| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Facebook, Youtube , Google, etc durch Surveys gesperrt!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.03.2013, 14:56
| #1 |
 |  Facebook, Youtube , Google, etc durch Surveys gesperrt! Hey, ich habe mir gestern was runtergeladen - so etwa um 16:00 Uhr, dann hat es eine Zeit lang gedauert, und ich wollte bei Facebook vorbeigucken. Doch dann das. Facebook, google, tumblr usw, sind gesperrt, bitte verifzieren sie sich das sie "menschlich" sind. Ich schätze das das ein trojaner ist, bin mir aber nicht sicher, ich hab auch schon Norton drüber laufen lassen, der hat aber nichts gefunden. Ich hoffe ihr könnt mir helfen, ihr seid meine letzte Hoffnung   |
|
01.03.2013, 16:34
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Facebook, Youtube , Google, etc durch Surveys gesperrt! Hallo und
__________________ Zitat:
Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ Geändert von cosinus (01.03.2013 um 16:45 Uhr) |
|
01.03.2013, 17:01
| #3 |
| | Facebook, Youtube , Google, etc durch Surveys gesperrt! Ich hab mal wieder ein bisschen rumprobiert mit Minecraft - es war ein Youtube download und ich hab mir dabei nichts weiter gedacht, ich habs entpackt und bin auf die Datein drauf geganen.
__________________- Ein Problem ich habs weils nicht funktioniert hat zum gleichen Zeitpunkt wieder gelöscht und mit "Eraser" durchgeschreddert... OTL Logfile: Code:
ATTFilter OTL logfile created on: 01.03.2013 16:50:09 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobi\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 66,21% Memory free 6,00 Gb Paging File | 4,24 Gb Available in Paging File | 70,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 869,32 Gb Total Space | 639,91 Gb Free Space | 73,61% Space Free | Partition Type: NTFS Drive E: | 1862,56 Gb Total Space | 1514,36 Gb Free Space | 81,31% Space Free | Partition Type: FAT32 Drive F: | 14,95 Gb Total Space | 8,12 Gb Free Space | 54,27% Space Free | Partition Type: FAT32 Drive H: | 61,80 Gb Total Space | 61,70 Gb Free Space | 99,84% Space Free | Partition Type: NTFS Computer Name: TOBI-PC | User Name: Tobi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tobi\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Users\Tobi\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) PRC - C:\Users\Tobi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Programme\Norton 360\Engine\20.2.1.22\ccsvchst.exe (Symantec Corporation) PRC - C:\Programme\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated) PRC - C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Unlocker\UnlockerAssistant.exe () PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_171.dll () MOD - C:\Users\Tobi\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Tobi\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll () MOD - C:\Users\Tobi\AppData\Local\Google\Chrome\Application\25.0.1364.97\libglesv2.dll () MOD - C:\Users\Tobi\AppData\Local\Google\Chrome\Application\25.0.1364.97\libegl.dll () MOD - C:\Users\Tobi\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Users\Tobi\AppData\Roaming\Spotify\Data\libcef.dll () MOD - C:\Programme\Norton 360\Engine\20.2.1.22\wincfi39.dll () MOD - C:\Programme\Unlocker\UnlockerHook.dll () MOD - C:\Programme\Unlocker\UnlockerAssistant.exe () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (N360) -- C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe (Symantec Corporation) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (UMVPFSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (SwitchBoard) -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (SMR311) -- C:\Windows\System32\drivers\SMR311.SYS (Symantec Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130228.024\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130228.024\NAVENG.SYS (Symantec Corporation) DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130228.001\IDSvix86.sys (Symantec Corporation) DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx86.sys (Symantec Corporation) DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys () DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (Power Software Ltd) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SRTSP) -- C:\Windows\System32\drivers\N360\1402010.016\srtsp.sys (Symantec Corporation) DRV - (SymEFA) -- C:\Windows\System32\drivers\N360\1402010.016\symefa.sys (Symantec Corporation) DRV - (SymDS) -- C:\Windows\System32\drivers\N360\1402010.016\symds.sys (Symantec Corporation) DRV - (SymNetS) -- C:\Windows\System32\drivers\N360\1402010.016\symnets.sys (Symantec Corporation) DRV - (SymIRON) -- C:\Windows\System32\drivers\N360\1402010.016\ironx86.sys (Symantec Corporation) DRV - (ccSet_N360) -- C:\Windows\System32\drivers\N360\1402010.016\ccsetx86.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\Windows\System32\drivers\N360\1402010.016\srtspx.sys (Symantec Corporation) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (UnlockerDriver5) -- C:\Programme\Unlocker\UnlockerDriver5.sys () DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 2A 44 0E 22 FE CD 01 [binary data] IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\..\SearchScopes,DefaultScope = {0609937C-0694-44E6-8D28-DC99086683FB} IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\..\SearchScopes\{0609937C-0694-44E6-8D28-DC99086683FB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..extensions.enabledAddons: bbrs_002%40blabbers.com:1.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tobi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tobi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013.02.28 17:56:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013.03.01 16:49:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.20 15:45:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.20 15:45:11 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.14 18:19:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\Extensions [2013.02.17 14:42:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\Firefox\Profiles\kwdn2mth.default\extensions [2013.02.17 14:42:28 | 000,000,000 | ---D | M] (Ginyas Browser Companion) -- C:\Users\Tobi\AppData\Roaming\mozilla\Firefox\Profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com [2013.02.17 15:07:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire [2013.02.28 17:16:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire [2013.02.28 17:16:14 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire [2013.02.19 18:56:52 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire [2013.03.01 15:57:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\477177151e09e6e11822eacf0cc8bdc5_expire [2013.02.24 15:24:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire [2013.02.28 17:16:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6d0e7c50b1f5d67f61ee9a2f5654f096_expire [2013.03.01 15:57:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef29a005_expire [2013.03.01 15:57:57 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire [2013.03.01 15:57:57 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire [2013.02.28 17:16:14 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire [2013.02.28 17:16:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire [2013.02.28 17:16:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire [2013.02.24 15:24:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire [2013.02.24 15:24:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Tobi\AppData\Roaming\mozilla\firefox\profiles\kwdn2mth.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire [2013.02.28 20:20:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.02.28 20:20:21 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de [2013.02.20 15:45:11 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.02.01 20:33:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.02.01 20:33:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013.02.01 20:33:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.02.01 20:33:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.02.01 20:33:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.02.01 20:33:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.de/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tobi\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Tobi\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tobi\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll CHR - plugin: (Enabled) = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Tobi\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - Extension: Google Docs = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: Google Docs = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: Google Drive = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Ginyas Browser Companion = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\ CHR - Extension: Google-Suche = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Norton Identity Protection = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.1.0.32_0\ CHR - Extension: Google Mail = C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.02.28 17:18:23 | 000,010,410 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 198.167.139.182 google.com O1 - Hosts: 198.167.139.182 www.google.ae O1 - Hosts: 198.167.139.182 www.google.com.af O1 - Hosts: 198.167.139.182 www.google.com.ag O1 - Hosts: 198.167.139.182 www.google.off.ai O1 - Hosts: 198.167.139.182 www.google.am O1 - Hosts: 198.167.139.182 www.google.com.ar O1 - Hosts: 198.167.139.182 www.google.as O1 - Hosts: 198.167.139.182 www.google.at O1 - Hosts: 198.167.139.182 www.google.com.au O1 - Hosts: 198.167.139.182 www.google.az O1 - Hosts: 198.167.139.182 www.google.ba O1 - Hosts: 198.167.139.182 www.google.com.bd O1 - Hosts: 198.167.139.182 www.google.be O1 - Hosts: 198.167.139.182 www.google.bg O1 - Hosts: 198.167.139.182 www.google.com.bh O1 - Hosts: 198.167.139.182 www.google.bi O1 - Hosts: 198.167.139.182 www.google.com.bo O1 - Hosts: 198.167.139.182 www.google.com.br O1 - Hosts: 198.167.139.182 www.google.bs O1 - Hosts: 198.167.139.182 www.google.co.bw O1 - Hosts: 198.167.139.182 www.google.com.bz O1 - Hosts: 198.167.139.182 www.google.ca O1 - Hosts: 198.167.139.182 www.google.cd O1 - Hosts: 198.167.139.182 www.google.cg O1 - Hosts: 313 more lines... O2 - BHO: (Ginyas Browser Companion) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\GinyasBrowserCompanion\jsloader.dll ( ) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\20.2.1.22\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\20.2.1.22\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Ginyas Browser Companion Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\GinyasBrowserCompanion\updatebhoWin32.dll ( ) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\20.2.1.22\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\20.2.1.22\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [EaseUS EPM tray] C:\Programme\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001..\Run: [Spotify] C:\Users\Tobi\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-2081992143-3188669940-1167959921-1001..\Run: [Spotify Web Helper] C:\Users\Tobi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKU\S-1-5-21-2081992143-3188669940-1167959921-1003..\Run: [ROC_JAN2013_TB] "C:\Program Files\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2081992143-3188669940-1167959921-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8CC2318-6BF8-4FB1-A69A-CAF8ECC81BD2}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1 [2013.03.01 16:48:46 | 000,097,440 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR311.SYS [2013.03.01 16:47:43 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\NPE [2013.03.01 15:08:21 | 000,927,904 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1402010.016\symefa.sys [2013.03.01 15:08:21 | 000,368,288 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1402010.016\symds.sys [2013.03.01 15:08:21 | 000,338,592 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1402010.016\symnets.sys [2013.03.01 15:08:21 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1402010.016\symelam.sys [2013.03.01 15:08:20 | 000,586,400 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1402010.016\srtsp.sys [2013.03.01 15:08:20 | 000,175,264 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1402010.016\ironx86.sys [2013.03.01 15:08:20 | 000,134,304 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1402010.016\ccsetx86.sys [2013.03.01 15:08:20 | 000,032,888 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1402010.016\srtspx.sys [2013.03.01 15:07:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\1402010.016 [2013.02.28 20:55:41 | 000,000,000 | ---D | C] -- C:\TmpDelete [2013.02.28 20:20:19 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\QuickStoresToolbar [2013.02.28 20:20:14 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [2013.02.28 20:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker [2013.02.28 20:11:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tobi\Desktop\OTL.exe [2013.02.28 18:34:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2013.02.28 18:08:57 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.02.28 17:55:52 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS [2013.02.28 17:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2013.02.28 17:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2013.02.28 17:55:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360 [2013.02.28 17:55:03 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 [2013.02.28 17:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360 [2013.02.28 17:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2013.02.28 17:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2013.02.28 17:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2013.02.28 17:12:36 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013.02.28 16:04:50 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\PowerISO [2013.02.27 20:11:23 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Desktop\Cinema 4d studio r12 [2013.02.27 19:16:01 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\MAXON [2013.02.25 16:16:09 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\.minecraft [2013.02.24 17:08:28 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Desktop\CoS projekt [2013.02.20 15:45:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.02.19 15:56:47 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Desktop\Schülerzeitung [2013.02.17 14:54:39 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Documents\Fraps [2013.02.17 10:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2013.02.16 17:24:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP [2013.02.16 17:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard [2013.02.16 17:24:23 | 000,125,440 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpf3l101.dll [2013.02.16 17:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2013.02.16 17:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2013.02.16 17:23:47 | 000,966,656 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpost_p04b.dll [2013.02.16 17:23:47 | 000,887,296 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hposwia_p04b.dll [2013.02.16 17:23:47 | 000,452,736 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll [2013.02.16 17:23:47 | 000,315,392 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hposc_p04a.dll [2013.02.16 09:32:44 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Desktop\Photoshop Hintergründe [2013.02.15 17:29:48 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Desktop\Photoshop [2013.02.15 16:56:00 | 000,000,000 | R--D | C] -- C:\Users\Tobi\Dropbox [2013.02.15 16:46:43 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013.02.15 16:40:49 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Dropbox [2013.02.15 16:32:02 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Desktop\Minecraft skins [2013.02.15 14:02:57 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\PDAppFlex [2013.02.15 13:52:52 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Documents\Adobe Scripts [2013.02.14 19:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2013.02.14 19:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2013.02.14 19:30:50 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2013.02.14 19:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant [2013.02.14 19:30:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2013.02.14 19:30:46 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013.02.14 19:30:15 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\Adobe [2013.02.14 18:24:01 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\Macromedia [2013.02.14 18:22:47 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.02.14 18:22:47 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.02.14 18:22:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2013.02.14 18:22:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.02.14 18:19:27 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Mozilla [2013.02.14 18:19:27 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\Mozilla [2013.02.14 18:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2013.02.14 18:19:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.02.13 20:06:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.02.13 20:06:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.02.13 20:06:19 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.02.13 20:06:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.02.13 20:06:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.02.13 20:06:18 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.02.13 20:06:18 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.02.13 20:06:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.02.13 15:33:20 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.02.13 15:33:15 | 003,957,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.02.13 15:33:15 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.02.13 15:33:13 | 000,187,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2013.02.13 15:33:09 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.02.13 15:33:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.02.13 15:33:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.02.13 15:33:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.02.13 15:33:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.02.13 15:33:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.02.13 15:33:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.02.13 15:33:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.02.13 15:33:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.02.13 15:33:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.02.13 15:33:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.02.13 15:33:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.02.10 16:32:41 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2013.02.10 16:32:41 | 000,000,000 | ---D | C] -- C:\Fraaps [2013.02.10 16:28:12 | 000,000,000 | ---D | C] -- C:\Fraps [2013.02.09 16:35:47 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2013.02.09 16:35:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2013.02.09 16:35:46 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Notepad++ [2013.02.09 16:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++ [2013.02.03 14:53:57 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013.02.02 17:27:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.2.1 Home Edition [2013.01.31 19:44:35 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\LolClient [2013.01.31 19:44:32 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Macromedia [2013.01.31 19:44:30 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Roaming\Adobe [2013.01.31 19:10:17 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2013.01.31 19:10:17 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2013.01.31 19:10:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2013.01.31 19:10:17 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2013.01.31 19:10:16 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2013.01.31 19:00:48 | 000,000,000 | ---D | C] -- C:\Riot Games [2013.01.31 19:00:44 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2013.01.31 18:02:20 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Documents\League of Legends [2013.01.31 18:01:41 | 000,000,000 | ---D | C] -- C:\Users\Tobi\AppData\Local\PMB Files [2013.01.31 18:01:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2013.01.31 18:01:26 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2013.01.31 18:01:08 | 000,000,000 | ---D | C] -- C:\Users\Tobi\.swt [2013.01.31 17:02:04 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2013.01.31 17:02:03 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2013.01.31 17:01:54 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys [2013.01.31 17:01:49 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe [2013.01.30 21:04:28 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2013.01.30 21:04:28 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2013.01.30 20:56:07 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2013.01.30 20:56:07 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2013.01.30 20:56:07 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2013.01.30 20:29:47 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2013.01.30 20:29:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll [2013.01.30 20:28:32 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2013.01.30 20:28:32 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2013.01.30 20:28:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2013.01.30 20:26:07 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.01.30 20:26:06 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013.01.30 20:26:06 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013.01.30 20:26:06 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2013.01.30 20:26:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013.01.30 20:26:06 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.01.30 20:26:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013.01.30 20:26:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013.01.30 20:26:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013.01.30 20:26:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013.01.30 20:26:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013.01.30 20:26:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013.01.30 20:26:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013.01.30 20:26:04 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013.01.30 20:26:04 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013.01.30 20:26:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013.01.30 20:26:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013.01.30 