| |
| |||||||
Log-Analyse und Auswertung: Telekom AbuseWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.03.2013, 15:02
| #1 |
 |  Telekom Abuse Mein Vater hat diese Mail und brief bekommen. Verwalten tue ich alles. Anschlußart: Call & Surf Comfort Plus IP. Ich bin mit WLAN im Internet. 3 PC's (alle Windows 7) Tablet PC (XP) + 1 Handy Android Mein vater: 1 PC. windows 7 Alle mit Malware durchducht ohne Erfolg. Hier meine Auswertungen als Anhang. Mail von Telekom. Sehr geehrte Kundin, sehr geehrter Kunde, wir schreiben Ihnen heute aus einem unerfreulichen Grund, denn wir haben Hinweise erhalten, dass von Ihrem Anschluss aus Spam-Mails versendet wurden. Das bedeutet konkret: Unbekannte Personen nutzen möglicherweise Ihren Internet-Zugang missbräuchlich. Eventuell sind diesen auch bereits Passwörter, Kreditkarten-, Bank- und sonstige Daten bekannt! Es besteht kein Zweifel daran, dass Ihr Internet-Zugang die Quelle dieser Massen-E-Mails ist, denn bei jeder Einwahl ins Internet wird Ihrem Router eine IP-Adresse zugewiesen. Wir haben verlässlich ermittelt, dass die genannte IP-Adresse zu dem Zeitpunkt Ihrer Zugangsnummer zugeordnet war: IP-Adresse: 93.202.14.140 Zeitangabe: 25.01.2013, 20:31:51 (MEZ) WICHTIG: Bitte prüfen Sie Ihre Rechner und beheben Sie u m g e h e n d die Ursache der missbräuchlichen Nutzung. Außerdem raten wir Ihnen dringend, abschließend alle Passwörter zu ändern, um sich und Ihren Internet-Zugang, die Infrastruktur der Telekom sowie anderer Internet-Nutzer nicht weiter zu gefährden. Denken Sie dabei auch an das Zugangspasswort in ihrem Router und die Passworte für alle ihrer E-Mail-Adressen. Vergessen Sie dabei nicht etwaige Passwörter für Onlinebanking, eBay, Amazon usw., falls Sie solche Dienste nutzen. (Wichtig: Dies darf nur von einem Rechner aus erfolgen, der garantiert frei von Viren oder Trojanern ist, sonst werden die neuen Passwörter gleich wieder von dem Angreifer ausgelesen!) Anderenfalls haben wir keine andere Möglichkeit, als Ihren E-Mail-Versand einzuschränken, denn der Missbrauch Ihres Zugangs ist eine Verletzung vertraglicher Pflichten gemäß unserer Allgemeinen Geschäftsbedingungen. Welche Ursachen hat die missbräuchliche Nutzung Ihres Zugangs? - Infektionen durch Schadsoftware wie Viren, Würmer oder Trojaner - unbemerkte Zugriffe von Dritten über eine offene WLAN -Verbindung oder ungewollte Kenntnis Ihrer Zugangsdaten - erlaubte Nutzung Ihres Netzwerkes durch ihre Gäste mit infizierten Rechnern Heute kam der Brief dazu. Hier meine Logdateien: 1. Malwarebytes 2. OTL Texdatei zu groß zum hochladen?? 3. Hjack Geändert von ulligd469 (08.03.2013 um 15:14 Uhr) |
|
08.03.2013, 15:55
| #2 |
| /// TB-Ausbilder  |  Telekom Abuse Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich.  Bitte Lesen: Regeln für die Bereinigung Damit die Bereinigung funktioniert bitte ich dich, die folgenden Punkte aufmerksam zu lesen:
Gelesen und verstanden? Wir werden jetzt alle 3 Rechner durchsuchen, aber nacheinander. Wir beginnen mit PC #1. Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:Schritt 2: Scan mit aswMBR Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Schritt 4: Scan mit DDS+ (mit attach) Downloade dir bitte DDS (von sUBs) und speichere die Datei auf deinem Desktop.
__________________ |
|
08.03.2013, 20:21
| #3 |
| | Telekom Abuse Code Tag??? wie und wo muß ich das machen.
