0102 3096 TrkWks - ok
22:59:03.0195 3096 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:59:03.0258 3096 TrustedInstaller - ok
22:59:03.0289 3096 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:59:03.0351 3096 tssecsrv - ok
22:59:03.0398 3096 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:59:03.0429 3096 TsUsbFlt - ok
22:59:03.0492 3096 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:59:03.0554 3096 tunnel - ok
22:59:03.0585 3096 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:59:03.0616 3096 uagp35 - ok
22:59:03.0648 3096 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:59:03.0726 3096 udfs - ok
22:59:03.0804 3096 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:59:03.0850 3096 UI0Detect - ok
22:59:03.0882 3096 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:59:03.0913 3096 uliagpkx - ok
22:59:03.0944 3096 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:59:03.0975 3096 umbus - ok
22:59:04.0022 3096 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:59:04.0078 3096 UmPass - ok
22:59:04.0118 3096 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
22:59:04.0158 3096 UmRdpService - ok
22:59:04.0188 3096 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
22:59:04.0278 3096 upnphost - ok
22:59:04.0308 3096 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:59:04.0348 3096 usbccgp - ok
22:59:04.0378 3096 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:59:04.0418 3096 usbcir - ok
22:59:04.0448 3096 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:59:04.0478 3096 usbehci - ok
22:59:04.0508 3096 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:59:04.0568 3096 usbhub - ok
22:59:04.0598 3096 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:59:04.0638 3096 usbohci - ok
22:59:04.0668 3096 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:59:04.0708 3096 usbprint - ok
22:59:04.0718 3096 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:59:04.0778 3096 USBSTOR - ok
22:59:04.0808 3096 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:59:04.0838 3096 usbuhci - ok
22:59:04.0878 3096 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:59:04.0918 3096 usbvideo - ok
22:59:04.0948 3096 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
22:59:05.0018 3096 UxSms - ok
22:59:05.0028 3096 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
22:59:05.0058 3096 VaultSvc - ok
22:59:05.0088 3096 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:59:05.0118 3096 vdrvroot - ok
22:59:05.0168 3096 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
22:59:05.0268 3096 vds - ok
22:59:05.0298 3096 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:59:05.0348 3096 vga - ok
22:59:05.0378 3096 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:59:05.0438 3096 VgaSave - ok
22:59:05.0468 3096 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:59:05.0508 3096 vhdmp - ok
22:59:05.0608 3096 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:59:05.0638 3096 viaagp - ok
22:59:05.0658 3096 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
22:59:05.0708 3096 ViaC7 - ok
22:59:05.0738 3096 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
22:59:05.0768 3096 viaide - ok
22:59:05.0798 3096 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:59:05.0838 3096 vmbus - ok
22:59:05.0858 3096 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:59:05.0888 3096 VMBusHID - ok
22:59:05.0908 3096 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:59:05.0938 3096 volmgr - ok
22:59:05.0968 3096 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:59:06.0008 3096 volmgrx - ok
22:59:06.0038 3096 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:59:06.0079 3096 volsnap - ok
22:59:06.0110 3096 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:59:06.0141 3096 vsmraid - ok
22:59:06.0204 3096 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
22:59:06.0313 3096 VSS - ok
22:59:06.0328 3096 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:59:06.0391 3096 vwifibus - ok
22:59:06.0422 3096 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:59:06.0469 3096 vwififlt - ok
22:59:06.0547 3096 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
22:59:06.0625 3096 W32Time - ok
22:59:06.0687 3096 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
22:59:06.0734 3096 W3SVC - ok
22:59:06.0765 3096 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:59:06.0796 3096 WacomPen - ok
22:59:06.0828 3096 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:59:06.0906 3096 WANARP - ok
22:59:06.0906 3096 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:59:06.0968 3096 Wanarpv6 - ok
22:59:06.0984 3096 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
22:59:07.0030 3096 WAS - ok
22:59:07.0093 3096 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
22:59:07.0171 3096 wbengine - ok
22:59:07.0218 3096 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:59:07.0296 3096 WbioSrvc - ok
22:59:07.0342 3096 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:59:07.0389 3096 wcncsvc - ok
22:59:07.0420 3096 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:59:07.0467 3096 WcsPlugInService - ok