20:26:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013.01.30 20:26:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013.01.30 20:26:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.01.30 20:26:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.01.30 20:26:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.01.30 20:26:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013.01.30 20:26:03 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2013.01.30 20:26:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2013.01.30 20:26:03 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013.01.30 20:26:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2013.01.30 20:26:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013.01.30 20:26:03 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013.01.30 20:24:13 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2013.01.30 20:17:50 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2013.01.30 19:37:11 | 000,000,000 | ---D | C] -- C:\Users\Tobi\Documents\Outlook-Dateien [2013.01.30 18:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013.01.30 18:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2013.01.30 18:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\Steam ========== Files - Modified Within 30 Days ========== [2013.03.01 16:52:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job [2013.03.01 16:50:23 | 001,388,519 | ---- | M] () -- C:\Windows\System32\drivers\N360\1402010.016\Cat.DB [2013.03.01 16:49:14 | 000,014,818 | ---- | M] () -- C:\Windows\System32\drivers\N360\1402010.016\VT20130115.021 [2013.03.01 16:49:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.01 16:48:49 | 000,000,020 | ---- | M] () -- C:\Windows\System32\drivers\SMR311.dat [2013.03.01 16:48:46 | 000,097,440 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SMR311.SYS [2013.03.01 16:42:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job [2013.03.01 16:18:02 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2081992143-3188669940-1167959921-1001UA.job [2013.03.01 15:03:03 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job [2013.03.01 14:55:19 | 000,674,866 | ---- | M] () -- C:\Users\Tobi\Desktop\surveys.PNG [2013.03.01 14:50:02 | 000,010,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.01 14:50:02 | 000,010,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.01 14:43:04 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job [2013.03.01 14:42:53 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013.03.01 14:42:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.01 14:42:31 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2013.03.01 14:42:28 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys [2013.02.28 20:11:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tobi\Desktop\OTL.exe [2013.02.28 18:36:19 | 000,881,950 | ---- | M] () -- C:\Users\Tobi\Desktop\SecurityCheck.exe [2013.02.28 18:32:26 | 000,000,000 | ---- | M] () -- C:\Users\Tobi\defogger_reenable [2013.02.28 18:18:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2081992143-3188669940-1167959921-1001Core.job [2013.02.28 18:08:57 | 000,002,362 | ---- | M] () -- C:\Users\Tobi\Desktop\Google Chrome.lnk [2013.02.28 17:55:52 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS [2013.02.28 17:55:52 | 000,007,446 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT [2013.02.28 17:55:52 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF [2013.02.27 19:29:47 | 000,064,983 | ---- | M] () -- C:\Users\Tobi\Desktop\strasse.jpg [2013.02.27 18:49:22 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.02.27 18:49:22 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.02.26 19:56:06 | 000,000,132 | ---- | M] () -- C:\Users\Tobi\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2013.02.26 14:19:46 | 003,808,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.02.20 17:54:40 | 000,054,987 | ---- | M] () -- C:\Users\Tobi\Desktop\stundn.PNG [2013.02.16 17:27:00 | 000,171,948 | ---- | M] () -- C:\Windows\hpoins47.dat [2013.02.15 16:56:00 | 000,001,037 | ---- | M] () -- C:\Users\Tobi\Desktop\Dropbox.lnk [2013.02.15 16:47:01 | 000,001,047 | ---- | M] () -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.02.14 19:30:48 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk [2013.02.14 18:19:24 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.02.13 20:04:47 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.02.13 20:04:47 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.02.13 20:04:47 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.02.13 20:04:47 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.02.10 16:32:41 | 000,000,581 | ---- | M] () -- C:\Users\Tobi\Desktop\Fraps.lnk [2013.02.09 16:26:49 | 005,180,136 | ---- | M] () -- C:\Users\Tobi\Desktop\minecraft.jar [2013.02.07 17:59:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.02.02 17:55:59 | 000,001,364 | -H-- | M] () -- C:\Windows\EPMBatch.ept [2013.02.02 17:27:42 | 000,001,446 | ---- | M] () -- C:\Users\Public\Desktop\EaseUS Partition Master 9.2.1 Home Edition.lnk [2013.01.31 19:41:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.01.31 19:10:17 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2013.01.30 20:26:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.01.30 20:26:06 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013.01.30 20:26:06 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013.01.30 20:26:06 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2013.01.30 20:26:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013.01.30 20:26:06 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.01.30 20:26:06 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013.01.30 20:26:06 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013.01.30 20:26:06 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013.01.30 20:26:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013.01.30 20:26:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013.01.30 20:26:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013.01.30 20:26:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013.01.30 20:26:04 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013.01.30 20:26:04 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013.01.30 20:26:04 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013.01.30 20:26:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013.01.30 20:26:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013.01.30 20:26:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013.01.30 20:26:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.01.30 20:26:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.01.30 20:26:04 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2013.01.30 20:26:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.01.30 20:26:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013.01.30 20:26:03 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2013.01.30 20:26:03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2013.01.30 20:26:03 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013.01.30 20:26:03 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2013.01.30 20:26:03 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013.01.30 20:26:03 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013.01.30 18:56:53 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk ========== Files Created - No Company Name ========== [2013.03.01 16:49:14 | 001,388,519 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\Cat.DB [2013.03.01 16:49:14 | 000,014,818 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\VT20130115.021 [2013.03.01 16:48:47 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\SMR311.dat [2013.03.01 15:08:21 | 000,009,670 | R--- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symelam.cat [2013.03.01 15:08:21 | 000,007,601 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symnet.cat [2013.03.01 15:08:21 | 000,007,599 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symefa.cat [2013.03.01 15:08:21 | 000,003,433 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symefa.inf [2013.03.01 15:08:21 | 000,002,851 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symds.inf [2013.03.01 15:08:21 | 000,001,440 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symnet.inf [2013.03.01 15:08:21 | 000,000,996 | R--- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symelam.inf [2013.03.01 15:08:20 | 000,007,611 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\ccsetx86.cat [2013.03.01 15:08:20 | 000,007,597 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\srtspx.cat [2013.03.01 15:08:20 | 000,007,593 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symds.cat [2013.03.01 15:08:20 | 000,007,593 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\srtsp.cat [2013.03.01 15:08:20 | 000,007,593 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\iron.cat [2013.03.01 15:08:20 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\srtsp.inf [2013.03.01 15:08:20 | 000,001,387 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\srtspx.inf [2013.03.01 15:08:20 | 000,000,827 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\ccsetx86.inf [2013.03.01 15:08:20 | 000,000,737 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\iron.inf [2013.03.01 15:07:52 | 000,009,103 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\symvtcer.dat [2013.03.01 15:07:52 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\1402010.016\isolate.ini [2013.03.01 14:55:19 | 000,674,866 | ---- | C] () -- C:\Users\Tobi\Desktop\surveys.PNG [2013.02.28 18:36:18 | 000,881,950 | ---- | C] () -- C:\Users\Tobi\Desktop\SecurityCheck.exe [2013.02.28 18:32:26 | 000,000,000 | ---- | C] () -- C:\Users\Tobi\defogger_reenable [2013.02.28 18:08:57 | 000,002,362 | ---- | C] () -- C:\Users\Tobi\Desktop\Google Chrome.lnk [2013.02.28 18:08:27 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2081992143-3188669940-1167959921-1001UA.job [2013.02.28 18:08:26 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2081992143-3188669940-1167959921-1001Core.job [2013.02.28 17:55:52 | 000,007,446 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT [2013.02.28 17:55:52 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF [2013.02.27 19:29:42 | 000,064,983 | ---- | C] () -- C:\Users\Tobi\Desktop\strasse.jpg [2013.02.24 13:05:16 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk [2013.02.24 13:04:36 | 000,001,131 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk [2013.02.24 13:03:37 | 000,001,315 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2013.02.24 13:03:31 | 000,001,481 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2013.02.20 17:54:40 | 000,054,987 | ---- | C] () -- C:\Users\Tobi\Desktop\stundn.PNG [2013.02.19 19:56:17 | 000,000,132 | ---- | C] () -- C:\Users\Tobi\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2013.02.16 17:23:51 | 000,171,948 | ---- | C] () -- C:\Windows\hpoins47.dat [2013.02.16 17:23:51 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl47.dat [2013.02.15 16:56:00 | 000,001,037 | ---- | C] () -- C:\Users\Tobi\Desktop\Dropbox.lnk [2013.02.15 16:47:01 | 000,001,047 | ---- | C] () -- C:\Users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.02.14 19:30:48 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2013.02.14 19:30:48 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk [2013.02.14 18:22:48 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.14 18:19:24 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.02.14 18:19:24 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.02.10 16:32:41 | 000,000,581 | ---- | C] () -- C:\Users\Tobi\Desktop\Fraps.lnk [2013.02.09 16:29:39 | 005,180,136 | ---- | C] () -- C:\Users\Tobi\Desktop\minecraft.jar [2013.02.07 17:59:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.02.04 15:04:30 | 003,808,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013.02.02 17:53:30 | 000,001,364 | -H-- | C] () -- C:\Windows\EPMBatch.ept [2013.02.02 17:27:42 | 000,001,446 | ---- | C] () -- C:\Users\Public\Desktop\EaseUS Partition Master 9.2.1 Home Edition.lnk [2013.02.02 17:27:41 | 002,468,520 | ---- | C] () -- C:\Windows\System32\BootMan.exe [2013.02.02 17:27:41 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll [2013.02.02 17:27:40 | 000,087,112 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe [2013.02.02 17:27:40 | 000,014,920 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys [2013.02.02 17:27:40 | 000,009,160 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys [2013.01.31 19:41:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.01.31 19:10:17 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2013.01.30 20:29:48 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.01.30 20:28:32 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.01.30 20:26:04 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2013.01.30 18:56:53 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2013.01.30 17:03:21 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013.01.29 14:06:04 | 003,536,817 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2012.01.18 06:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > [/code] |
|
01.03.2013, 19:06
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook, Youtube , Google, etc durch Surveys gesperrt! Und was genau war Sinn und Zweck der Übung mit minecraft, welchen Anlass hattest du?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.03.2013, 19:18
| #5 |
| | Facebook, Youtube , Google, etc durch Surveys gesperrt! Mods |
|
02.03.2013, 01:38
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook, Youtube , Google, etc durch Surveys gesperrt! Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus. Anleitung MBAR: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Facebook, Youtube , Google, etc durch Surveys gesperrt! |
|
02.03.2013, 09:13
| #7 |
| | Facebook, Youtube , Google, etc durch Surveys gesperrt! GMER Logfile: Code:
ATTFilter GMER 2.1.19115 - hxxp://www.gmer.net
Rootkit scan 2013-03-02 09:12:42
Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\00000069 ST310005 rev.CC38 931,51GB
Running: gmer_2.1.19115.exe; Driver: C:\Users\Tobi\AppData\Local\Temp\kxldipod.sys
---- System - GMER 2.1 ----
SSDT 8760EFD0 ZwAlertResumeThread
SSDT 8760D298 ZwAlertThread
SSDT 8760DC10 ZwAllocateVirtualMemory
SSDT 86862A08 ZwAlpcConnectPort
SSDT 8756EE00 ZwAssignProcessToJobObject
SSDT 8760ED40 ZwCreateMutant
SSDT 875FF128 ZwCreateSymbolicLinkObject
SSDT 8760A550 ZwCreateThread
SSDT 875FF1F8 ZwCreateThreadEx
SSDT 8709F0D8 ZwDebugActiveProcess
SSDT 8760DDE0 ZwDuplicateObject
SSDT 8760D9C8 ZwFreeVirtualMemory
SSDT 8760EE30 ZwImpersonateAnonymousToken
SSDT 8760EF10 ZwImpersonateThread
SSDT 8685FB90 ZwLoadDriver
SSDT 8760D8C8 ZwMapViewOfSection
SSDT 8760EC60 ZwOpenEvent
SSDT 8760DFC0 ZwOpenProcess
SSDT 8760DD00 ZwOpenProcessToken
SSDT 8756EB70 ZwOpenSection
SSDT 8760DED0 ZwOpenThread
SSDT 875E4A20 ZwProtectVirtualMemory
SSDT 8760D378 ZwResumeThread
SSDT 8760D618 ZwSetContextThread
SSDT 8760D6F8 ZwSetInformationProcess
SSDT 87099150 ZwSetSystemInformation
SSDT 8760EB80 ZwSuspendProcess
SSDT 8760D458 ZwSuspendThread
SSDT 875F5E88 ZwTerminateProcess
SSDT 8760D538 ZwTerminateThread
SSDT 8760D7E8 ZwUnmapViewOfSection
SSDT 8760DAB8 ZwWriteVirtualMemory
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackTransaction + 13E9 82E608D9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E85312 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 254 82E8CB14 8 Bytes [D0, EF, 60, 87, 98, D2, 60, ...]
.text ntkrnlpa.exe!RtlSidHashLookup + 26C 82E8CB2C 4 Bytes [10, DC, 60, 87]
.text ntkrnlpa.exe!RtlSidHashLookup + 278 82E8CB38 4 Bytes [08, 2A, 86, 86]
.text ntkrnlpa.exe!RtlSidHashLookup + 2CC 82E8CB8C 4 Bytes [00, EE, 56, 87]
.text ntkrnlpa.exe!RtlSidHashLookup + 348 82E8CC08 4 Bytes [40, ED, 60, 87]
.text ...
PAGE spsys.sys!?SPRevision@@3PADA + 4F90 8ACCA000 290 Bytes [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 50B3 8ACCA123 629 Bytes [55, CC, 8A, FE, 05, 34, 55, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 5329 8ACCA399 101 Bytes [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 538F 8ACCA3FF 148 Bytes [18, 5D, C2, 14, 00, 8B, FF, ...]
PAGE spsys.sys!?SPRevision@@3PADA + 543B 8ACCA4AB 2228 Bytes [8B, FF, 55, 8B, EC, FF, 75, ...]
PAGE ...
.text user32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes [E9, 41, 02, 42, 89, EB, F9] {JMP 0x89420246; JMP 0x0}
.text sechost.dll!LsaLookupGetDomainInfo 77054D57 7 Bytes [E9, B4, B4, 19, 89, EB, F9] {JMP 0x8919b4b9; JMP 0x0}
.text sechost.dll!SetServiceObjectSecurity + CE 7705524F 7 Bytes [E9, 84, B1, 19, 89, EB, F9] {JMP 0x8919b189; JMP 0x0}
.text sechost.dll!ChangeServiceConfigA + 17C 770553D0 7 Bytes [E9, AF, B2, 19, 89, EB, F9] {JMP 0x8919b2b4; JMP 0x0}
.text sechost.dll!ChangeServiceConfig2W + 95 77055677 7 Bytes [E9, 40, AE, 19, 89, EB, F9] {JMP 0x8919ae45; JMP 0x0}
.text sechost.dll!CreateServiceA + 21E 7705589A 7 Bytes [E9, 8D, A8, 19, 89, EB, F9] {JMP 0x8919a892; JMP 0x0}
.text sechost.dll!CreateServiceW + 17E 77055A1D 7 Bytes [E9, 2A, AE, 19, 89, EB, F9] {JMP 0x8919ae2f; JMP 0x0}
.text sechost.dll!QueryServiceConfigW + 172 77055C9B 7 Bytes [E9, 00, A9, 19, 89, EB, F9] {JMP 0x8919a905; JMP 0x0}
.text sechost.dll!ControlServiceExA + E7 77055D87 7 Bytes [E9, DC, A9, 19, 89, EB, F9] {JMP 0x8919a9e1; JMP 0x0}
.text sechost.dll!I_ScValidatePnPService + 5A9 77057146 7 Bytes [E9, FD, 8E, 19, 89, EB, F9] {JMP 0x89198f02; JMP 0x0}
.text sechost.dll!I_ScBroadcastServiceControlMessage + 7B 77057240 7 Bytes [E9, AF, 90, 19, 89, EB, F9] {JMP 0x891990b4; JMP 0x0}
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\nvvsvc.exe[820] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Windows\system32\nvvsvc.exe[820] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 000E0930
.text C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[848] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[848] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 001E0930
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1520] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1520] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 000F0930
.text C:\Windows\system32\nvvsvc.exe[1532] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Windows\system32\nvvsvc.exe[1532] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 000E0930
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1808] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1808] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 00080930
.text C:\Program Files\Bonjour\mDNSResponder.exe[1840] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Program Files\Bonjour\mDNSResponder.exe[1840] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 000F0930
.text C:\Windows\Explorer.EXE[2312] SHELL32.dll!SHFileOperationW 75849728 5 Bytes JMP 04E41102 C:\Program Files\Unlocker\UnlockerHook.dll
.text C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe[2680] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe[2680] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 001F0AF4
.text C:\Program Files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe[3208] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Program Files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe[3208] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 001F0930
.text C:\Program Files\Unlocker\UnlockerAssistant.exe[3304] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Program Files\Unlocker\UnlockerAssistant.exe[3304] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 001E0930
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3440] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 000E004C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3440] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 00100930
.text C:\Users\Tobi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[3556] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Users\Tobi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[3556] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 000F0AF4
.text C:\Users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe[3780] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe[3780] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 001F0048
.text C:\Users\Tobi\Downloads\gmer_2.1.19115.exe[4768] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Users\Tobi\Downloads\gmer_2.1.19115.exe[4768] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 001F0930
.text C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5684] ntdll.dll!NtTerminateThread 76F459C0 5 Bytes JMP 0002004C
.text C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5684] USER32.dll!RecordShutdownReason + 372 76DD06EA 7 Bytes JMP 000F0AF4
---- User IAT/EAT - GMER 2.1 ----
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73B424FA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73B2565B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73B25719] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73B42575] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73B385D9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73B34D8D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73B35134] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73B35209] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73B36736] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73B38330] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73B3887F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73B390E0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73B3E283] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73B34CBF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5684] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [74FE5E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5684] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [74FE5E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5684] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [74FE5E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5684] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [74FE5E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5684] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [74FE5E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Processes - GMER 2.1 ----
Library C:\Users\Tobi\Downloads\gmer_2.1.19115.exe (*** hidden *** ) @ C:\Users\Tobi\Downloads\gmer_2.1.19115.exe [4768] 0x00400000
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.03.02.04
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Tobi :: TOBI-PC [administrator]
02.03.2013 09:24:33
mbar-log-2013-03-02 (09-24-33).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 26262
Time elapsed: 6 minute(s), 47 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 1
c:\Program Files\GinyasBrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Delete on reboot.