__________________Schritt 1 + 2 erledigt. Anbei die Logdatei von aswMBR.exe. |
|
08.03.2013, 20:25
| #4 |
| /// TB-Ausbilder | Telekom Abuse so: So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
08.03.2013, 21:10
| #5 |
| | Telekom Abuse Text zu groß. Bin mit allem fertig. Wegen größe in Zipdatei. |
|
08.03.2013, 21:37
| #6 |
| /// TB-Ausbilder | Telekom Abuse Bitte benenne die Logfiles nicht 1 2 3!! Ausserdem ... kein kleinen Files hier bitte so wie oben posten. Notfalls mehrmals antworten. Weiterhin PC #1 Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Deinstallation von Programmen Schritt 2: AdwCleaner: Werbeprogramme suchen und löschen Downloade Dir bitte Schritt 3: Scan mit MBAR Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Telekom Abuse |
|
08.03.2013, 23:30
| #7 |
| | Telekom Abuse Fertig. AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.114 - Datei am 08/03/2013 um 23:02:35 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : ulligd469 - ULLIGD469-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\ulligd469\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\SpeedBit
Schlüssel Gefunden : HKLM\Software\SpeedBit
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\ulligd469\AppData\Roaming\Mozilla\Firefox\Profiles\d3r2f9m6.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\ulligd469\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [8491 octets] - [08/03/2013 22:32:58]
AdwCleaner[R2].txt - [8551 octets] - [08/03/2013 22:37:41]
AdwCleaner[R3].txt - [8611 octets] - [08/03/2013 22:43:11]
AdwCleaner[R4].txt - [1379 octets] - [08/03/2013 22:50:41]
AdwCleaner[R5].txt - [1499 octets] - [08/03/2013 22:56:03]
AdwCleaner[R6].txt - [1559 octets] - [08/03/2013 22:57:10]
AdwCleaner[R7].txt - [1368 octets] - [08/03/2013 23:02:35]
AdwCleaner[S1].txt - [7901 octets] - [08/03/2013 22:43:32]
AdwCleaner[S2].txt - [1441 octets] - [08/03/2013 22:51:24]
AdwCleaner[S3].txt - [1621 octets] - [08/03/2013 22:57:32]
########## EOF - C:\AdwCleaner[R7].txt - [1608 octets] ##########
Malwarebytes Anti-Rootkit BETA 1.01.0.1021 Malwarebytes : Free Anti-Malware download Database version: v2013.03.08.15 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ulligd469 :: ULLIGD469-PC [administrator] 08.03.2013 23:23:37 mbar-log-2013-03-08 (23-23-37).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 32031 Time elapsed: 17 minute(s), 14 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) |
|
08.03.2013, 23:51
| #8 |
| /// TB-Ausbilder | Telekom Abuse Okay. Doublecheck und wir sind fast fertig mit #1 Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Hinweis: Der Scan kann sehr lange (einige Stunden) dauern!  Schritt 2: Scan mit SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
09.03.2013, 11:17
| #9 |
| | Telekom Abuse ?? SecurityCheck Link funktioniert nicht zum herunterladen. |
|
09.03.2013, 11:31
| #10 |
| /// TB-Ausbilder | Telekom Abuse
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
09.03.2013, 19:15
| #11 |
| | Telekom Abuse ... und fertig für heute. |
|
09.03.2013, 20:42
| #12 |
| /// TB-Ausbilder | Telekom Abuse Grundsätzlich bitte: So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
zu den ESET Funden. Die sind nicht schädlich, aber Werbung. Ich würde sie von ESET entfernen lassen. Gibt es Fragen zu PC #1?