22:59:07.0498 3096 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:59:07.0530 3096 Wd - ok
22:59:07.0561 3096 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:59:07.0623 3096 Wdf01000 - ok
22:59:07.0639 3096 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:59:07.0701 3096 WdiServiceHost - ok
22:59:07.0717 3096 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:59:07.0748 3096 WdiSystemHost - ok
22:59:07.0810 3096 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
22:59:07.0873 3096 WebClient - ok
22:59:07.0920 3096 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:59:07.0998 3096 Wecsvc - ok
22:59:08.0044 3096 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:59:08.0138 3096 wercplsupport - ok
22:59:08.0169 3096 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
22:59:08.0263 3096 WerSvc - ok
22:59:08.0310 3096 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:59:08.0372 3096 WfpLwf - ok
22:59:08.0403 3096 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:59:08.0434 3096 WIMMount - ok
22:59:08.0512 3096 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:59:08.0590 3096 WinDefend - ok
22:59:08.0590 3096 WinHttpAutoProxySvc - ok
22:59:08.0653 3096 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:59:08.0731 3096 Winmgmt - ok
22:59:08.0793 3096 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
22:59:08.0918 3096 WinRM - ok
22:59:08.0980 3096 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:59:09.0027 3096 WinUsb - ok
22:59:09.0090 3096 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:59:09.0183 3096 Wlansvc - ok
22:59:09.0308 3096 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:59:09.0417 3096 wlidsvc - ok
22:59:09.0464 3096 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:59:09.0511 3096 WmiAcpi - ok
22:59:09.0542 3096 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:59:09.0589 3096 wmiApSrv - ok
22:59:09.0698 3096 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:59:09.0792 3096 WMPNetworkSvc - ok
22:59:09.0823 3096 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:59:09.0870 3096 WPCSvc - ok
22:59:09.0901 3096 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:59:09.0948 3096 WPDBusEnum - ok
22:59:09.0963 3096 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:59:10.0057 3096 ws2ifsl - ok
22:59:10.0104 3096 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
22:59:10.0150 3096 wscsvc - ok
22:59:10.0150 3096 WSearch - ok
22:59:10.0260 3096 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:59:10.0369 3096 wuauserv - ok
22:59:10.0416 3096 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:59:10.0447 3096 WudfPf - ok
22:59:10.0494 3096 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:59:10.0540 3096 WUDFRd - ok
22:59:10.0572 3096 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:59:10.0603 3096 wudfsvc - ok
22:59:10.0650 3096 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:59:10.0696 3096 WwanSvc - ok
22:59:10.0712 3096 ================ Scan global ===============================
22:59:10.0743 3096 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:59:10.0790 3096 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
22:59:10.0806 3096 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
22:59:10.0852 3096 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:59:10.0884 3096 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:59:10.0899 3096 [Global] - ok
22:59:10.0899 3096 ================ Scan MBR ==================================
22:59:10.0915 3096 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:59:11.0211 3096 \Device\Harddisk0\DR0 - ok
22:59:11.0211 3096 ================ Scan VBR ==================================
22:59:11.0211 3096 [ FB29D0FC80C3497CBCE0B802BA2DF6F2 ] \Device\Harddisk0\DR0\Partition1
22:59:11.0211 3096 \Device\Harddisk0\DR0\Partition1 - ok
22:59:11.0258 3096 [ E1672D93B9F69F4CF99FFD50D90E6958 ] \Device\Harddisk0\DR0\Partition2
22:59:11.0258 3096 \Device\Harddisk0\DR0\Partition2 - ok
22:59:11.0258 3096 ============================================================
22:59:11.0258 3096 Scan finished
22:59:11.0258 3096 ============================================================
22:59:11.0289 3048 Detected object count: 0
22:59:11.0289 3048 Actual detected object count: 0
|
|
21.01.2013, 11:45
| #12 |
| | Norton online funktioniert nicht mehr Hoffe erholsames WE gehabt zu haben. Dies ist eine Erinnung |
|
21.01.2013, 11:47
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Norton online funktioniert nicht mehr Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.01.2013, 23:30
| #14 |
| | Norton online funktioniert nicht mehr hat alles funktioniert. [code] Combofix Logfile: Code:
ATTFilter ComboFix 13-01-21.04 - Jd 21.01.2013 23:15:56.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1033.18.2038.1296 [GMT 1:00]
ausgeführt von:: c:\users\Jd\Desktop\ComboFix.exe
AV: Norton 360 Online *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Online *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Online *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jd\4.0
c:\users\Jd\AppData\Roaming\OneTab\OnETab.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-21 bis 2013-01-21 ))))))))))))))))))))))))))))))
.