Registry Keys Detected: 25
HKLM\SOFTWARE\CLASSES\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}\INPROCSERVER32 (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\wit4ie.WitBHO.2 (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\wit4ie.WitBHO (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\tdataprotocol.CTData.1 (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\tdataprotocol.CTData (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}\INPROCSERVER32 (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\updatebho.TimerBHO.1 (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\updatebho.TimerBHO (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Delete on reboot.
Registry Values Detected: 3
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\BASE64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\CHROME|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\PROX|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 3
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Delete on reboot.
Files Detected: 45
c:\Program Files\GinyasBrowserCompanion\jsloader.dll (PUP.Blabbers) -> Delete on reboot.
c:\Program Files\GinyasBrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Delete on reboot.
c:\Program Files\GinyasBrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\fix3.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\fix4.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\fix5.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\477177151e09e6e11822eacf0cc8bdc5 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\477177151e09e6e11822eacf0cc8bdc5_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\6d0e7c50b1f5d67f61ee9a2f5654f096 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\6d0e7c50b1f5d67f61ee9a2f5654f096_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Delete on reboot.
c:\Users\Tobi\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Delete on reboot.
(end)
Geändert von cosinus (02.03.2013 um 12:37 Uhr) Grund: CODE-Tags korrigiert |
|
02.03.2013, 12:37
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook, Youtube , Google, etc durch Surveys gesperrt! aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.03.2013, 13:00
| #9 |
| | Facebook, Youtube , Google, etc durch Surveys gesperrt!Code:
ATTFilter
12:58:43.0858 3380 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:58:44.0350 3380 ============================================================
12:58:44.0350 3380 Current date / time: 2013/03/02 12:58:44.0350
12:58:44.0350 3380 SystemInfo:
12:58:44.0350 3380
12:58:44.0350 3380 OS Version: 6.1.7600 ServicePack: 0.0
12:58:44.0350 3380 Product type: Workstation
12:58:44.0350 3380 ComputerName: TOBI-PC
12:58:44.0350 3380 UserName: Tobi
12:58:44.0350 3380 Windows directory: C:\Windows
12:58:44.0350 3380 System windows directory: C:\Windows
12:58:44.0350 3380 Processor architecture: Intel x86
12:58:44.0350 3380 Number of processors: 4
12:58:44.0350 3380 Page size: 0x1000
12:58:44.0350 3380 Boot type: Normal boot
12:58:44.0350 3380 ============================================================
12:58:45.0969 3380 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:58:45.0971 3380 Drive \Device\Harddisk1\DR1 - Size: 0x3BD800000 (14.96 Gb), SectorSize: 0x200, Cylinders: 0x7A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:58:45.0972 3380 ============================================================
12:58:45.0972 3380 \Device\Harddisk0\DR0:
12:58:45.0972 3380 MBR partitions:
12:58:45.0972 3380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC8034
12:58:45.0972 3380 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC8073, BlocksNum 0x6CAA5D8B
12:58:45.0972 3380 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6CB6DDFE, BlocksNum 0x7B97BC3
12:58:45.0972 3380 \Device\Harddisk1\DR1:
12:58:45.0973 3380 MBR partitions:
12:58:45.0973 3380 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x1DEA000
12:58:45.0973 3380 ============================================================
12:58:46.0015 3380 C: <-> \Device\Harddisk0\DR0\Partition2
12:58:46.0041 3380 H: <-> \Device\Harddisk0\DR0\Partition3
12:58:46.0041 3380 ============================================================
12:58:46.0041 3380 Initialize success
12:58:46.0041 3380 ============================================================
12:59:13.0796 4624 ============================================================
12:59:13.0796 4624 Scan started
12:59:13.0796 4624 Mode: Manual;
12:59:13.0796 4624 ============================================================
12:59:14.0745 4624 ================ Scan system memory ========================
12:59:14.0746 4624 System memory - ok
12:59:14.0747 4624 ================ Scan services =============================
12:59:14.0989 4624 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
12:59:14.0993 4624 1394ohci - ok
12:59:15.0011 4624 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
12:59:15.0014 4624 ACPI - ok
12:59:15.0037 4624 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
12:59:15.0038 4624 AcpiPmi - ok
12:59:15.0148 4624 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:59:15.0152 4624 AdobeFlashPlayerUpdateSvc - ok
12:59:15.0207 4624 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:59:15.0217 4624 adp94xx - ok
12:59:15.0235 4624 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:59:15.0241 4624 adpahci - ok
12:59:15.0259 4624 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:59:15.0263 4624 adpu320 - ok
12:59:15.0300 4624 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:59:15.0306 4624 AeLookupSvc - ok
12:59:15.0388 4624 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
12:59:15.0396 4624 AFD - ok
12:59:15.0425 4624 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
12:59:15.0426 4624 agp440 - ok
12:59:15.0472 4624 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:59:15.0473 4624 aic78xx - ok
12:59:15.0491 4624 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
12:59:15.0492 4624 ALG - ok
12:59:15.0532 4624 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
12:59:15.0533 4624 aliide - ok
12:59:15.0539 4624 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
12:59:15.0540 4624 amdagp - ok
12:59:15.0556 4624 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
12:59:15.0557 4624 amdide - ok
12:59:15.0562 4624 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:59:15.0563 4624 AmdK8 - ok
12:59:15.0583 4624 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:59:15.0585 4624 AmdPPM - ok
12:59:15.0611 4624 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:59:15.0612 4624 amdsata - ok
12:59:15.0642 4624 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:59:15.0644 4624 amdsbs - ok
12:59:15.0685 4624 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:59:15.0685 4624 amdxata - ok
12:59:15.0716 4624 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
12:59:15.0717 4624 AppID - ok
12:59:15.0722 4624 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:59:15.0723 4624 AppIDSvc - ok
12:59:15.0751 4624 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
12:59:15.0752 4624 Appinfo - ok
12:59:15.0927 4624 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:59:15.0936 4624 Apple Mobile Device - ok
12:59:15.0973 4624 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:59:15.0974 4624 arc - ok
12:59:16.0012 4624 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:59:16.0013 4624 arcsas - ok
12:59:16.0034 4624 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:59:16.0035 4624 AsyncMac - ok
12:59:16.0067 4624 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
12:59:16.0068 4624 atapi - ok
12:59:16.0124 4624 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:59:16.0134 4624 AudioEndpointBuilder - ok
12:59:16.0149 4624 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:59:16.0154 4624 Audiosrv - ok
12:59:16.0182 4624 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:59:16.0183 4624 AxInstSV - ok
12:59:16.0215 4624 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:59:16.0219 4624 b06bdrv - ok
12:59:16.0276 4624 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:59:16.0279 4624 b57nd60x - ok
12:59:16.0311 4624 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
12:59:16.0312 4624 BDESVC - ok
12:59:16.0321 4624 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
12:59:16.0321 4624 Beep - ok
12:59:16.0357 4624 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
12:59:16.0362 4624 BFE - ok
12:59:16.0586 4624 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx86.sys
12:59:16.0606 4624 BHDrvx86 - ok
12:59:16.0634 4624 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
12:59:16.0653 4624 BITS - ok
12:59:16.0676 4624 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:59:16.0677 4624 blbdrive - ok
12:59:16.0751 4624 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:59:16.0764 4624 Bonjour Service - ok
12:59:16.0807 4624 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:59:16.0808 4624 bowser - ok
12:59:16.0826 4624 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:59:16.0827 4624 BrFiltLo - ok
12:59:16.0834 4624 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:59:16.0835 4624 BrFiltUp - ok
12:59:16.0870 4624 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
12:59:16.0872 4624 Browser - ok
12:59:16.0910 4624 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:59:16.0913 4624 Brserid - ok
12:59:16.0920 4624 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:59:16.0921 4624 BrSerWdm - ok
12:59:16.0927 4624 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:59:16.0927 4624 BrUsbMdm - ok
12:59:16.0933 4624 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:59:16.0934 4624 BrUsbSer - ok
12:59:16.0940 4624 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:59:16.0941 4624 BTHMODEM - ok
12:59:16.0995 4624 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
12:59:16.0996 4624 bthserv - ok
12:59:17.0096 4624 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\Windows\system32\drivers\N360\1402010.016\ccSetx86.sys
12:59:17.0099 4624 ccSet_N360 - ok
12:59:17.0127 4624 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:59:17.0129 4624 cdfs - ok
12:59:17.0149 4624 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:59:17.0151 4624 cdrom - ok
12:59:17.0170 4624 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
12:59:17.0171 4624 CertPropSvc - ok
12:59:17.0200 4624 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:59:17.0200 4624 circlass - ok
12:59:17.0230 4624 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
12:59:17.0253 4624 CLFS - ok
12:59:17.0334 4624 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:59:17.0337 4624 clr_optimization_v2.0.50727_32 - ok
12:59:17.0498 4624 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:59:17.0500 4624 clr_optimization_v4.0.30319_32 - ok
12:59:17.0506 4624 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:59:17.0507 4624 CmBatt - ok
12:59:17.0522 4624 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
12:59:17.0522 4624 cmdide - ok
12:59:17.0555 4624 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
12:59:17.0559 4624 CNG - ok
12:59:17.0575 4624 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:59:17.0576 4624 Compbatt - ok
12:59:17.0596 4624 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:59:17.0596 4624 CompositeBus - ok
12:59:17.0601 4624 COMSysApp - ok
12:59:17.0619 4624 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:59:17.0620 4624 crcdisk - ok
12:59:17.0655 4624 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:59:17.0658 4624 CryptSvc - ok
12:59:17.0700 4624 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
12:59:17.0710 4624 DcomLaunch - ok
12:59:17.0741 4624 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
12:59:17.0744 4624 defragsvc - ok
12:59:17.0776 4624 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:59:17.0776 4624 DfsC - ok
12:59:17.0805 4624 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:59:17.0809 4624 Dhcp - ok
12:59:17.0824 4624 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
12:59:17.0825 4624 discache - ok
12:59:17.0843 4624 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:59:17.0844 4624 Disk - ok
12:59:17.0880 4624 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:59:17.0883 4624 Dnscache - ok
12:59:17.0907 4624 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
12:59:17.0926 4624 dot3svc - ok
12:59:17.0967 4624 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
12:59:17.0971 4624 DPS - ok
12:59:18.0038 4624 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:59:18.0039 4624 drmkaud - ok
12:59:18.0131 4624 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:59:18.0151 4624 DXGKrnl - ok
12:59:18.0189 4624 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
12:59:18.0190 4624 EapHost - ok
12:59:18.0305 4624 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:59:18.0365 4624 ebdrv - ok
12:59:18.0486 4624 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:59:18.0503 4624 eeCtrl - ok
12:59:18.0534 4624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
12:59:18.0536 4624 EFS - ok
12:59:18.0719 4624 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:59:18.0732 4624 ehRecvr - ok
12:59:18.0782 4624 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
12:59:18.0790 4624 ehSched - ok
12:59:18.0846 4624 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:59:18.0851 4624 elxstor - ok
12:59:18.0894 4624 [ 093CEE3B45F0954DCE6CB891F6A920F7 ] epmntdrv C:\Windows\system32\epmntdrv.sys
12:59:18.0895 4624 epmntdrv - ok
12:59:18.0935 4624 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:59:18.0951 4624 EraserUtilRebootDrv - ok
12:59:18.0979 4624 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
12:59:18.0979 4624 ErrDev - ok
12:59:19.0043 4624 [ F1DE3EEF501DDA7DDF99F2EDF0C5540E ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
12:59:19.0044 4624 EuGdiDrv - ok
12:59:19.0130 4624 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
12:59:19.0138 4624 EventSystem - ok
12:59:19.0168 4624 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
12:59:19.0172 4624 exfat - ok
12:59:19.0205 4624 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:59:19.0208 4624 fastfat - ok
12:59:19.0264 4624 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
12:59:19.0272 4624 Fax - ok
12:59:19.0284 4624 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:59:19.0285 4624 fdc - ok
12:59:19.0318 4624 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
12:59:19.0319 4624 fdPHost - ok
12:59:19.0344 4624 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
12:59:19.0345 4624 FDResPub - ok
12:59:19.0379 4624 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:59:19.0380 4624 FileInfo - ok
12:59:19.0394 4624 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:59:19.0394 4624 Filetrace - ok
12:59:19.0424 4624 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:59:19.0425 4624 flpydisk - ok
12:59:19.0466 4624 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:59:19.0469 4624 FltMgr - ok
12:59:19.0537 4624 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
12:59:19.0549 4624 FontCache - ok
12:59:19.0630 4624 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:59:19.0633 4624 FontCache3.0.0.0 - ok
12:59:19.0654 4624 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:59:19.0655 4624 FsDepends - ok
12:59:19.0685 4624 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:59:19.0686 4624 Fs_Rec - ok
12:59:19.0733 4624 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:59:19.0738 4624 fvevol - ok
12:59:19.0760 4624 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:59:19.0761 4624 gagp30kx - ok
12:59:19.0833 4624 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:59:19.0834 4624 GEARAspiWDM - ok
12:59:19.0906 4624 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
12:59:19.0921 4624 gpsvc - ok
12:59:19.0950 4624 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:59:19.0966 4624 gusvc - ok
12:59:20.0010 4624 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:59:20.0011 4624 hcw85cir - ok
12:59:20.0067 4624 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:59:20.0071 4624 HdAudAddService - ok
12:59:20.0097 4624 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:59:20.0102 4624 HDAudBus - ok
12:59:20.0139 4624 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:59:20.0140 4624 HidBatt - ok
12:59:20.0164 4624 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:59:20.0166 4624 HidBth - ok
12:59:20.0197 4624 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:59:20.0198 4624 HidIr - ok
12:59:20.0213 4624 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
12:59:20.0220 4624 hidserv - ok
12:59:20.0249 4624 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:59:20.0250 4624 HidUsb - ok
12:59:20.0264 4624 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:59:20.0266 4624 hkmsvc - ok
12:59:20.0308 4624 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:59:20.0317 4624 HomeGroupListener - ok
12:59:20.0379 4624 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:59:20.0400 4624 HomeGroupProvider - ok
12:59:20.0429 4624 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
12:59:20.0431 4624 HpSAMD - ok
12:59:20.0576 4624 [ 9D23402D305869844BC6004A05CC74BA ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
12:59:20.0586 4624 HPSLPSVC - ok
12:59:20.0614 4624 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:59:20.0620 4624 HTTP - ok
12:59:20.0635 4624 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:59:20.0635 4624 hwpolicy - ok
12:59:20.0658 4624 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:59:20.0659 4624 i8042prt - ok
12:59:20.0754 4624 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:59:20.0759 4624 iaStorV - ok
12:59:20.0833 4624 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:59:20.0843 4624 idsvc - ok
12:59:20.0961 4624 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSvix86.sys
12:59:20.0971 4624 IDSVix86 - ok
12:59:21.0005 4624 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:59:21.0006 4624 iirsp - ok
12:59:21.0268 4624 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
12:59:21.0278 4624 IKEEXT - ok
12:59:21.0310 4624 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
12:59:21.0311 4624 intelide - ok
12:59:21.0342 4624 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:59:21.0343 4624 intelppm - ok
12:59:21.0367 4624 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:59:21.0369 4624 IPBusEnum - ok
12:59:21.0377 4624 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:59:21.0378 4624 IpFilterDriver - ok
12:59:21.0418 4624 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:59:21.0428 4624 iphlpsvc - ok
12:59:21.0436 4624 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:59:21.0438 4624 IPMIDRV - ok
12:59:21.0445 4624 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:59:21.0446 4624 IPNAT - ok
12:59:21.0534 4624 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:59:21.0541 4624 iPod Service - ok
12:59:21.0556 4624 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:59:21.0556 4624 IRENUM - ok
12:59:21.0581 4624 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
12:59:21.0582 4624 isapnp - ok
12:59:21.0606 4624 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:59:21.0608 4624 iScsiPrt - ok
12:59:21.0635 4624 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:59:21.0636 4624 kbdclass - ok
12:59:21.0652 4624 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:59:21.0653 4624 kbdhid - ok
12:59:21.0664 4624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
12:59:21.0666 4624 KeyIso - ok
12:59:21.0689 4624 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:59:21.0690 4624 KSecDD - ok
12:59:21.0725 4624 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:59:21.0728 4624 KSecPkg - ok
12:59:21.0773 4624 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
12:59:21.0791 4624 KtmRm - ok
12:59:21.0845 4624 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
12:59:21.0851 4624 LanmanServer - ok
12:59:21.0869 4624 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:59:21.0882 4624 LanmanWorkstation - ok
12:59:21.0924 4624 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:59:21.0925 4624 lltdio - ok