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
09.03.2013, 21:51
| #13 |
| | Telekom Abuse Danke. Keine Fragen zu PC1. Werde Vormittags bei 1 die Werbung entfernen. Morgen Nachmittag hätte ich Zeit für PC2? Die gleiche vorgehensweise wie bei1? |
|
09.03.2013, 23:19
| #14 |
| /// TB-Ausbilder | Telekom Abuse Ja. Für PC #2 Defogger, aswmbr, tdsskiller und dann dds
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
10.03.2013, 11:24
| #15 |
| | Telekom AbuseCode:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:47 on 10/03/2013 (ulligd469)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-10 10:49:10
-----------------------------
10:49:10.757 OS Version: Windows x64 6.1.7601 Service Pack 1
10:49:10.758 Number of processors: 4 586 0x2A07
10:49:10.760 ComputerName: ULLIGD469-REISE UserName: ulligd469
10:49:17.130 Initialize success
10:55:29.041 AVAST engine defs: 13031000
10:56:38.521 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:56:38.527 Disk 0 Vendor: TOSHIBA_ GN00 Size: 476940MB BusType: 3
10:56:38.552 Disk 0 MBR read successfully
10:56:38.557 Disk 0 MBR scan
10:56:38.603 Disk 0 Windows 7 default MBR code
10:56:38.630 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16384 MB offset 2048
10:56:38.658 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 33556480
10:56:38.681 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 460454 MB offset 33761280
10:56:38.737 Disk 0 scanning C:\Windows\system32\drivers
10:57:00.595 Service scanning
10:58:10.498 Modules scanning
10:58:10.517 Disk 0 trace - called modules:
10:58:10.538 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:58:10.556 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068f6060]
10:58:10.568 3 CLASSPNP.SYS[fffff88001d8a43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a27050]
10:58:13.578 AVAST engine scan C:\Windows
10:58:19.390 AVAST engine scan C:\Windows\system32
11:03:04.234 AVAST engine scan C:\Windows\system32\drivers
11:03:49.633 AVAST engine scan C:\Users\ulligd469
11:05:58.826 Disk 0 MBR has been saved successfully to "C:\Users\ulligd469\Desktop\MBR.dat"
11:05:58.838 The log file has been saved successfully to "C:\Users\ulligd469\Desktop\aswMBR.txt"
Code:
ATTFilter 11:06:33.0167 1060 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:06:35.0174 1060 ============================================================
11:06:35.0174 1060 Current date / time: 2013/03/10 11:06:35.0174
11:06:35.0174 1060 SystemInfo:
11:06:35.0174 1060
11:06:35.0174 1060 OS Version: 6.1.7601 ServicePack: 1.0
11:06:35.0174 1060 Product type: Workstation
11:06:35.0174 1060 ComputerName: ULLIGD469-REISE
11:06:35.0175 1060 UserName: ulligd469
11:06:35.0175 1060 Windows directory: C:\Windows
11:06:35.0175 1060 System windows directory: C:\Windows
11:06:35.0175 1060 Running under WOW64
11:06:35.0175 1060 Processor architecture: Intel x64
11:06:35.0175 1060 Number of processors: 4
11:06:35.0175 1060 Page size: 0x1000
11:06:35.0175 1060 Boot type: Normal boot
11:06:35.0175 1060 ============================================================
11:06:36.0246 1060 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:06:36.0274 1060 ============================================================
11:06:36.0274 1060 \Device\Harddisk0\DR0:
11:06:36.0276 1060 MBR partitions:
11:06:36.0276 1060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x32000
11:06:36.0276 1060 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x38353000
11:06:36.0276 1060 ============================================================
11:06:36.0307 1060 C: <-> \Device\Harddisk0\DR0\Partition2
11:06:36.0308 1060 ============================================================
11:06:36.0308 1060 Initialize success
11:06:36.0308 1060 ============================================================
11:07:06.0875 2708 ============================================================
11:07:06.0875 2708 Scan started
11:07:06.0875 2708 Mode: Manual; TDLFS;
11:07:06.0875 2708 ============================================================
11:07:07.0638 2708 ================ Scan system memory ========================
11:07:07.0638 2708 System memory - ok
11:07:07.0640 2708 ================ Scan services =============================
11:07:07.0899 2708 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:07:07.0905 2708 1394ohci - ok
11:07:07.0954 2708 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:07:07.0963 2708 ACPI - ok
11:07:07.0994 2708 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:07:07.0995 2708 AcpiPmi - ok
11:07:08.0182 2708 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:07:08.0187 2708 AdobeFlashPlayerUpdateSvc - ok
11:07:08.0258 2708 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:07:08.0270 2708 adp94xx - ok
11:07:08.0319 2708 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:07:08.0327 2708 adpahci - ok
11:07:08.0341 2708 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:07:08.0346 2708 adpu320 - ok
11:07:08.0393 2708 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:07:08.0396 2708 AeLookupSvc - ok
11:07:08.0449 2708 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:07:08.0461 2708 AFD - ok
11:07:08.0494 2708 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:07:08.0497 2708 agp440 - ok