.
2013-01-18 19:42 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2C5587EB-8C59-469F-BC6E-6CCC494F7B12}\mpengine.dll
2013-01-12 17:30 . 2013-01-12 17:30 -------- d-----w- c:\users\Jd\AppData\Roaming\Malwarebytes
2013-01-12 17:29 . 2013-01-12 17:29 -------- d-----w- c:\programdata\Malwarebytes
2013-01-12 17:29 . 2013-01-12 17:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-12 17:29 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-12 17:29 . 2013-01-12 17:29 -------- d-----w- c:\users\Jd\AppData\Local\Programs
2013-01-12 17:24 . 2013-01-12 17:24 -------- d-----w- c:\program files\CCleaner
2013-01-12 17:03 . 2013-01-12 17:03 -------- d-----w- c:\windows\system32\SDA
2013-01-12 17:03 . 2013-01-12 17:03 -------- d-----w- c:\program files\O2Micro Flash Memory Card Driver
2013-01-09 22:06 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 22:06 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 22:06 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 22:06 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 22:03 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 22:03 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-07 18:10 . 2013-01-08 19:02 -------- d-----w- c:\windows\system32\drivers\N360\1402000.013
2013-01-06 18:38 . 2013-01-06 18:39 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2013-01-06 18:38 . 2013-01-06 18:38 -------- d-----w- c:\program files\DVDVideoSoft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-21 22:00 . 2012-10-15 21:15 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-01-06 09:11 . 2012-10-13 08:22 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-12-16 14:13 . 2012-12-21 01:42 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 01:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-14 02:09 . 2012-12-13 02:02 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-13 02:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 02:02 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-13 02:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 02:02 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-13 02:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 22:36 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11 . 2012-12-12 22:37 376832 ----a-w- c:\windows\system32\dpnet.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-14 09:48 220632 ----a-w- c:\users\Jd\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-14 09:48 220632 ----a-w- c:\users\Jd\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-14 09:48 220632 ----a-w- c:\users\Jd\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136]
"OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-01-07 36864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM13Mon.exe]
2008-01-07 15:00 36864 ----a-w- c:\windows\OEM13Mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-11-09 10:27 17877168 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 N360;Norton 360;c:\program files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20120928.001\BHDrvx86.sys [x]
R3 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1402000.013\ccSetx86.sys [x]
R3 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20120901.001\IDSVix86.sys [x]
R3 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1402000.013\SYMDS.SYS [x]
R3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1402000.013\SYMEFA.SYS [x]
R3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1402000.013\Ironx86.SYS [x]
R3 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\N360\1402000.013\SYMNETS.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [x]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [x]
S3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys [x]
S3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Free YouTube to MP3 Converter - c:\users\Jd\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-download beast - c:\program files\Download Beast\DownloadBeast.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2286783814-2036696160-2845618320-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2286783814-2036696160-2845618320-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-21 23:25:38
ComboFix-quarantined-files.txt 2013-01-21 22:25
.
Vor Suchlauf: 422.031.048.704 bytes free
Nach Suchlauf: 421.573.980.160 bytes free
.
- - End Of File - - A19CCF7E2B735E9D61BED3B0BB8FA2B5
|
|
22.01.2013, 10:35
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Norton online funktioniert nicht mehr Kurze Zwischenfrage, wie sieht es mit dem Ursprungsproblem aus? => Norton online funktioniert nicht mehr
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Norton online funktioniert nicht mehr |
| adobe, autorun, bho, converter, defender, explorer, failed, firefox, flash player, format, ftp, funktioniert nicht mehr, helper, install.exe, installation, internet, logfile, mp3, object, plug-in, registry, rundll, scan, schannel.dll, security, software, svchost.exe, symantec, taskhost.exe, virus |
Linear-Darstellung