12:59:21.0959 4624 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:59:21.0966 4624 lltdsvc - ok
12:59:21.0994 4624 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
12:59:21.0996 4624 lmhosts - ok
12:59:22.0015 4624 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:59:22.0016 4624 LSI_FC - ok
12:59:22.0037 4624 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:59:22.0038 4624 LSI_SAS - ok
12:59:22.0076 4624 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:59:22.0077 4624 LSI_SAS2 - ok
12:59:22.0105 4624 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:59:22.0106 4624 LSI_SCSI - ok
12:59:22.0125 4624 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
12:59:22.0126 4624 luafv - ok
12:59:22.0254 4624 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
12:59:22.0369 4624 LVUVC - ok
12:59:22.0408 4624 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:59:22.0410 4624 Mcx2Svc - ok
12:59:22.0437 4624 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:59:22.0438 4624 megasas - ok
12:59:22.0470 4624 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:59:22.0487 4624 MegaSR - ok
12:59:22.0508 4624 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
12:59:22.0514 4624 MMCSS - ok
12:59:22.0538 4624 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
12:59:22.0539 4624 Modem - ok
12:59:22.0571 4624 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:59:22.0572 4624 monitor - ok
12:59:22.0585 4624 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:59:22.0586 4624 mouclass - ok
12:59:22.0600 4624 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:59:22.0601 4624 mouhid - ok
12:59:22.0610 4624 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:59:22.0611 4624 mountmgr - ok
12:59:22.0642 4624 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:59:22.0645 4624 MozillaMaintenance - ok
12:59:22.0660 4624 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
12:59:22.0661 4624 mpio - ok
12:59:22.0684 4624 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:59:22.0684 4624 mpsdrv - ok
12:59:22.0704 4624 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
12:59:22.0710 4624 MpsSvc - ok
12:59:22.0720 4624 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:59:22.0721 4624 MRxDAV - ok
12:59:22.0758 4624 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:59:22.0759 4624 mrxsmb - ok
12:59:22.0781 4624 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:59:22.0783 4624 mrxsmb10 - ok
12:59:22.0807 4624 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:59:22.0809 4624 mrxsmb20 - ok
12:59:22.0856 4624 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
12:59:22.0857 4624 msahci - ok
12:59:22.0872 4624 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
12:59:22.0873 4624 msdsm - ok
12:59:22.0880 4624 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
12:59:22.0883 4624 MSDTC - ok
12:59:22.0926 4624 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:59:22.0927 4624 Msfs - ok
12:59:22.0942 4624 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:59:22.0943 4624 mshidkmdf - ok
12:59:22.0963 4624 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
12:59:22.0964 4624 msisadrv - ok
12:59:23.0019 4624 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:59:23.0021 4624 MSiSCSI - ok
12:59:23.0025 4624 msiserver - ok
12:59:23.0070 4624 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:59:23.0070 4624 MSKSSRV - ok
12:59:23.0120 4624 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:59:23.0121 4624 MSPCLOCK - ok
12:59:23.0128 4624 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:59:23.0129 4624 MSPQM - ok
12:59:23.0160 4624 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:59:23.0164 4624 MsRPC - ok
12:59:23.0190 4624 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:59:23.0190 4624 mssmbios - ok
12:59:23.0216 4624 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:59:23.0216 4624 MSTEE - ok
12:59:23.0222 4624 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:59:23.0223 4624 MTConfig - ok
12:59:23.0281 4624 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
12:59:23.0282 4624 Mup - ok
12:59:23.0367 4624 [ 4BA84C832E0741A294C4444556DFE993 ] N360 C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
12:59:23.0369 4624 N360 - ok
12:59:23.0399 4624 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
12:59:23.0418 4624 napagent - ok
12:59:23.0461 4624 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:59:23.0463 4624 NativeWifiP - ok
12:59:23.0564 4624 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130301.025\NAVENG.SYS
12:59:23.0576 4624 NAVENG - ok
12:59:23.0630 4624 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130301.025\NAVEX15.SYS
12:59:23.0656 4624 NAVEX15 - ok
12:59:23.0696 4624 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:59:23.0707 4624 NDIS - ok
12:59:23.0746 4624 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:59:23.0747 4624 NdisCap - ok
12:59:23.0778 4624 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:59:23.0778 4624 NdisTapi - ok
12:59:23.0784 4624 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:59:23.0785 4624 Ndisuio - ok
12:59:23.0801 4624 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:59:23.0802 4624 NdisWan - ok
12:59:23.0821 4624 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:59:23.0822 4624 NDProxy - ok
12:59:23.0863 4624 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:59:23.0864 4624 Net Driver HPZ12 - ok
12:59:23.0878 4624 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:59:23.0878 4624 NetBIOS - ok
12:59:23.0907 4624 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:59:23.0912 4624 NetBT - ok
12:59:23.0928 4624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
12:59:23.0930 4624 Netlogon - ok
12:59:23.0994 4624 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
12:59:24.0007 4624 Netman - ok
12:59:24.0041 4624 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
12:59:24.0059 4624 netprofm - ok
12:59:24.0092 4624 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:59:24.0095 4624 NetTcpPortSharing - ok
12:59:24.0126 4624 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:59:24.0127 4624 nfrd960 - ok
12:59:24.0141 4624 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
12:59:24.0145 4624 NlaSvc - ok
12:59:24.0157 4624 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:59:24.0157 4624 Npfs - ok
12:59:24.0184 4624 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
12:59:24.0190 4624 nsi - ok
12:59:24.0203 4624 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:59:24.0204 4624 nsiproxy - ok
12:59:24.0335 4624 [ 5126C5402C730C2A953275D8497A4715 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:59:24.0363 4624 Ntfs - ok
12:59:24.0385 4624 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
12:59:24.0386 4624 Null - ok
12:59:24.0445 4624 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
12:59:24.0450 4624 NVENETFD - ok
12:59:24.0522 4624 [ 3D7FB57354703809B5F0C23287FAC1D6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
12:59:24.0529 4624 NVHDA - ok
12:59:24.0803 4624 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:59:24.0988 4624 nvlddmkm - ok
12:59:24.0999 4624 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:59:25.0001 4624 nvraid - ok
12:59:25.0057 4624 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:59:25.0058 4624 nvstor - ok
12:59:25.0202 4624 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:59:25.0216 4624 nvsvc - ok
12:59:25.0281 4624 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:59:25.0291 4624 nvUpdatusService - ok
12:59:25.0333 4624 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
12:59:25.0334 4624 nv_agp - ok
12:59:25.0359 4624 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:59:25.0360 4624 ohci1394 - ok
12:59:25.0433 4624 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:59:25.0437 4624 ose - ok
12:59:25.0614 4624 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:59:25.0726 4624 osppsvc - ok
12:59:25.0764 4624 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:59:25.0770 4624 p2pimsvc - ok
12:59:25.0814 4624 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
12:59:25.0825 4624 p2psvc - ok
12:59:25.0855 4624 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:59:25.0856 4624 Parport - ok
12:59:25.0894 4624 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:59:25.0895 4624 partmgr - ok
12:59:25.0905 4624 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:59:25.0906 4624 Parvdm - ok
12:59:25.0916 4624 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:59:25.0919 4624 PcaSvc - ok
12:59:25.0936 4624 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
12:59:25.0939 4624 pci - ok
12:59:25.0977 4624 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
12:59:25.0978 4624 pciide - ok
12:59:26.0035 4624 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:59:26.0038 4624 pcmcia - ok
12:59:26.0072 4624 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
12:59:26.0072 4624 pcw - ok
12:59:26.0149 4624 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:59:26.0161 4624 PEAUTH - ok
12:59:26.0225 4624 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
12:59:26.0251 4624 pla - ok
12:59:26.0299 4624 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:59:26.0316 4624 PlugPlay - ok
12:59:26.0350 4624 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:59:26.0351 4624 Pml Driver HPZ12 - ok
12:59:26.0380 4624 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:59:26.0384 4624 PNRPAutoReg - ok
12:59:26.0395 4624 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:59:26.0399 4624 PNRPsvc - ok
12:59:26.0455 4624 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:59:26.0465 4624 PolicyAgent - ok
12:59:26.0501 4624 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
12:59:26.0510 4624 Power - ok
12:59:26.0570 4624 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:59:26.0571 4624 PptpMiniport - ok
12:59:26.0607 4624 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:59:26.0608 4624 Processor - ok
12:59:26.0643 4624 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
12:59:26.0652 4624 ProfSvc - ok
12:59:26.0667 4624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:59:26.0669 4624 ProtectedStorage - ok
12:59:26.0691 4624 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:59:26.0695 4624 Psched - ok
12:59:26.0826 4624 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:59:26.0853 4624 ql2300 - ok
12:59:26.0876 4624 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:59:26.0878 4624 ql40xx - ok
12:59:26.0918 4624 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
12:59:26.0928 4624 QWAVE - ok
12:59:26.0952 4624 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:59:26.0953 4624 QWAVEdrv - ok
12:59:26.0973 4624 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:59:26.0974 4624 RasAcd - ok
12:59:26.0993 4624 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:59:26.0994 4624 RasAgileVpn - ok
12:59:27.0011 4624 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
12:59:27.0015 4624 RasAuto - ok
12:59:27.0026 4624 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:59:27.0027 4624 Rasl2tp - ok
12:59:27.0039 4624 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
12:59:27.0045 4624 RasMan - ok
12:59:27.0061 4624 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:59:27.0062 4624 RasPppoe - ok
12:59:27.0084 4624 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:59:27.0085 4624 RasSstp - ok
12:59:27.0097 4624 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:59:27.0100 4624 rdbss - ok
12:59:27.0130 4624 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:59:27.0130 4624 rdpbus - ok
12:59:27.0154 4624 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:59:27.0154 4624 RDPCDD - ok
12:59:27.0186 4624 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:59:27.0187 4624 RDPENCDD - ok
12:59:27.0204 4624 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:59:27.0205 4624 RDPREFMP - ok
12:59:27.0263 4624 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:59:27.0297 4624 RDPWD - ok
12:59:27.0334 4624 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:59:27.0339 4624 rdyboost - ok
12:59:27.0350 4624 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
12:59:27.0352 4624 RemoteAccess - ok
12:59:27.0368 4624 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:59:27.0372 4624 RemoteRegistry - ok
12:59:27.0387 4624 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:59:27.0395 4624 RpcEptMapper - ok
12:59:27.0409 4624 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
12:59:27.0411 4624 RpcLocator - ok
12:59:27.0424 4624 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
12:59:27.0428 4624 RpcSs - ok
12:59:27.0444 4624 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:59:27.0445 4624 rspndr - ok
12:59:27.0458 4624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
12:59:27.0460 4624 SamSs - ok
12:59:27.0528 4624 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
12:59:27.0529 4624 sbp2port - ok
12:59:27.0544 4624 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:59:27.0548 4624 SCardSvr - ok
12:59:27.0592 4624 [ 150B367C18727C41418EB969D512994E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
12:59:27.0593 4624 SCDEmu - ok
12:59:27.0628 4624 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:59:27.0629 4624 scfilter - ok
12:59:27.0698 4624 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
12:59:27.0716 4624 Schedule - ok
12:59:27.0735 4624 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:59:27.0736 4624 SCPolicySvc - ok
12:59:27.0756 4624 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:59:27.0760 4624 SDRSVC - ok
12:59:27.0778 4624 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:59:27.0779 4624 secdrv - ok
12:59:27.0796 4624 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
12:59:27.0801 4624 seclogon - ok
12:59:27.0819 4624 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
12:59:27.0828 4624 SENS - ok
12:59:27.0860 4624 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:59:27.0865 4624 SensrSvc - ok
12:59:27.0900 4624 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:59:27.0901 4624 Serenum - ok
12:59:27.0980 4624 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:59:27.0983 4624 Serial - ok
12:59:28.0029 4624 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:59:28.0030 4624 sermouse - ok
12:59:28.0060 4624 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
12:59:28.0063 4624 SessionEnv - ok
12:59:28.0069 4624 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
12:59:28.0071 4624 sffdisk - ok
12:59:28.0077 4624 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:59:28.0078 4624 sffp_mmc - ok
12:59:28.0085 4624 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
12:59:28.0085 4624 sffp_sd - ok
12:59:28.0123 4624 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:59:28.0124 4624 sfloppy - ok
12:59:28.0227 4624 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:59:28.0237 4624 SharedAccess - ok
12:59:28.0275 4624 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:59:28.0281 4624 ShellHWDetection - ok
12:59:28.0308 4624 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
12:59:28.0309 4624 sisagp - ok
12:59:28.0381 4624 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:59:28.0382 4624 SiSRaid2 - ok
12:59:28.0417 4624 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:59:28.0418 4624 SiSRaid4 - ok
12:59:28.0478 4624 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:59:28.0478 4624 Smb - ok
12:59:28.0534 4624 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:59:28.0539 4624 SNMPTRAP - ok
12:59:28.0561 4624 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
12:59:28.0562 4624 spldr - ok
12:59:28.0616 4624 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe
12:59:28.0629 4624 Spooler - ok
12:59:28.0697 4624 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
12:59:28.0808 4624 sppsvc - ok
12:59:28.0852 4624 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:59:28.0861 4624 sppuinotify - ok
12:59:28.0987 4624 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\Windows\System32\Drivers\N360\1402010.016\SRTSP.SYS
12:59:29.0000 4624 SRTSP - ok
12:59:29.0079 4624 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\Windows\system32\drivers\N360\1402010.016\SRTSPX.SYS
12:59:29.0084 4624 SRTSPX - ok
12:59:29.0122 4624 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:59:29.0139 4624 srv - ok
12:59:29.0164 4624 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:59:29.0167 4624 srv2 - ok
12:59:29.0182 4624 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:59:29.0183 4624 srvnet - ok
12:59:29.0228 4624 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:59:29.0251 4624 SSDPSRV - ok
12:59:29.0289 4624 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:59:29.0292 4624 SstpSvc - ok
12:59:29.0364 4624 Steam Client Service - ok
12:59:29.0419 4624 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:59:29.0424 4624 Stereo Service - ok
12:59:29.0483 4624 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:59:29.0485 4624 stexstor - ok
12:59:29.0529 4624 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:59:29.0530 4624 StillCam - ok
12:59:29.0561 4624 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
12:59:29.0578 4624 StiSvc - ok
12:59:29.0590 4624 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:59:29.0591 4624 swenum - ok
12:59:29.0719 4624 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:59:29.0743 4624 SwitchBoard - ok
12:59:29.0783 4624 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
12:59:29.0824 4624 swprv - ok
12:59:29.0873 4624 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\Windows\system32\drivers\N360\1402010.016\SYMDS.SYS
12:59:29.0879 4624 SymDS - ok
12:59:29.0904 4624 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\Windows\system32\drivers\N360\1402010.016\SYMEFA.SYS
12:59:29.0931 4624 SymEFA - ok
12:59:29.0967 4624 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
12:59:29.0969 4624 SymEvent - ok
12:59:30.0008 4624 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\N360\1402010.016\Ironx86.SYS
12:59:30.0010 4624 SymIRON - ok
12:59:30.0029 4624 [ 21698476A90ACAA056B8CFE09A82785F ] SymNetS C:\Windows\System32\Drivers\N360\1402010.016\SYMNETS.SYS
12:59:30.0045 4624 SymNetS - ok
12:59:30.0116 4624 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
12:59:30.0167 4624 SysMain - ok
12:59:30.0218 4624 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:59:30.0222 4624 TabletInputService - ok
12:59:30.0241 4624 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
12:59:30.0246 4624 TapiSrv - ok
12:59:30.0257 4624 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
12:59:30.0260 4624 TBS - ok
12:59:30.0351 4624 [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:59:30.0377 4624 Tcpip - ok
12:59:30.0435 4624 [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:59:30.0442 4624 TCPIP6 - ok
12:59:30.0484 4624 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:59:30.0484 4624 tcpipreg - ok
12:59:30.0521 4624 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:59:30.0521 4624 TDPIPE - ok
12:59:30.0569 4624 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:59:30.0580 4624 TDTCP - ok
12:59:30.0612 4624 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:59:30.0613 4624 tdx - ok
12:59:30.0626 4624 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:59:30.0627 4624 TermDD - ok
12:59:30.0648 4624 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
12:59:30.0656 4624 TermService - ok
12:59:30.0666 4624 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
12:59:30.0672 4624 Themes - ok
12:59:30.0691 4624 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
12:59:30.0693 4624 THREADORDER - ok
12:59:30.0699 4624 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
12:59:30.0702 4624 TrkWks - ok
12:59:30.0756 4624 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:59:30.0762 4624 TrustedInstaller - ok
12:59:30.0776 4624 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:59:30.0776 4624 tssecsrv - ok
12:59:30.0799 4624 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:59:30.0800 4624 tunnel - ok