11:07:08.0528 2708 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:07:08.0532 2708 ALG - ok
11:07:08.0555 2708 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:07:08.0556 2708 aliide - ok
11:07:08.0617 2708 [ E4DA723458A20FBA693FB1F5924483DB ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:07:08.0622 2708 AMD External Events Utility - ok
11:07:08.0645 2708 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:07:08.0647 2708 amdide - ok
11:07:08.0660 2708 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:07:08.0663 2708 AmdK8 - ok
11:07:08.0973 2708 [ F894BFB5817718D50CE0122B7806B457 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:07:09.0249 2708 amdkmdag - ok
11:07:09.0297 2708 [ B12E7BE6715F3EE1A913A806F6B0AB94 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:07:09.0304 2708 amdkmdap - ok
11:07:09.0337 2708 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:07:09.0340 2708 AmdPPM - ok
11:07:09.0382 2708 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:07:09.0386 2708 amdsata - ok
11:07:09.0414 2708 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:07:09.0419 2708 amdsbs - ok
11:07:09.0440 2708 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:07:09.0442 2708 amdxata - ok
11:07:09.0472 2708 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:07:09.0474 2708 AppID - ok
11:07:09.0500 2708 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:07:09.0503 2708 AppIDSvc - ok
11:07:09.0514 2708 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:07:09.0516 2708 Appinfo - ok
11:07:09.0538 2708 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:07:09.0541 2708 arc - ok
11:07:09.0565 2708 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:07:09.0568 2708 arcsas - ok
11:07:09.0853 2708 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:07:09.0901 2708 aspnet_state - ok
11:07:09.0931 2708 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:07:09.0933 2708 AsyncMac - ok
11:07:09.0967 2708 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:07:09.0968 2708 atapi - ok
11:07:10.0002 2708 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
11:07:10.0004 2708 AthBTPort - ok
11:07:10.0101 2708 [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:07:10.0103 2708 AtherosSvc - ok
11:07:10.0213 2708 [ C8679A07267F030704168E45E27C3D43 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:07:10.0259 2708 athr - ok
11:07:10.0307 2708 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:07:10.0311 2708 AtiHDAudioService - ok
11:07:10.0370 2708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:07:10.0384 2708 AudioEndpointBuilder - ok
11:07:10.0404 2708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:07:10.0417 2708 AudioSrv - ok
11:07:10.0444 2708 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:07:10.0449 2708 AxInstSV - ok
11:07:10.0510 2708 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:07:10.0520 2708 b06bdrv - ok
11:07:10.0557 2708 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:07:10.0564 2708 b57nd60a - ok
11:07:10.0774 2708 [ 85111026F1C5A1C4CCE3697F0DA7BC1A ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
11:07:10.0931 2708 BCM43XX - ok
11:07:10.0972 2708 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:07:10.0976 2708 BDESVC - ok
11:07:11.0016 2708 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:07:11.0018 2708 Beep - ok
11:07:11.0079 2708 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:07:11.0109 2708 BFE - ok
11:07:11.0342 2708 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20120803.001\BHDrvx64.sys
11:07:11.0365 2708 BHDrvx64 - ok
11:07:11.0424 2708 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:07:11.0444 2708 BITS - ok
11:07:11.0469 2708 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:07:11.0471 2708 blbdrive - ok
11:07:11.0496 2708 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:07:11.0499 2708 bowser - ok
11:07:11.0534 2708 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:07:11.0536 2708 BrFiltLo - ok
11:07:11.0546 2708 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:07:11.0547 2708 BrFiltUp - ok
11:07:11.0585 2708 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:07:11.0589 2708 Browser - ok
11:07:11.0626 2708 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:07:11.0633 2708 Brserid - ok
11:07:11.0642 2708 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:07:11.0644 2708 BrSerWdm - ok
11:07:11.0654 2708 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:07:11.0655 2708 BrUsbMdm - ok
11:07:11.0667 2708 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:07:11.0669 2708 BrUsbSer - ok
11:07:11.0710 2708 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
11:07:11.0717 2708 BTATH_A2DP - ok
11:07:11.0757 2708 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
11:07:11.0759 2708 BTATH_BUS - ok
11:07:11.0775 2708 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
11:07:11.0780 2708 BTATH_HCRP - ok
11:07:11.0828 2708 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
11:07:11.0830 2708 BTATH_LWFLT - ok
11:07:11.0863 2708 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
11:07:11.0868 2708 BTATH_RCP - ok
11:07:11.0921 2708 [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