12:59:30.0828 4624 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:59:30.0829 4624 uagp35 - ok
12:59:30.0867 4624 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:59:30.0870 4624 udfs - ok
12:59:30.0892 4624 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:59:30.0898 4624 UI0Detect - ok
12:59:30.0927 4624 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
12:59:30.0928 4624 uliagpkx - ok
12:59:30.0990 4624 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:59:30.0990 4624 umbus - ok
12:59:31.0014 4624 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:59:31.0015 4624 UmPass - ok
12:59:31.0095 4624 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
12:59:31.0114 4624 UMVPFSrv - ok
12:59:31.0181 4624 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
12:59:31.0183 4624 UnlockerDriver5 - ok
12:59:31.0238 4624 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
12:59:31.0255 4624 upnphost - ok
12:59:31.0293 4624 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
12:59:31.0294 4624 USBAAPL - ok
12:59:31.0340 4624 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:59:31.0342 4624 usbaudio - ok
12:59:31.0389 4624 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:59:31.0391 4624 usbccgp - ok
12:59:31.0424 4624 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
12:59:31.0441 4624 usbcir - ok
12:59:31.0485 4624 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:59:31.0486 4624 usbehci - ok
12:59:31.0501 4624 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:59:31.0504 4624 usbhub - ok
12:59:31.0516 4624 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:59:31.0516 4624 usbohci - ok
12:59:31.0556 4624 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:59:31.0557 4624 usbprint - ok
12:59:31.0583 4624 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:59:31.0584 4624 USBSTOR - ok
12:59:31.0631 4624 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:59:31.0631 4624 usbuhci - ok
12:59:31.0658 4624 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:59:31.0666 4624 usbvideo - ok
12:59:31.0682 4624 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
12:59:31.0689 4624 UxSms - ok
12:59:31.0704 4624 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
12:59:31.0706 4624 VaultSvc - ok
12:59:31.0733 4624 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
12:59:31.0734 4624 vdrvroot - ok
12:59:31.0754 4624 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
12:59:31.0761 4624 vds - ok
12:59:31.0787 4624 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:59:31.0787 4624 vga - ok
12:59:31.0813 4624 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:59:31.0814 4624 VgaSave - ok
12:59:31.0830 4624 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
12:59:31.0832 4624 vhdmp - ok
12:59:31.0870 4624 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
12:59:31.0871 4624 viaagp - ok
12:59:31.0891 4624 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:59:31.0892 4624 ViaC7 - ok
12:59:31.0913 4624 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
12:59:31.0914 4624 viaide - ok
12:59:31.0927 4624 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
12:59:31.0928 4624 volmgr - ok
12:59:31.0945 4624 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:59:31.0949 4624 volmgrx - ok
12:59:31.0960 4624 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
12:59:31.0963 4624 volsnap - ok
12:59:31.0985 4624 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:59:32.0004 4624 vsmraid - ok
12:59:32.0094 4624 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
12:59:32.0127 4624 VSS - ok
12:59:32.0159 4624 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:59:32.0159 4624 vwifibus - ok
12:59:32.0220 4624 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
12:59:32.0226 4624 W32Time - ok
12:59:32.0266 4624 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:59:32.0267 4624 WacomPen - ok
12:59:32.0300 4624 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:59:32.0301 4624 WANARP - ok
12:59:32.0310 4624 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:59:32.0311 4624 Wanarpv6 - ok
12:59:32.0338 4624 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
12:59:32.0363 4624 wbengine - ok
12:59:32.0395 4624 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:59:32.0402 4624 WbioSrvc - ok
12:59:32.0431 4624 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:59:32.0437 4624 wcncsvc - ok
12:59:32.0451 4624 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:59:32.0456 4624 WcsPlugInService - ok
12:59:32.0475 4624 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:59:32.0476 4624 Wd - ok
12:59:32.0534 4624 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:59:32.0549 4624 Wdf01000 - ok
12:59:32.0561 4624 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:59:32.0566 4624 WdiServiceHost - ok
12:59:32.0570 4624 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:59:32.0573 4624 WdiSystemHost - ok
12:59:32.0599 4624 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
12:59:32.0604 4624 WebClient - ok
12:59:32.0628 4624 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:59:32.0637 4624 Wecsvc - ok
12:59:32.0657 4624 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:59:32.0664 4624 wercplsupport - ok
12:59:32.0706 4624 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
12:59:32.0713 4624 WerSvc - ok
12:59:32.0743 4624 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:59:32.0744 4624 WfpLwf - ok
12:59:32.0765 4624 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:59:32.0766 4624 WIMMount - ok
12:59:32.0883 4624 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:59:32.0939 4624 WinDefend - ok
12:59:32.0953 4624 WinHttpAutoProxySvc - ok
12:59:33.0030 4624 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:59:33.0033 4624 Winmgmt - ok
12:59:33.0060 4624 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
12:59:33.0086 4624 WinRM - ok
12:59:33.0125 4624 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:59:33.0126 4624 WinUsb - ok
12:59:33.0155 4624 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:59:33.0174 4624 Wlansvc - ok
12:59:33.0189 4624 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:59:33.0190 4624 WmiAcpi - ok
12:59:33.0228 4624 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:59:33.0232 4624 wmiApSrv - ok
12:59:33.0351 4624 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:59:33.0377 4624 WMPNetworkSvc - ok
12:59:33.0388 4624 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:59:33.0393 4624 WPCSvc - ok
12:59:33.0446 4624 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:59:33.0450 4624 WPDBusEnum - ok
12:59:33.0460 4624 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:59:33.0460 4624 ws2ifsl - ok
12:59:33.0490 4624 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
12:59:33.0497 4624 wscsvc - ok
12:59:33.0540 4624 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:59:33.0541 4624 WSDPrintDevice - ok
12:59:33.0545 4624 WSearch - ok
12:59:33.0635 4624 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:59:33.0676 4624 wuauserv - ok
12:59:33.0733 4624 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:59:33.0734 4624 WudfPf - ok
12:59:33.0775 4624 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:59:33.0799 4624 WUDFRd - ok
12:59:33.0852 4624 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:59:33.0857 4624 wudfsvc - ok
12:59:33.0895 4624 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:59:33.0908 4624 WwanSvc - ok
12:59:33.0927 4624 ================ Scan global ===============================
12:59:33.0956 4624 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
12:59:33.0996 4624 [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
12:59:34.0006 4624 [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
12:59:34.0023 4624 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:59:34.0060 4624 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:59:34.0065 4624 [Global] - ok
12:59:34.0065 4624 ================ Scan MBR ==================================
12:59:34.0072 4624 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:59:34.0618 4624 \Device\Harddisk0\DR0 - ok
12:59:34.0624 4624 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
12:59:34.0631 4624 \Device\Harddisk1\DR1 - ok
12:59:34.0631 4624 ================ Scan VBR ==================================
12:59:34.0635 4624 [ 5AC6499C897FDD493D5FBFEBD9E6BFBE ] \Device\Harddisk0\DR0\Partition1
12:59:34.0636 4624 \Device\Harddisk0\DR0\Partition1 - ok
12:59:34.0648 4624 [ 49A12473C3EF9F50F0A13DCFFD0F105B ] \Device\Harddisk0\DR0\Partition2
12:59:34.0650 4624 \Device\Harddisk0\DR0\Partition2 - ok
12:59:34.0680 4624 [ ED921A9788C29E6FA2B1DE5A8FF6F69E ] \Device\Harddisk0\DR0\Partition3
12:59:34.0682 4624 \Device\Harddisk0\DR0\Partition3 - ok
12:59:34.0687 4624 [ 0E23D211521EBEDC879812492CE62A5A ] \Device\Harddisk1\DR1\Partition1
12:59:34.0688 4624 \Device\Harddisk1\DR1\Partition1 - ok
12:59:34.0688 4624 ============================================================
12:59:34.0688 4624 Scan finished
12:59:34.0688 4624 ============================================================
12:59:34.0702 3720 Detected object count: 0
12:59:34.0702 3720 Actual detected object count: 0
Geändert von bw_lonewolf (02.03.2013 um 13:08 Uhr) |
|
02.03.2013, 13:01
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook, Youtube , Google, etc durch Surveys gesperrt! Was machst du da immer mit den CODE-Tags?! Die heißen CODE und nicht COPY!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.03.2013, 13:10
| #11 |
| | Facebook, Youtube , Google, etc durch Surveys gesperrt! Jaja habs jetzt schon gecheckt! Also ich hab gerade die Aswmbr durchlaufen lassen, hab auch scan gedrückt, dann hats ein bisschen gedauert, dann hat sich der Pc aufgehängt und ich hab nen Bluescreen bekommen. "Windows has been shut down to prevent damage on the computer" |
|
02.03.2013, 13:12
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook, Youtube , Google, etc durch Surveys gesperrt!Zitat:
Und zu aswMBR: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.03.2013, 16:33
| #13 |
| | Facebook, Youtube , Google, etc durch Surveys gesperrt!Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-02 16:28:24
-----------------------------
16:28:24.024 OS Version: Windows 6.1.7600
16:28:24.024 Number of processors: 4 586 0x502
16:28:24.025 ComputerName: TOBI-PC UserName: Tobi
16:28:25.213 Initialize success
16:28:37.052 AVAST engine defs: 13030100
16:29:06.809 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000069
16:29:06.815 Disk 0 Vendor: ST310005 CC38 Size: 953869MB BusType: 3
16:29:06.831 Disk 0 MBR read successfully
16:29:06.838 Disk 0 MBR scan
16:29:06.849 Disk 0 Windows 7 default MBR code
16:29:06.903 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 400 MB offset 63
16:29:06.932 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 890187 MB offset 819315
16:29:06.964 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 63279 MB offset 1823923710
16:29:06.972 Disk 0 scanning sectors +1953520065
16:29:07.040 Disk 0 scanning C:\Windows\system32\drivers
16:29:19.141 Service scanning
16:29:37.311 Modules scanning
16:29:44.641 Disk 0 trace - called modules:
16:29:44.980
16:29:44.994 Scan finished successfully
16:30:19.466 Disk 0 MBR has been saved successfully to "C:\Users\Tobi\Desktop\MBR.dat"
16:30:19.471 The log file has been saved successfully to "C:\Users\Tobi\Desktop\aswMBR.txt"
Code:
ATTFilter 16:30:50.0436 5140 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:30:52.0445 5140 ============================================================
16:30:52.0445 5140 Current date / time: 2013/03/02 16:30:52.0445
16:30:52.0445 5140 SystemInfo:
16:30:52.0445 5140
16:30:52.0445 5140 OS Version: 6.1.7600 ServicePack: 0.0
16:30:52.0445 5140 Product type: Workstation
16:30:52.0445 5140 ComputerName: TOBI-PC
16:30:52.0445 5140 UserName: Tobi
16:30:52.0445 5140 Windows directory: C:\Windows
16:30:52.0445 5140 System windows directory: C:\Windows
16:30:52.0445 5140 Processor architecture: Intel x86
16:30:52.0445 5140 Number of processors: 4
16:30:52.0445 5140 Page size: 0x1000
16:30:52.0445 5140 Boot type: Normal boot
16:30:52.0445 5140 ============================================================
16:30:53.0583 5140 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:30:53.0586 5140 Drive \Device\Harddisk1\DR1 - Size: 0x3BD800000 (14.96 Gb), SectorSize: 0x200, Cylinders: 0x7A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:30:53.0587 5140 ============================================================
16:30:53.0587 5140 \Device\Harddisk0\DR0:
16:30:53.0588 5140 MBR partitions:
16:30:53.0588 5140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC8034
16:30:53.0588 5140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC8073, BlocksNum 0x6CAA5D8B
16:30:53.0588 5140 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6CB6DDFE, BlocksNum 0x7B97BC3
16:30:53.0588 5140 \Device\Harddisk1\DR1:
16:30:53.0589 5140 MBR partitions:
16:30:53.0589 5140 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x1DEA000
16:30:53.0589 5140 ============================================================
16:30:53.0613 5140 C: <-> \Device\Harddisk0\DR0\Partition2
16:30:53.0639 5140 H: <-> \Device\Harddisk0\DR0\Partition3
16:30:53.0639 5140 ============================================================
16:30:53.0639 5140 Initialize success
16:30:53.0639 5140 ============================================================
16:31:05.0706 3632 ============================================================
16:31:05.0706 3632 Scan started
16:31:05.0706 3632 Mode: Manual; SigCheck; TDLFS;
16:31:05.0706 3632 ============================================================
16:31:06.0120 3632 ================ Scan system memory ========================
16:31:06.0120 3632 System memory - ok
16:31:06.0121 3632 ================ Scan services =============================
16:31:06.0289 3632 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:31:06.0374 3632 1394ohci - ok
16:31:06.0391 3632 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:31:06.0408 3632 ACPI - ok
16:31:06.0414 3632 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:31:06.0473 3632 AcpiPmi - ok
16:31:06.0560 3632 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:31:06.0601 3632 AdobeFlashPlayerUpdateSvc - ok
16:31:06.0625 3632 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:31:06.0649 3632 adp94xx - ok
16:31:06.0659 3632 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:31:06.0676 3632 adpahci - ok
16:31:06.0689 3632 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:31:06.0704 3632 adpu320 - ok
16:31:06.0739 3632 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:31:06.0764 3632 AeLookupSvc - ok
16:31:06.0807 3632 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
16:31:06.0871 3632 AFD - ok
16:31:06.0896 3632 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:31:06.0917 3632 agp440 - ok
16:31:06.0952 3632 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
16:31:06.0973 3632 aic78xx - ok
16:31:06.0987 3632 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:31:07.0047 3632 ALG - ok
16:31:07.0079 3632 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
16:31:07.0099 3632 aliide - ok
16:31:07.0106 3632 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
16:31:07.0127 3632 amdagp - ok
16:31:07.0144 3632 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
16:31:07.0164 3632 amdide - ok
16:31:07.0172 3632 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:31:07.0189 3632 AmdK8 - ok
16:31:07.0204 3632 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:31:07.0224 3632 AmdPPM - ok
16:31:07.0258 3632 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:31:07.0270 3632 amdsata - ok
16:31:07.0288 3632 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:31:07.0303 3632 amdsbs - ok
16:31:07.0315 3632 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:31:07.0326 3632 amdxata - ok
16:31:07.0333 3632 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
16:31:07.0399 3632 AppID - ok
16:31:07.0404 3632 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:31:07.0511 3632 AppIDSvc - ok
16:31:07.0531 3632 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
16:31:07.0582 3632 Appinfo - ok
16:31:07.0665 3632 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:31:07.0706 3632 Apple Mobile Device - ok
16:31:07.0727 3632 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:31:07.0744 3632 arc - ok
16:31:07.0775 3632 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:31:07.0787 3632 arcsas - ok
16:31:07.0804 3632 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:31:07.0931 3632 AsyncMac - ok
16:31:07.0947 3632 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
16:31:07.0963 3632 atapi - ok
16:31:07.0983 3632 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:31:08.0037 3632 AudioEndpointBuilder - ok
16:31:08.0047 3632 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:31:08.0075 3632 Audiosrv - ok
16:31:08.0103 3632 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:31:08.0151 3632 AxInstSV - ok
16:31:08.0186 3632 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
16:31:08.0207 3632 b06bdrv - ok
16:31:08.0257 3632 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:31:08.0306 3632 b57nd60x - ok
16:31:08.0350 3632 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:31:08.0417 3632 BDESVC - ok
16:31:08.0434 3632 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:31:08.0490 3632 Beep - ok
16:31:08.0519 3632 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
16:31:08.0583 3632 BFE - ok
16:31:08.0773 3632 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx86.sys
16:31:08.0829 3632 BHDrvx86 - ok
16:31:08.0872 3632 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
16:31:08.0909 3632 BITS - ok
16:31:08.0922 3632 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:31:08.0956 3632 blbdrive - ok
16:31:09.0002 3632 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:31:09.0039 3632 Bonjour Service - ok
16:31:09.0069 3632 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:31:09.0090 3632 bowser - ok
16:31:09.0113 3632 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:31:09.0135 3632 BrFiltLo - ok
16:31:09.0141 3632 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:31:09.0163 3632 BrFiltUp - ok
16:31:09.0200 3632 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
16:31:09.0225 3632 Browser - ok
16:31:09.0235 3632 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:31:09.0264 3632 Brserid - ok
16:31:09.0270 3632 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:31:09.0296 3632 BrSerWdm - ok
16:31:09.0301 3632 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:31:09.0318 3632 BrUsbMdm - ok
16:31:09.0323 3632 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:31:09.0337 3632 BrUsbSer - ok
16:31:09.0343 3632 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:31:09.0358 3632 BTHMODEM - ok
16:31:09.0407 3632 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:31:09.0439 3632 bthserv - ok
16:31:09.0492 3632 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360 C:\Windows\system32\drivers\N360\1402010.016\ccSetx86.sys
16:31:09.0525 3632 ccSet_N360 - ok
16:31:09.0587 3632 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:31:09.0658 3632 cdfs - ok
16:31:09.0686 3632 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:31:09.0712 3632 cdrom - ok
16:31:09.0816 3632 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
16:31:09.0922 3632 CertPropSvc - ok
16:31:09.0937 3632 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:31:09.0952 3632 circlass - ok
16:31:09.0984 3632 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:31:10.0001 3632 CLFS - ok
16:31:10.0063 3632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:31:10.0093 3632 clr_optimization_v2.0.50727_32 - ok
16:31:10.0136 3632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:31:10.0159 3632 clr_optimization_v4.0.30319_32 - ok
16:31:10.0167 3632 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:31:10.0184 3632 CmBatt - ok
16:31:10.0192 3632 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
16:31:10.0204 3632 cmdide - ok
16:31:10.0242 3632 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
16:31:10.0276 3632 CNG - ok
16:31:10.0287 3632 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:31:10.0299 3632 Compbatt - ok
16:31:10.0308 3632 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:31:10.0324 3632 CompositeBus - ok
16:31:10.0330 3632 COMSysApp - ok
16:31:10.0337 3632 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:31:10.0349 3632 crcdisk - ok
16:31:10.0409 3632 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:31:10.0494 3632 CryptSvc - ok
16:31:10.0549 3632 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
16:31:10.0615 3632 DcomLaunch - ok
16:31:10.0653 3632 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:31:10.0705 3632 defragsvc - ok
16:31:10.0729 3632 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:31:10.0755 3632 DfsC - ok
16:31:10.0773 3632 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:31:10.0837 3632 Dhcp - ok
16:31:10.0844 3632 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:31:10.0872 3632 discache - ok
16:31:10.0888 3632 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:31:10.0900 3632 Disk - ok
16:31:10.0933 3632 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:31:10.0955 3632 Dnscache - ok
16:31:10.0967 3632 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
16:31:10.0997 3632 dot3svc - ok
16:31:11.0012 3632 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
16:31:11.0059 3632 DPS - ok
16:31:11.0125 3632 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:31:11.0165 3632 drmkaud - ok
16:31:11.0208 3632 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:31:11.0238 3632 DXGKrnl - ok
16:31:11.0251 3632 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:31:11.0285 3632 EapHost - ok
16:31:11.0349 3632 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
16:31:11.0440 3632 ebdrv - ok
16:31:11.0496 3632 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
16:31:11.0533 3632 eeCtrl - ok
16:31:11.0571 3632 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
16:31:11.0626 3632 EFS - ok
16:31:11.0691 3632 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:31:11.0728 3632 ehRecvr - ok
16:31:11.0761 3632 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
16:31:11.0786 3632 ehSched - ok
16:31:11.0807 3632 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:31:11.0825 3632 elxstor - ok
16:31:11.0864 3632 [ 093CEE3B45F0954DCE6CB891F6A920F7 ] epmntdrv C:\Windows\system32\epmntdrv.sys
16:31:11.0876 3632 epmntdrv - ok
16:31:11.0905 3632 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:31:11.0917 3632 EraserUtilRebootDrv - ok
16:31:11.0941 3632 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:31:11.0955 3632 ErrDev - ok
16:31:11.0997 3632 [ F1DE3EEF501DDA7DDF99F2EDF0C5540E ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
16:31:12.0007 3632 EuGdiDrv - ok
16:31:12.0040 3632 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:31:12.0087 3632 EventSystem - ok
16:31:12.0112 3632 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:31:12.0154 3632 exfat - ok
16:31:12.0197 3632 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:31:12.0248 3632 fastfat - ok
16:31:12.0290 3632 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
16:31:12.0313 3632 Fax - ok
16:31:12.0329 3632 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:31:12.0365 3632 fdc - ok
16:31:12.0396 3632 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:31:12.0443 3632 fdPHost - ok
16:31:12.0464 3632 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:31:12.0510 3632 FDResPub - ok
16:31:12.0533 3632 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:31:12.0546 3632 FileInfo - ok
16:31:12.0564 3632 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:31:12.0589 3632 Filetrace - ok
16:31:12.0611 3632 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:31:12.0627 3632 flpydisk - ok
16:31:12.0645 3632 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:31:12.0660 3632 FltMgr - ok
16:31:12.0703 3632 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
16:31:12.0732 3632 FontCache - ok
16:31:12.0791 3632 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:31:12.0804 3632 FontCache3.0.0.0 - ok
16:31:12.0832 3632 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:31:12.0844 3632 FsDepends - ok
16:31:12.0872 3632 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:31:12.0883 3632 Fs_Rec - ok
16:31:12.0919 3632 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:31:12.0941 3632 fvevol - ok
16:31:12.0963 3632 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:31:12.0975 3632 gagp30kx - ok
16:31:13.0028 3632 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:31:13.0038 3632 GEARAspiWDM - ok
16:31:13.0063 3632 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
16:31:13.0105 3632 gpsvc - ok
16:31:13.0153 3632 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:31:13.0167 3632 gusvc - ok
16:31:13.0188 3632 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:31:13.0222 3632 hcw85cir - ok
16:31:13.0261 3632 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:31:13.0298 3632 HdAudAddService - ok
16:31:13.0325 3632 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:31:13.0345 3632 HDAudBus - ok
16:31:13.0351 3632 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:31:13.0366 3632 HidBatt - ok
16:31:13.0373 3632 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:31:13.0388 3632 HidBth - ok
16:31:13.0400 3632 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:31:13.0417 3632 HidIr - ok
16:31:13.0442 3632 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:31:13.0473 3632 hidserv - ok
16:31:13.0486 3632 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:31:13.0499 3632 HidUsb - ok
16:31:13.0542 3632 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:31:13.0571 3632 hkmsvc - ok
16:31:13.0585 3632 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:31:13.0607 3632 HomeGroupListener - ok
16:31:13.0639 3632 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:31:13.0662 3632 HomeGroupProvider - ok
16:31:13.0673 3632 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:31:13.0686 3632 HpSAMD - ok
16:31:13.0826 3632 [ 9D23402D305869844BC6004A05CC74BA ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:31:13.0891 3632 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:31:13.0891 3632 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:31:13.0918 3632 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:31:13.0960 3632 HTTP - ok
16:31:13.0971 3632 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:31:13.0987 3632 hwpolicy - ok
16:31:14.0020 3632 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:31:14.0036 3632 i8042prt - ok
16:31:14.0073 3632 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:31:14.0089 3632 iaStorV - ok
16:31:14.0169 3632 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:31:14.0213 3632 idsvc - ok
16:31:14.0285 3632 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSvix86.sys
16:31:14.0302 3632 IDSVix86 - ok
16:31:14.0324 3632 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:31:14.0337 3632 iirsp - ok
16:31:14.0376 3632 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
16:31:14.0413 3632 IKEEXT - ok
16:31:14.0430 3632 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:31:14.0443 3632 intelide - ok
16:31:14.0458 3632 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:31:14.0474 3632 intelppm - ok
16:31:14.0487 3632 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:31:14.0526 3632 IPBusEnum - ok
16:31:14.0531 3632 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:31:14.0560 3632 IpFilterDriver - ok
16:31:14.0588 3632 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:31:14.0638 3632 iphlpsvc - ok
16:31:14.0655 3632 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:31:14.0668 3632 IPMIDRV - ok
16:31:14.0674 3632 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:31:14.0700 3632 IPNAT - ok
16:31:14.0752 3632 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:31:14.0774 3632 iPod Service - ok
16:31:14.0792 3632 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:31:14.0806 3632 IRENUM - ok
16:31:14.0818 3632 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:31:14.0830 3632 isapnp - ok
16:31:14.0851 3632 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:31:14.0867 3632 iScsiPrt - ok
16:31:14.0897 3632 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:31:14.0910 3632 kbdclass - ok
16:31:14.0922 3632 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:31:14.0938 3632 kbdhid - ok
16:31:14.0951 3632 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
16:31:14.0965 3632 KeyIso - ok
16:31:15.0001 3632 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:31:15.0013 3632 KSecDD - ok
16:31:15.0028 3632 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:31:15.0043 3632 KSecPkg - ok
16:31:15.0076 3632 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:31:15.0122 3632 KtmRm - ok
16:31:15.0164 3632 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:31:15.0186 3632 LanmanServer - ok
16:31:15.0208 3632 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:31:15.0234 3632 LanmanWorkstation - ok
16:31:15.0260 3632 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:31:15.0285 3632 lltdio - ok
16:31:15.0320 3632 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:31:15.0363 3632 lltdsvc - ok
16:31:15.0381 3632 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:31:15.0413 3632 lmhosts - ok
16:31:15.0427 3632 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:31:15.0439 3632 LSI_FC - ok
16:31:15.0448 3632 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:31:15.0461 3632 LSI_SAS - ok
16:31:15.0471 3632 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:31:15.0483 3632 LSI_SAS2 - ok
16:31:15.0500 3632 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:31:15.0512 3632 LSI_SCSI - ok
16:31:15.0520 3632 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:31:15.0560 3632 luafv - ok
16:31:15.0667 3632 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
16:31:15.0784 3632 LVUVC - ok
16:31:15.0844 3632 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:31:15.0862 3632 Mcx2Svc - ok
16:31:15.0890 3632 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:31:15.0902 3632 megasas - ok
16:31:15.0914 3632 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:31:15.0930 3632 MegaSR - ok
16:31:15.0944 3632 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:31:15.0977 3632 MMCSS - ok
16:31:15.0999 3632 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:31:16.0053 3632 Modem - ok
16:31:16.0074 3632 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:31:16.0090 3632 monitor - ok
16:31:16.0096 3632 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:31:16.0109 3632 mouclass - ok
16:31:16.0128 3632 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:31:16.0144 3632 mouhid - ok
16:31:16.0155 3632 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:31:16.0167 3632 mountmgr - ok
16:31:16.0220 3632 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:31:16.0234 3632 MozillaMaintenance - ok
16:31:16.0254 3632 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:31:16.0267 3632 mpio - ok
16:31:16.0278 3632 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:31:16.0307 3632 mpsdrv - ok
16:31:16.0324 3632 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
16:31:16.0373 3632 MpsSvc - ok
16:31:16.0398 3632 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:31:16.0416 3632 MRxDAV - ok
16:31:16.0453 3632 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:31:16.0496 3632 mrxsmb - ok
16:31:16.0504 3632 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:31:16.0519 3632 mrxsmb10 - ok
16:31:16.0535 3632 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:31:16.0549 3632 mrxsmb20 - ok
16:31:16.0559 3632 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
16:31:16.0571 3632 msahci - ok
16:31:16.0583 3632 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:31:16.0597 3632 msdsm - ok
16:31:16.0613 3632 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:31:16.0631 3632 MSDTC - ok
16:31:16.0654 3632 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:31:16.0679 3632 Msfs - ok
16:31:16.0695 3632 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:31:16.0734 3632 mshidkmdf - ok
16:31:16.0749 3632 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:31:16.0761 3632 msisadrv - ok
16:31:16.0797 3632 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:31:16.0826 3632 MSiSCSI - ok
16:31:16.0831 3632 msiserver - ok
16:31:16.0873 3632 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:31:16.0899 3632 MSKSSRV - ok
16:31:16.0915 3632 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:31:16.0958 3632 MSPCLOCK - ok
16:31:16.0964 3632 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:31:16.0990 3632 MSPQM - ok
16:31:17.0017 3632 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:31:17.0034 3632 MsRPC - ok
16:31:17.0050 3632 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:31:17.0063 3632 mssmbios - ok
16:31:17.0069 3632 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:31:17.0098 3632 MSTEE - ok
16:31:17.0103 3632 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:31:17.0117 3632 MTConfig - ok
16:31:17.0126 3632 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:31:17.0138 3632 Mup - ok
16:31:17.0219 3632 [ 4BA84C832E0741A294C4444556DFE993 ] N360 C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
16:31:17.0232 3632 N360 - ok
16:31:17.0243 3632 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
16:31:17.0274 3632 napagent - ok
16:31:17.0339 3632 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:31:17.0359 3632 NativeWifiP - ok
16:31:17.0442 3632 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130301.025\NAVENG.SYS
16:31:17.0470 3632 NAVENG - ok
16:31:17.0518 3632 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130301.025\NAVEX15.SYS
16:31:17.0582 3632 NAVEX15 - ok
16:31:17.0623 3632 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:31:17.0647 3632 NDIS - ok
16:31:17.0674 3632 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:31:17.0699 3632 NdisCap - ok
16:31:17.0722 3632 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:31:17.0766 3632 NdisTapi - ok
16:31:17.0771 3632 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:31:17.0797 3632 Ndisuio - ok
16:31:17.0820 3632 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:31:17.0847 3632 NdisWan - ok
16:31:17.0865 3632 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:31:17.0892 3632 NDProxy - ok
16:31:17.0940 3632 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:31:17.0950 3632 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:31:17.0950 3632 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:31:17.0963 3632 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:31:17.0991 3632 NetBIOS - ok
16:31:18.0017 3632 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:31:18.0069 3632 NetBT - ok
16:31:18.0089 3632 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
16:31:18.0103 3632 Netlogon - ok
16:31:18.0148 3632 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:31:18.0203 3632 Netman - ok
16:31:18.0213 3632 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:31:18.0245 3632 netprofm - ok
16:31:18.0277 3632 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:31:18.0290 3632 NetTcpPortSharing - ok
16:31:18.0320 3632 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:31:18.0333 3632 nfrd960 - ok
16:31:18.0340 3632 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
16:31:18.0371 3632 NlaSvc - ok
16:31:18.0384 3632 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:31:18.0411 3632 Npfs - ok
16:31:18.0420 3632 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:31:18.0449 3632 nsi - ok
16:31:18.0464 3632 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:31:18.0490 3632 nsiproxy - ok
16:31:18.0527 3632 [ 5126C5402C730C2A953275D8497A4715 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:31:18.0574 3632 Ntfs - ok
16:31:18.0588 3632 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:31:18.0635 3632 Null - ok
16:31:18.0681 3632 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
16:31:18.0714 3632 NVENETFD - ok
16:31:18.0764 3632 [ 3D7FB57354703809B5F0C23287FAC1D6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
16:31:18.0778 3632 NVHDA - ok
16:31:19.0005 3632 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:31:19.0258 3632 nvlddmkm - ok
16:31:19.0273 3632 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:31:19.0286 3632 nvraid - ok
16:31:19.0317 3632 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:31:19.0331 3632 nvstor - ok
16:31:19.0373 3632 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:31:19.0396 3632 nvsvc - ok
16:31:19.0465 3632 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:31:19.0494 3632 nvUpdatusService - ok
16:31:19.0519 3632 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:31:19.0532 3632 nv_agp - ok
16:31:19.0537 3632 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:31:19.0553 3632 ohci1394 - ok
16:31:19.0614 3632 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:31:19.0649 3632 ose - ok
16:31:19.0777 3632 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:31:19.0905 3632 osppsvc - ok
16:31:19.0994 3632 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:31:20.0060 3632 p2pimsvc - ok
16:31:20.0124 3632 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:31:20.0144 3632 p2psvc - ok
16:31:20.0182 3632 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:31:20.0197 3632 Parport - ok
16:31:20.0230 3632 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:31:20.0242 3632 partmgr - ok
16:31:20.0257 3632 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:31:20.0274 3632 Parvdm - ok
16:31:20.0294 3632 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:31:20.0314 3632 PcaSvc - ok
16:31:20.0338 3632 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
16:31:20.0355 3632 pci - ok
16:31:20.0363 3632 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
16:31:20.0375 3632 pciide - ok
16:31:20.0396 3632 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:31:20.0423 3632 pcmcia - ok
16:31:20.0457 3632 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:31:20.0469 3632 pcw - ok
16:31:20.0492 3632 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:31:20.0526 3632 PEAUTH - ok
16:31:20.0578 3632 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
16:31:20.0649 3632 pla - ok
16:31:20.0701 3632 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:31:20.0727 3632 PlugPlay - ok
16:31:20.0760 3632 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:31:20.0774 3632 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:31:20.0774 3632 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:31:20.0782 3632 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:31:20.0820 3632 PNRPAutoReg - ok
16:31:20.0848 3632 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:31:20.0864 3632 PNRPsvc - ok
16:31:20.0904 3632 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:31:20.0956 3632 PolicyAgent - ok
16:31:21.0003 3632 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
16:31:21.0037 3632 Power - ok
16:31:21.0063 3632 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:31:21.0094 3632 PptpMiniport - ok
16:31:21.0117 3632 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:31:21.0139 3632 Processor - ok
16:31:21.0179 3632 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
16:31:21.0208 3632 ProfSvc - ok
16:31:21.0219 3632 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:31:21.0232 3632 ProtectedStorage - ok
16:31:21.0252 3632 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:31:21.0281 3632 Psched - ok
16:31:21.0319 3632 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:31:21.0367 3632 ql2300 - ok
16:31:21.0412 3632 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:31:21.0425 3632 ql40xx - ok
16:31:21.0468 3632 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:31:21.0487 3632 QWAVE - ok
16:31:21.0504 3632 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:31:21.0519 3632 QWAVEdrv - ok
16:31:21.0524 3632 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:31:21.0550 3632 RasAcd - ok