11:07:11.0928 2708 BtFilter - ok
11:07:11.0969 2708 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:07:11.0971 2708 BthEnum - ok
11:07:12.0004 2708 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:07:12.0007 2708 BTHMODEM - ok
11:07:12.0044 2708 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:07:12.0048 2708 BthPan - ok
11:07:12.0085 2708 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:07:12.0097 2708 BTHPORT - ok
11:07:12.0140 2708 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:07:12.0145 2708 bthserv - ok
11:07:12.0191 2708 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:07:12.0194 2708 BTHUSB - ok
11:07:12.0316 2708 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys
11:07:12.0322 2708 ccSet_NIS - ok
11:07:12.0352 2708 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:07:12.0356 2708 cdfs - ok
11:07:12.0397 2708 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:07:12.0402 2708 cdrom - ok
11:07:12.0456 2708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:07:12.0460 2708 CertPropSvc - ok
11:07:12.0489 2708 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:07:12.0492 2708 circlass - ok
11:07:12.0517 2708 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:07:12.0526 2708 CLFS - ok
11:07:12.0575 2708 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:07:12.0578 2708 clr_optimization_v2.0.50727_32 - ok
11:07:12.0608 2708 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:07:12.0611 2708 clr_optimization_v2.0.50727_64 - ok
11:07:12.0886 2708 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:07:12.0955 2708 clr_optimization_v4.0.30319_32 - ok
11:07:13.0006 2708 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:07:13.0075 2708 clr_optimization_v4.0.30319_64 - ok
11:07:13.0131 2708 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:07:13.0133 2708 CmBatt - ok
11:07:13.0148 2708 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:07:13.0150 2708 cmdide - ok
11:07:13.0204 2708 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:07:13.0214 2708 CNG - ok
11:07:13.0259 2708 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:07:13.0261 2708 Compbatt - ok
11:07:13.0293 2708 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:07:13.0295 2708 CompositeBus - ok
11:07:13.0313 2708 COMSysApp - ok
11:07:13.0333 2708 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:07:13.0335 2708 crcdisk - ok
11:07:13.0393 2708 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:07:13.0399 2708 CryptSvc - ok
11:07:13.0448 2708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:07:13.0462 2708 DcomLaunch - ok
11:07:13.0513 2708 DCService.exe - ok
11:07:13.0572 2708 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:07:13.0582 2708 defragsvc - ok
11:07:13.0617 2708 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:07:13.0621 2708 DfsC - ok
11:07:13.0683 2708 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:07:13.0687 2708 dg_ssudbus - ok
11:07:13.0741 2708 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:07:13.0749 2708 Dhcp - ok
11:07:13.0783 2708 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:07:13.0785 2708 discache - ok
11:07:13.0809 2708 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:07:13.0812 2708 Disk - ok
11:07:13.0838 2708 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:07:13.0844 2708 Dnscache - ok
11:07:13.0874 2708 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:07:13.0882 2708 dot3svc - ok
11:07:13.0896 2708 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:07:13.0901 2708 DPS - ok
11:07:13.0941 2708 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:07:13.0942 2708 drmkaud - ok
11:07:14.0000 2708 [ 4AB2A58816CC6BE771F1D8C768B804C5 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:07:14.0008 2708 DsiWMIService - ok
11:07:14.0081 2708 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:07:14.0107 2708 DXGKrnl - ok
11:07:14.0150 2708 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:07:14.0155 2708 EapHost - ok
11:07:14.0268 2708 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:07:14.0338 2708 ebdrv - ok
11:07:14.0434 2708 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:07:14.0445 2708 eeCtrl - ok
11:07:14.0486 2708 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:07:14.0489 2708 EFS - ok
11:07:14.0542 2708 [ 18DD872DD46ACB24E106DC2C9C270466 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
11:07:14.0547 2708 EgisTec Ticket Service - ok
11:07:14.0618 2708 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:07:14.0633 2708 ehRecvr - ok
11:07:14.0653 2708 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:07:14.0657 2708 ehSched - ok
11:07:14.0728 2708 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:07:14.0741 2708 elxstor - ok
11:07:14.0892 2708 [ AC5C64F828C0A6A1350971501AC2A0C7 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:07:14.0909 2708 ePowerSvc - ok
11:07:14.0968 2708 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:07:14.0973 2708 EraserUtilRebootDrv - ok
11:07:14.0999 2708 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:07:15.0002 2708 ErrDev - ok
11:07:15.0042 2708 [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD C:\Windows\system32\DRIVERS\ETD.sys