16:31:21.0570 3632 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:31:21.0593 3632 RasAgileVpn - ok
16:31:21.0605 3632 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:31:21.0632 3632 RasAuto - ok
16:31:21.0645 3632 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:31:21.0672 3632 Rasl2tp - ok
16:31:21.0683 3632 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
16:31:21.0731 3632 RasMan - ok
16:31:21.0755 3632 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:31:21.0783 3632 RasPppoe - ok
16:31:21.0794 3632 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:31:21.0819 3632 RasSstp - ok
16:31:21.0832 3632 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:31:21.0859 3632 rdbss - ok
16:31:21.0890 3632 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:31:21.0908 3632 rdpbus - ok
16:31:21.0930 3632 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:31:21.0973 3632 RDPCDD - ok
16:31:22.0004 3632 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:31:22.0044 3632 RDPENCDD - ok
16:31:22.0073 3632 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:31:22.0097 3632 RDPREFMP - ok
16:31:22.0128 3632 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:31:22.0171 3632 RDPWD - ok
16:31:22.0194 3632 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:31:22.0211 3632 rdyboost - ok
16:31:22.0243 3632 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:31:22.0269 3632 RemoteAccess - ok
16:31:22.0286 3632 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:31:22.0335 3632 RemoteRegistry - ok
16:31:22.0364 3632 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:31:22.0398 3632 RpcEptMapper - ok
16:31:22.0419 3632 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:31:22.0436 3632 RpcLocator - ok
16:31:22.0450 3632 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
16:31:22.0481 3632 RpcSs - ok
16:31:22.0504 3632 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:31:22.0532 3632 rspndr - ok
16:31:22.0543 3632 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
16:31:22.0556 3632 SamSs - ok
16:31:22.0571 3632 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:31:22.0584 3632 sbp2port - ok
16:31:22.0595 3632 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:31:22.0623 3632 SCardSvr - ok
16:31:22.0668 3632 [ 150B367C18727C41418EB969D512994E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
16:31:22.0681 3632 SCDEmu - ok
16:31:22.0713 3632 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:31:22.0738 3632 scfilter - ok
16:31:22.0758 3632 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
16:31:22.0785 3632 Schedule - ok
16:31:22.0794 3632 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:31:22.0819 3632 SCPolicySvc - ok
16:31:22.0833 3632 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:31:22.0852 3632 SDRSVC - ok
16:31:22.0863 3632 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:31:22.0906 3632 secdrv - ok
16:31:22.0931 3632 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:31:22.0961 3632 seclogon - ok
16:31:22.0971 3632 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:31:23.0004 3632 SENS - ok
16:31:23.0036 3632 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:31:23.0064 3632 SensrSvc - ok
16:31:23.0077 3632 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:31:23.0090 3632 Serenum - ok
16:31:23.0106 3632 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:31:23.0121 3632 Serial - ok
16:31:23.0172 3632 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:31:23.0187 3632 sermouse - ok
16:31:23.0220 3632 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
16:31:23.0261 3632 SessionEnv - ok
16:31:23.0266 3632 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:31:23.0286 3632 sffdisk - ok
16:31:23.0293 3632 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:31:23.0308 3632 sffp_mmc - ok
16:31:23.0314 3632 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:31:23.0342 3632 sffp_sd - ok
16:31:23.0348 3632 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:31:23.0381 3632 sfloppy - ok
16:31:23.0405 3632 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:31:23.0437 3632 SharedAccess - ok
16:31:23.0451 3632 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:31:23.0496 3632 ShellHWDetection - ok
16:31:23.0503 3632 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
16:31:23.0515 3632 sisagp - ok
16:31:23.0549 3632 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:31:23.0562 3632 SiSRaid2 - ok
16:31:23.0576 3632 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:31:23.0589 3632 SiSRaid4 - ok
16:31:23.0601 3632 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:31:23.0648 3632 Smb - ok
16:31:23.0677 3632 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:31:23.0692 3632 SNMPTRAP - ok
16:31:23.0704 3632 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:31:23.0717 3632 spldr - ok
16:31:23.0786 3632 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe
16:31:23.0809 3632 Spooler - ok
16:31:23.0865 3632 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
16:31:23.0933 3632 sppsvc - ok
16:31:23.0953 3632 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:31:24.0001 3632 sppuinotify - ok
16:31:24.0043 3632 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\Windows\System32\Drivers\N360\1402010.016\SRTSP.SYS
16:31:24.0063 3632 SRTSP - ok
16:31:24.0088 3632 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\Windows\system32\drivers\N360\1402010.016\SRTSPX.SYS
16:31:24.0101 3632 SRTSPX - ok
16:31:24.0131 3632 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:31:24.0153 3632 srv - ok
16:31:24.0165 3632 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:31:24.0207 3632 srv2 - ok
16:31:24.0233 3632 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:31:24.0249 3632 srvnet - ok
16:31:24.0260 3632 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:31:24.0290 3632 SSDPSRV - ok
16:31:24.0307 3632 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:31:24.0335 3632 SstpSvc - ok
16:31:24.0354 3632 Steam Client Service - ok
16:31:24.0399 3632 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:31:24.0435 3632 Stereo Service - ok
16:31:24.0468 3632 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:31:24.0481 3632 stexstor - ok
16:31:24.0564 3632 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:31:24.0644 3632 StillCam - ok
16:31:24.0753 3632 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
16:31:24.0804 3632 StiSvc - ok
16:31:24.0842 3632 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:31:24.0854 3632 swenum - ok
16:31:24.0967 3632 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:31:24.0986 3632 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
16:31:24.0986 3632 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
16:31:24.0996 3632 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:31:25.0026 3632 swprv - ok
16:31:25.0090 3632 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\Windows\system32\drivers\N360\1402010.016\SYMDS.SYS
16:31:25.0107 3632 SymDS - ok
16:31:25.0131 3632 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\Windows\system32\drivers\N360\1402010.016\SYMEFA.SYS
16:31:25.0157 3632 SymEFA - ok
16:31:25.0184 3632 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
16:31:25.0197 3632 SymEvent - ok
16:31:25.0234 3632 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\Windows\system32\drivers\N360\1402010.016\Ironx86.SYS
16:31:25.0247 3632 SymIRON - ok
16:31:25.0264 3632 [ 21698476A90ACAA056B8CFE09A82785F ] SymNetS C:\Windows\System32\Drivers\N360\1402010.016\SYMNETS.SYS
16:31:25.0280 3632 SymNetS - ok
16:31:25.0309 3632 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
16:31:25.0375 3632 SysMain - ok
16:31:25.0403 3632 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:31:25.0423 3632 TabletInputService - ok
16:31:25.0431 3632 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
16:31:25.0463 3632 TapiSrv - ok
16:31:25.0475 3632 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:31:25.0507 3632 TBS - ok
16:31:25.0561 3632 [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:31:25.0611 3632 Tcpip - ok
16:31:25.0644 3632 [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:31:25.0673 3632 TCPIP6 - ok
16:31:25.0702 3632 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:31:25.0728 3632 tcpipreg - ok
16:31:25.0755 3632 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:31:25.0794 3632 TDPIPE - ok
16:31:25.0829 3632 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:31:25.0855 3632 TDTCP - ok
16:31:25.0872 3632 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:31:25.0901 3632 tdx - ok
16:31:25.0911 3632 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:31:25.0923 3632 TermDD - ok
16:31:25.0974 3632 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
16:31:26.0029 3632 TermService - ok
16:31:26.0059 3632 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:31:26.0095 3632 Themes - ok
16:31:26.0117 3632 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:31:26.0145 3632 THREADORDER - ok
16:31:26.0160 3632 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:31:26.0191 3632 TrkWks - ok
16:31:26.0249 3632 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:31:26.0266 3632 TrustedInstaller - ok
16:31:26.0277 3632 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:31:26.0302 3632 tssecsrv - ok
16:31:26.0325 3632 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:31:26.0352 3632 tunnel - ok
16:31:26.0358 3632 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:31:26.0371 3632 uagp35 - ok
16:31:26.0384 3632 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:31:26.0413 3632 udfs - ok
16:31:26.0434 3632 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:31:26.0454 3632 UI0Detect - ok
16:31:26.0478 3632 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:31:26.0491 3632 uliagpkx - ok
16:31:26.0516 3632 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:31:26.0528 3632 umbus - ok
16:31:26.0557 3632 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:31:26.0586 3632 UmPass - ok
16:31:26.0619 3632 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:31:26.0637 3632 UMVPFSrv - ok
16:31:26.0682 3632 [ BB879DCFD22926EFBEB3298129898CBB ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
16:31:26.0706 3632 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
16:31:26.0706 3632 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
16:31:26.0739 3632 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:31:26.0770 3632 upnphost - ok
16:31:26.0794 3632 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:31:26.0837 3632 USBAAPL - ok
16:31:26.0858 3632 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:31:26.0894 3632 usbaudio - ok
16:31:26.0923 3632 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:31:26.0945 3632 usbccgp - ok
16:31:26.0951 3632 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:31:26.0966 3632 usbcir - ok
16:31:26.0978 3632 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:31:26.0990 3632 usbehci - ok
16:31:27.0001 3632 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:31:27.0017 3632 usbhub - ok
16:31:27.0025 3632 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:31:27.0037 3632 usbohci - ok
16:31:27.0066 3632 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:31:27.0080 3632 usbprint - ok
16:31:27.0108 3632 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:31:27.0128 3632 USBSTOR - ok
16:31:27.0148 3632 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:31:27.0160 3632 usbuhci - ok
16:31:27.0204 3632 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:31:27.0224 3632 usbvideo - ok
16:31:27.0233 3632 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:31:27.0275 3632 UxSms - ok
16:31:27.0305 3632 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
16:31:27.0318 3632 VaultSvc - ok
16:31:27.0334 3632 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:31:27.0346 3632 vdrvroot - ok
16:31:27.0364 3632 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
16:31:27.0406 3632 vds - ok
16:31:27.0454 3632 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:31:27.0481 3632 vga - ok
16:31:27.0614 3632 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:31:27.0639 3632 VgaSave - ok
16:31:27.0646 3632 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:31:27.0660 3632 vhdmp - ok
16:31:27.0672 3632 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
16:31:27.0684 3632 viaagp - ok
16:31:27.0689 3632 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
16:31:27.0705 3632 ViaC7 - ok
16:31:27.0714 3632 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
16:31:27.0726 3632 viaide - ok
16:31:27.0736 3632 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:31:27.0748 3632 volmgr - ok
16:31:27.0763 3632 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:31:27.0779 3632 volmgrx - ok
16:31:27.0794 3632 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
16:31:27.0810 3632 volsnap - ok
16:31:27.0827 3632 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:31:27.0842 3632 vsmraid - ok
16:31:27.0868 3632 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
16:31:27.0899 3632 VSS - ok
16:31:27.0910 3632 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:31:27.0927 3632 vwifibus - ok
16:31:27.0958 3632 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:31:27.0991 3632 W32Time - ok
16:31:28.0017 3632 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:31:28.0029 3632 WacomPen - ok
16:31:28.0051 3632 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:31:28.0077 3632 WANARP - ok
16:31:28.0087 3632 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:31:28.0112 3632 Wanarpv6 - ok
16:31:28.0155 3632 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
16:31:28.0196 3632 wbengine - ok
16:31:28.0203 3632 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:31:28.0240 3632 WbioSrvc - ok
16:31:28.0288 3632 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:31:28.0308 3632 wcncsvc - ok
16:31:28.0343 3632 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:31:28.0371 3632 WcsPlugInService - ok
16:31:28.0384 3632 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:31:28.0396 3632 Wd - ok
16:31:28.0434 3632 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:31:28.0457 3632 Wdf01000 - ok
16:31:28.0470 3632 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:31:28.0490 3632 WdiServiceHost - ok
16:31:28.0495 3632 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:31:28.0511 3632 WdiSystemHost - ok
16:31:28.0541 3632 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
16:31:28.0564 3632 WebClient - ok
16:31:28.0586 3632 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:31:28.0614 3632 Wecsvc - ok
16:31:28.0633 3632 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:31:28.0660 3632 wercplsupport - ok
16:31:28.0674 3632 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:31:28.0704 3632 WerSvc - ok
16:31:28.0727 3632 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:31:28.0754 3632 WfpLwf - ok
16:31:28.0760 3632 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:31:28.0772 3632 WIMMount - ok
16:31:28.0832 3632 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:31:28.0857 3632 WinDefend - ok
16:31:28.0865 3632 WinHttpAutoProxySvc - ok
16:31:28.0931 3632 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:31:28.0956 3632 Winmgmt - ok
16:31:28.0986 3632 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
16:31:29.0043 3632 WinRM - ok
16:31:29.0084 3632 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:31:29.0098 3632 WinUsb - ok
16:31:29.0122 3632 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:31:29.0153 3632 Wlansvc - ok
16:31:29.0158 3632 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:31:29.0172 3632 WmiAcpi - ok
16:31:29.0203 3632 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:31:29.0221 3632 wmiApSrv - ok
16:31:29.0275 3632 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:31:29.0315 3632 WMPNetworkSvc - ok
16:31:29.0355 3632 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:31:29.0373 3632 WPCSvc - ok
16:31:29.0388 3632 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:31:29.0405 3632 WPDBusEnum - ok
16:31:29.0409 3632 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:31:29.0436 3632 ws2ifsl - ok
16:31:29.0466 3632 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
16:31:29.0483 3632 wscsvc - ok
16:31:29.0524 3632 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:31:29.0539 3632 WSDPrintDevice - ok
16:31:29.0545 3632 WSearch - ok
16:31:29.0609 3632 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:31:29.0652 3632 wuauserv - ok
16:31:29.0684 3632 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:31:29.0701 3632 WudfPf - ok
16:31:29.0725 3632 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:31:29.0739 3632 WUDFRd - ok
16:31:29.0745 3632 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:31:29.0760 3632 wudfsvc - ok
16:31:29.0779 3632 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:31:29.0821 3632 WwanSvc - ok
16:31:29.0851 3632 ================ Scan global ===============================
16:31:29.0890 3632 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
16:31:29.0921 3632 [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
16:31:29.0929 3632 [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
16:31:29.0957 3632 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:31:29.0977 3632 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:31:29.0981 3632 [Global] - ok
16:31:29.0982 3632 ================ Scan MBR ==================================
16:31:29.0989 3632 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:31:30.0225 3632 \Device\Harddisk0\DR0 - ok
16:31:30.0230 3632 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
16:31:30.0378 3632 \Device\Harddisk1\DR1 - ok
16:31:30.0378 3632 ================ Scan VBR ==================================
16:31:30.0405 3632 [ 5AC6499C897FDD493D5FBFEBD9E6BFBE ] \Device\Harddisk0\DR0\Partition1
16:31:30.0407 3632 \Device\Harddisk0\DR0\Partition1 - ok
16:31:30.0415 3632 [ 49A12473C3EF9F50F0A13DCFFD0F105B ] \Device\Harddisk0\DR0\Partition2
16:31:30.0418 3632 \Device\Harddisk0\DR0\Partition2 - ok
16:31:30.0447 3632 [ ED921A9788C29E6FA2B1DE5A8FF6F69E ] \Device\Harddisk0\DR0\Partition3
16:31:30.0449 3632 \Device\Harddisk0\DR0\Partition3 - ok
16:31:30.0454 3632 [ 0E23D211521EBEDC879812492CE62A5A ] \Device\Harddisk1\DR1\Partition1
16:31:30.0455 3632 \Device\Harddisk1\DR1\Partition1 - ok
16:31:30.0456 3632 ============================================================
16:31:30.0456 3632 Scan finished
16:31:30.0456 3632 ============================================================
16:31:30.0471 3136 Detected object count: 5
16:31:30.0471 3136 Actual detected object count: 5
16:32:51.0133 3136 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:51.0133 3136 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:51.0136 3136 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:51.0136 3136 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:51.0139 3136 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:51.0139 3136 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:51.0142 3136 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:51.0142 3136 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:51.0145 3136 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
16:32:51.0145 3136 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
03.03.2013, 18:02
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Facebook, Youtube , Google, etc durch Surveys gesperrt! Dann bitte jetzt CF ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.03.2013, 18:56
| #15 |
| | Facebook, Youtube , Google, etc durch Surveys gesperrt! [code] Combofix Logfile: Code:
ATTFilter ComboFix 13-03-02.01 - Tobi 03.03.2013 18:39:55.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3070.1766 [GMT 1:00]
ausgeführt von:: c:\users\Tobi\Downloads\ComboFix.exe
AV: Norton 360 Online *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Online *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Online *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-03 bis 2013-03-03 ))))))))))))))))))))))))))))))
.