11:07:15.0046 2708 ETD - ok
11:07:15.0108 2708 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:07:15.0118 2708 EventSystem - ok
11:07:15.0167 2708 ewusbnet - ok
11:07:15.0188 2708 ew_hwusbdev - ok
11:07:15.0231 2708 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:07:15.0236 2708 exfat - ok
11:07:15.0248 2708 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:07:15.0255 2708 fastfat - ok
11:07:15.0314 2708 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:07:15.0329 2708 Fax - ok
11:07:15.0361 2708 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:07:15.0363 2708 fdc - ok
11:07:15.0390 2708 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:07:15.0393 2708 fdPHost - ok
11:07:15.0415 2708 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:07:15.0418 2708 FDResPub - ok
11:07:15.0435 2708 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:07:15.0438 2708 FileInfo - ok
11:07:15.0446 2708 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:07:15.0448 2708 Filetrace - ok
11:07:15.0504 2708 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:07:15.0518 2708 FLEXnet Licensing Service - ok
11:07:15.0558 2708 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:07:15.0560 2708 flpydisk - ok
11:07:15.0592 2708 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:07:15.0599 2708 FltMgr - ok
11:07:15.0659 2708 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:07:15.0683 2708 FontCache - ok
11:07:15.0734 2708 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:07:15.0736 2708 FontCache3.0.0.0 - ok
11:07:15.0769 2708 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:07:15.0771 2708 FsDepends - ok
11:07:15.0802 2708 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:07:15.0804 2708 Fs_Rec - ok
11:07:15.0837 2708 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:07:15.0842 2708 fvevol - ok
11:07:15.0870 2708 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:07:15.0873 2708 gagp30kx - ok
11:07:15.0920 2708 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:07:15.0939 2708 gpsvc - ok
11:07:15.0988 2708 [ 84E58FEA8B1A7537696A20C59CB9B0C9 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
11:07:15.0989 2708 GREGService - ok
11:07:16.0062 2708 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:07:16.0067 2708 gusvc - ok
11:07:16.0123 2708 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:07:16.0125 2708 hcw85cir - ok
11:07:16.0161 2708 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:07:16.0170 2708 HdAudAddService - ok
11:07:16.0205 2708 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:07:16.0209 2708 HDAudBus - ok
11:07:16.0228 2708 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:07:16.0230 2708 HidBatt - ok
11:07:16.0240 2708 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:07:16.0243 2708 HidBth - ok
11:07:16.0253 2708 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:07:16.0255 2708 HidIr - ok
11:07:16.0281 2708 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:07:16.0286 2708 hidserv - ok
11:07:16.0309 2708 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:07:16.0311 2708 HidUsb - ok
11:07:16.0349 2708 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:07:16.0354 2708 hkmsvc - ok
11:07:16.0367 2708 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:07:16.0375 2708 HomeGroupListener - ok
11:07:16.0416 2708 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:07:16.0424 2708 HomeGroupProvider - ok
11:07:16.0440 2708 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:07:16.0443 2708 HpSAMD - ok
11:07:16.0479 2708 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:07:16.0494 2708 HTTP - ok
11:07:16.0510 2708 huawei_enumerator - ok
11:07:16.0540 2708 hwdatacard - ok
11:07:16.0558 2708 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:07:16.0559 2708 hwpolicy - ok
11:07:16.0608 2708 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:07:16.0611 2708 i8042prt - ok
11:07:16.0653 2708 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:07:16.0661 2708 iaStor - ok
11:07:16.0719 2708 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:07:16.0721 2708 IAStorDataMgrSvc - ok
11:07:16.0776 2708 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:07:16.0787 2708 iaStorV - ok
11:07:16.0870 2708 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:07:16.0888 2708 idsvc - ok
11:07:16.0986 2708 [ 82AB40147567DE48C405AFE570A2266F ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20120824.001\IDSvia64.sys
11:07:16.0996 2708 IDSVia64 - ok
11:07:17.0046 2708 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:07:17.0048 2708 iirsp - ok
11:07:17.0147 2708 [ CE1EE31FFF730CA975A5535D8A71AF61 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
11:07:17.0151 2708 IJPLMSVC - ok
11:07:17.0212 2708 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:07:17.0230 2708 IKEEXT - ok
11:07:17.0349 2708 [ B60ACCD29F8FAFC4A6344CD2BD5CA3A5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:07:17.0406 2708 IntcAzAudAddService - ok
11:07:17.0436 2708 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:07:17.0438 2708 intelide - ok
11:07:17.0479 2708 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:07:17.0482 2708 intelppm - ok