.
2013-03-03 17:47 . 2013-03-03 17:51 -------- d-----w- c:\users\Tobi\AppData\Local\temp
2013-03-03 17:47 . 2013-03-03 17:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-03 17:47 . 2013-03-03 17:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-03 16:50 . 2013-03-03 16:50 -------- d-----w- c:\windows\system32\SPReview
2013-03-03 16:49 . 2013-03-03 16:49 -------- d-----w- c:\windows\system32\EventProviders
2013-03-02 12:01 . 2013-03-03 10:20 -------- d-----w- c:\users\Tobi\AppData\Local\CrashDumps
2013-03-02 10:46 . 2013-03-02 10:46 -------- d-----w- c:\program files\LOLReplay
2013-03-02 08:16 . 2013-03-02 08:16 -------- d-----w- c:\programdata\Malwarebytes
2013-03-01 15:47 . 2013-03-01 15:49 -------- d-----w- c:\users\Tobi\AppData\Local\NPE
2013-02-28 19:55 . 2013-02-28 19:55 -------- d-----w- C:\TmpDelete
2013-02-28 19:20 . 2013-02-28 19:20 -------- d-----w- c:\users\Tobi\AppData\Roaming\QuickStoresToolbar
2013-02-28 19:20 . 2013-02-28 19:20 -------- d-----w- c:\program files\Unlocker
2013-02-28 17:34 . 2013-02-28 17:34 -------- d-----w- c:\program files\ESET
2013-02-28 16:55 . 2013-02-28 16:58 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-02-28 16:55 . 2013-02-28 16:55 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-02-28 16:55 . 2013-02-28 16:55 -------- d-----w- c:\program files\Symantec
2013-02-28 16:55 . 2013-03-01 15:49 -------- d-----w- c:\windows\system32\drivers\N360
2013-02-28 16:55 . 2013-02-28 16:55 -------- d-----w- c:\program files\Norton 360
2013-02-28 16:55 . 2013-03-01 15:48 -------- d-----w- c:\programdata\Norton
2013-02-28 16:54 . 2013-02-28 16:54 -------- d-----w- c:\program files\NortonInstaller
2013-02-28 16:12 . 2013-02-28 18:21 -------- d-----w- c:\program files\7-Zip
2013-02-28 15:04 . 2013-02-28 15:04 -------- d-----w- c:\users\Tobi\AppData\Roaming\PowerISO
2013-02-27 18:16 . 2013-02-28 15:09 -------- d-----w- c:\users\Tobi\AppData\Roaming\MAXON
2013-02-26 13:23 . 2013-02-08 00:45 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{974B7D72-C221-462B-9F99-DE07562F1AC1}\mpengine.dll
2013-02-25 15:16 . 2013-02-25 15:25 -------- d-----w- c:\users\Tobi\AppData\Roaming\.minecraft
2013-02-17 09:16 . 2013-02-17 09:16 -------- d-----w- c:\program files\MSXML 4.0
2013-02-16 16:26 . 2009-10-21 14:29 320512 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp101.dll
2013-02-16 16:24 . 2013-02-16 16:24 -------- d-----w- c:\program files\Common Files\HP
2013-02-16 16:24 . 2013-02-16 16:24 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2013-02-16 16:24 . 2009-10-21 14:29 125440 ----a-w- c:\windows\system32\hpf3l101.dll
2013-02-16 16:24 . 2013-02-16 16:24 -------- d-----w- c:\program files\HP
2013-02-16 16:23 . 2013-02-16 16:23 -------- d-----w- c:\programdata\HP
2013-02-16 16:23 . 2009-10-22 14:55 452736 ----a-w- c:\windows\system32\hpzids01.dll
2013-02-16 16:23 . 2009-09-11 07:44 966656 ----a-w- c:\windows\system32\hpost_p04b.dll
2013-02-16 16:23 . 2009-09-11 07:44 887296 ----a-w- c:\windows\system32\hposwia_p04b.dll
2013-02-16 16:23 . 2009-09-11 07:44 315392 ----a-w- c:\windows\system32\hposc_p04a.dll
2013-02-15 15:56 . 2013-03-03 17:51 -------- d-----r- c:\users\Tobi\Dropbox
2013-02-15 15:40 . 2013-03-03 17:51 -------- d-----w- c:\users\Tobi\AppData\Roaming\Dropbox
2013-02-15 13:02 . 2013-02-15 13:02 -------- d-----w- c:\users\Tobi\AppData\Roaming\PDAppFlex
2013-02-14 18:56 . 2013-02-14 18:56 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-02-14 18:50 . 2013-02-24 12:04 -------- d-----w- c:\program files\Common Files\Adobe
2013-02-14 18:30 . 2013-02-14 18:30 -------- d-----w- c:\users\Tobi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-02-14 18:30 . 2013-02-14 18:30 -------- d-----w- c:\program files\Adobe Download Assistant
2013-02-14 18:30 . 2013-02-14 18:30 -------- d-----w- c:\program files\Common Files\Adobe AIR
2013-02-14 18:30 . 2013-03-03 08:49 -------- d-----w- c:\users\Tobi\AppData\Local\Adobe
2013-02-14 17:24 . 2013-02-14 17:24 -------- d-----w- c:\users\Tobi\AppData\Local\Macromedia
2013-02-14 17:22 . 2013-02-27 17:49 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-14 17:22 . 2013-02-27 17:49 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-14 17:22 . 2013-02-14 17:22 -------- d-----w- c:\windows\system32\Macromed
2013-02-14 17:19 . 2013-02-14 17:19 -------- d-----w- c:\users\Tobi\AppData\Local\Mozilla
2013-02-14 17:19 . 2013-02-22 14:16 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-02-13 14:33 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 14:33 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 14:33 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 14:33 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 14:33 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 14:33 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2013-02-13 14:33 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-10 15:32 . 2013-02-26 13:18 -------- d-----w- C:\Fraaps
2013-02-10 15:28 . 2013-02-10 15:35 -------- d-----w- C:\Fraps
2013-02-09 15:35 . 2013-02-09 15:35 -------- d-----w- c:\users\Tobi\AppData\Roaming\Notepad++
2013-02-09 15:35 . 2013-02-09 15:35 -------- d-----w- c:\program files\Notepad++
2013-02-02 16:27 . 2012-12-21 16:20 2468520 ----a-w- c:\windows\system32\BootMan.exe
2013-02-02 16:27 . 2011-07-29 12:54 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll
2013-02-02 16:27 . 2012-12-21 12:54 14920 ----a-w- c:\windows\system32\epmntdrv.sys
2013-02-02 16:27 . 2012-12-21 12:53 9160 ----a-w- c:\windows\system32\EuGdiDrv.sys
2013-02-02 16:27 . 2012-12-21 12:53 87112 ----a-w- c:\windows\system32\setupempdrv03.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-03 16:56 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-01-30 19:26 . 2013-01-30 19:26 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-01-30 19:26 . 2013-01-30 19:26 86528 ----a-w- c:\windows\system32\iesysprep.dll
2013-01-30 19:26 . 2013-01-30 19:26 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-01-30 19:26 . 2013-01-30 19:26 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-01-30 19:26 . 2013-01-30 19:26 161792 ----a-w- c:\windows\system32\msls31.dll
2013-01-30 19:26 . 2013-01-30 19:26 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-01-30 19:26 . 2013-01-30 19:26 63488 ----a-w- c:\windows\system32\tdc.ocx
2013-01-30 19:26 . 2013-01-30 19:26 74752 ----a-w- c:\windows\system32\iesetup.dll
2013-01-30 19:26 . 2013-01-30 19:26 367104 ----a-w- c:\windows\system32\html.iec
2013-01-30 19:26 . 2013-01-30 19:26 23552 ----a-w- c:\windows\system32\licmgr10.dll
2013-01-30 19:26 . 2013-01-30 19:26 152064 ----a-w- c:\windows\system32\wextract.exe
2013-01-30 19:26 . 2013-01-30 19:26 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-01-30 19:26 . 2013-01-30 19:26 35840 ----a-w- c:\windows\system32\imgutil.dll
2013-01-30 19:26 . 2013-01-30 19:26 11776 ----a-w- c:\windows\system32\mshta.exe
2013-01-30 19:26 . 2013-01-30 19:26 101888 ----a-w- c:\windows\system32\admparse.dll
2013-01-29 13:52 . 2013-01-29 13:52 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-29 13:52 . 2013-01-29 13:52 859552 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-29 13:52 . 2013-01-29 13:52 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-17 00:28 . 2013-01-29 06:05 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 14:13 . 2013-01-30 20:04 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2013-01-30 20:04 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 21:37 . 2012-12-12 21:37 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-12-09 09:51 . 2012-12-09 09:51 113168 ----a-w- c:\windows\system32\drivers\scdemu.sys
2012-12-07 12:26 . 2013-01-30 15:25 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-30 15:25 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-30 15:25 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-30 15:25 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-30 15:25 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-30 15:25 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-30 15:25 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-30 15:25 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-30 15:25 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-30 15:25 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-30 15:25 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-30 15:25 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-30 15:25 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-30 15:25 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-30 15:25 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-30 15:25 51712 ----a-w- c:\windows\system32\esrb.rs
2013-02-20 14:45 . 2013-02-20 14:45 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify"="c:\users\Tobi\AppData\Roaming\Spotify\Spotify.exe" [2013-01-29 7880664]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2013-01-31 3093624]
"Spotify Web Helper"="c:\users\Tobi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-01-29 1199576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EaseUS EPM tray"="c:\program files\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe" [2012-11-29 2086984]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
.
c:\users\Tobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Tobi\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-2-15 29428904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LOLRecorder.lnk - c:\program files\LOLReplay\LOLRecorder.exe [2013-2-14 523264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-01-30 17:57 1354736 ----a-w- c:\program files\Steam\Steam.exe
.
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1402010.016\SYMDS.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1402010.016\SYMEFA.SYS [x]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx86.sys [x]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1402010.016\ccSetx86.sys [x]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSvix86.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1402010.016\Ironx86.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\1402010.016\SYMNETS.SYS [x]
S2 N360;Norton 360;c:\program files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService REG_MULTI_SZ HPSLPSVC
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-14 17:49]
.
2013-03-03 c:\windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-01-16 16:43]
.
2013-03-03 c:\windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-01-16 16:43]
.
2013-03-03 c:\windows\Tasks\GinyasBrowserCompanion Stats Report.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-01-16 16:43]
.
2013-03-03 c:\windows\Tasks\GinyasBrowserCompanion Update Checker.job
- c:\programdata\GinyasBrowserCompanion\tbhcn.exe [2013-01-16 16:43]
.
2013-03-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2081992143-3188669940-1167959921-1001Core.job
- c:\users\Tobi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-28 17:08]
.
2013-03-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2081992143-3188669940-1167959921-1001UA.job
- c:\users\Tobi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-28 17:08]
.
.
------- Zusätzlicher Suchlauf -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Tobi\AppData\Roaming\Mozilla\Firefox\Profiles\kwdn2mth.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - ExtSQL: 2013-02-28 17:55; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn
FF - ExtSQL: 2013-02-28 17:56; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn
FF - ExtSQL: 2013-02-28 20:20; quickstores@quickstores.de; c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-AdobeBridge - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.2.1.22\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2808)
c:\program files\Unlocker\UnlockerHook.dll
c:\users\Tobi\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-03-03 18:55:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-03-03 17:55
.
Vor Suchlauf: 31 Verzeichnis(se), 748.648.361.984 Bytes frei
Nach Suchlauf: 37 Verzeichnis(se), 748.638.302.208 Bytes frei
.
- - End Of File - - 5D3DCE452E6C54C66A7D005C8B178C87
Also ich hab schon mal gute Neuigkeiten - Youtube geht schon mal wieder - Facebook und & Co machen mir immernoch einen Strich durch die Rechnung  ok ich muss mich kurz nochmal verbessern Es geht nun alles - bis auf Facebook Problem solved  DFacebook geht jetzt auch Also danke danke danke danke für eure Hilfe - ich werde euch auf jedenfall weiterempfehlen. |
|
| Themen zu Facebook, Youtube , Google, etc durch Surveys gesperrt! |
| facebook, gefunde, gesperrt, gestern, google, hoffe, hoffnung, laufe, laufen, menschlich, nicht sicher, nichts, norton, runtergeladen, schätze, troja, trojaner, youtube |
WARNUNG an die MITLESER: 
Linear-Darstellung