11:07:17.0517 2708 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:07:17.0522 2708 IPBusEnum - ok
11:07:17.0536 2708 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:07:17.0539 2708 IpFilterDriver - ok
11:07:17.0586 2708 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:07:17.0600 2708 iphlpsvc - ok
11:07:17.0619 2708 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:07:17.0622 2708 IPMIDRV - ok
11:07:17.0636 2708 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:07:17.0639 2708 IPNAT - ok
11:07:17.0673 2708 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:07:17.0675 2708 IRENUM - ok
11:07:17.0697 2708 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:07:17.0699 2708 isapnp - ok
11:07:17.0732 2708 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:07:17.0739 2708 iScsiPrt - ok
11:07:17.0754 2708 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:07:17.0757 2708 kbdclass - ok
11:07:17.0791 2708 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:07:17.0793 2708 kbdhid - ok
11:07:17.0831 2708 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:07:17.0834 2708 KeyIso - ok
11:07:17.0878 2708 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:07:17.0881 2708 KSecDD - ok
11:07:17.0899 2708 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:07:17.0903 2708 KSecPkg - ok
11:07:17.0935 2708 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:07:17.0937 2708 ksthunk - ok
11:07:17.0980 2708 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:07:17.0991 2708 KtmRm - ok
11:07:18.0031 2708 [ 0E154DA6CA9105354A07D0C576804037 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
11:07:18.0033 2708 L1C - ok
11:07:18.0095 2708 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:07:18.0104 2708 LanmanServer - ok
11:07:18.0132 2708 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:07:18.0139 2708 LanmanWorkstation - ok
11:07:18.0180 2708 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:07:18.0187 2708 Live Updater Service - ok
11:07:18.0215 2708 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:07:18.0217 2708 lltdio - ok
11:07:18.0268 2708 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:07:18.0277 2708 lltdsvc - ok
11:07:18.0301 2708 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:07:18.0305 2708 lmhosts - ok
11:07:18.0365 2708 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:07:18.0372 2708 LMS - ok
11:07:18.0409 2708 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:07:18.0413 2708 LSI_FC - ok
11:07:18.0432 2708 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:07:18.0435 2708 LSI_SAS - ok
11:07:18.0444 2708 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:07:18.0448 2708 LSI_SAS2 - ok
11:07:18.0471 2708 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:07:18.0475 2708 LSI_SCSI - ok
11:07:18.0500 2708 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:07:18.0504 2708 luafv - ok
11:07:18.0563 2708 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:07:18.0564 2708 MBAMProtector - ok
11:07:18.0623 2708 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:07:18.0631 2708 MBAMScheduler - ok
11:07:18.0669 2708 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:07:18.0684 2708 MBAMService - ok
11:07:18.0718 2708 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:07:18.0724 2708 Mcx2Svc - ok
11:07:18.0929 2708 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
11:07:18.0937 2708 MDM - ok
11:07:18.0964 2708 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:07:18.0966 2708 megasas - ok
11:07:19.0007 2708 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:07:19.0015 2708 MegaSR - ok
11:07:19.0054 2708 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
11:07:19.0056 2708 MEIx64 - ok
11:07:19.0101 2708 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:07:19.0104 2708 MMCSS - ok
11:07:19.0112 2708 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:07:19.0115 2708 Modem - ok
11:07:19.0126 2708 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:07:19.0127 2708 monitor - ok
11:07:19.0167 2708 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:07:19.0169 2708 mouclass - ok
11:07:19.0218 2708 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:07:19.0220 2708 mouhid - ok
11:07:19.0232 2708 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:07:19.0235 2708 mountmgr - ok
11:07:19.0282 2708 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:07:19.0286 2708 MozillaMaintenance - ok
11:07:19.0298 2708 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:07:19.0303 2708 mpio - ok
11:07:19.0325 2708 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:07:19.0328 2708 mpsdrv - ok
11:07:19.0375 2708 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:07:19.0394 2708 MpsSvc - ok
11:07:19.0419 2708 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:07:19.0423 2708 MRxDAV - ok
11:07:19.0453 2708 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:07:19.0457 2708 mrxsmb - ok
11:07:19.0490 2708 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:07:19.0497 2708 mrxsmb10 - ok
11:07:19.0519 2708 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:07:19.0522 2708 mrxsmb20 - ok
11:07:19.0550 2708 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:07:19.0552 2708 msahci - ok
11:07:19.0576 2708 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:07:19.0581 2708 msdsm - ok
11:07:19.0605 2708 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:07:19.0611 2708 MSDTC - ok
11:07:19.0647 2708 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:07:19.0649 2708 Msfs - ok
11:07:19.0689 2708 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:07:19.0690 2708 mshidkmdf - ok
11:07:19.0707 2708 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:07:19.0709 2708 msisadrv - ok
11:07:19.0745 2708 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:07:19.0751 2708 MSiSCSI - ok
11:07:19.0760 2708 msiserver - ok
11:07:19.0784 2708 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:07:19.0787 2708 MSKSSRV - ok
11:07:19.0807 2708 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:07:19.0808 2708 MSPCLOCK - ok
11:07:19.0816 2708 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:07:19.0817 2708 MSPQM - ok
11:07:19.0840 2708 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:07:19.0850 2708 MsRPC - ok
11:07:19.0863 2708 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:07:19.0865 2708 mssmbios - ok
11:07:19.0884 2708 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:07:19.0886 2708 MSTEE - ok
11:07:19.0893 2708 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:07:19.0896 2708 MTConfig - ok
11:07:19.0905 2708 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:07:19.0907 2708 Mup - ok
11:07:19.0936 2708 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:07:19.0938 2708 mwlPSDFilter - ok
11:07:19.0946 2708 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:07:19.0949 2708 mwlPSDNServ - ok
11:07:19.0956 2708 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:07:19.0959 2708 mwlPSDVDisk - ok
11:07:19.0998 2708 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:07:20.0010 2708 napagent - ok
11:07:20.0057 2708 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:07:20.0065 2708 NativeWifiP - ok
11:07:20.0135 2708 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20120824.034\ENG64.SYS
11:07:20.0139 2708 NAVENG - ok
11:07:20.0228 2708 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20120824.034\EX64.SYS
11:07:20.0269 2708 NAVEX15 - ok
11:07:20.0339 2708 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:07:20.0358 2708 NDIS - ok
11:07:20.0400 2708 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:07:20.0402 2708 NdisCap - ok
11:07:20.0426 2708 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:07:20.0428 2708 NdisTapi - ok
11:07:20.0450 2708 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:07:20.0453 2708 Ndisuio - ok
11:07:20.0464 2708 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:07:20.0468 2708 NdisWan - ok
11:07:20.0478 2708 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:07:20.0481 2708 NDProxy - ok
11:07:20.0500 2708 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:07:20.0502 2708 NetBIOS - ok
11:07:20.0523 2708 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:07:20.0531 2708 NetBT - ok
11:07:20.0553 2708 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:07:20.0556 2708 Netlogon - ok
11:07:20.0602 2708 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:07:20.0612 2708 Netman - ok
11:07:20.0655 2708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:20.0701 2708 NetMsmqActivator - ok
11:07:20.0719 2708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:20.0722 2708 NetPipeActivator - ok
11:07:20.0777 2708 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:07:20.0789 2708 netprofm - ok
11:07:20.0822 2708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:20.0825 2708 NetTcpActivator - ok
11:07:20.0835 2708 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:07:20.0838 2708 NetTcpPortSharing - ok
11:07:20.0881 2708 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:07:20.0884 2708 nfrd960 - ok
11:07:21.0115 2708 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
11:07:21.0119 2708 NIS - ok
11:07:21.0180 2708 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:07:21.0189 2708 NlaSvc - ok
11:07:21.0372 2708 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:07:21.0428 2708 NOBU - ok
11:07:21.0451 2708 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:07:21.0454 2708 Npfs - ok
11:07:21.0484 2708 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:07:21.0488 2708 nsi - ok
11:07:21.0508 2708 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:07:21.0510 2708 nsiproxy - ok
11:07:21.0597 2708 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:07:21.0630 2708 Ntfs - ok
11:07:21.0701 2708 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
11:07:21.0707 2708 NTI IScheduleSvc - ok
11:07:21.0737 2708 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
11:07:21.0739 2708 NTIDrvr - ok
11:07:21.0760 2708 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:07:21.0762 2708 Null - ok
11:07:21.0808 2708 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
11:07:21.0811 2708 nusb3hub - ok
11:07:21.0831 2708 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:07:21.0836 2708 nusb3xhc - ok
11:07:21.0873 2708 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:07:21.0877 2708 nvraid - ok
11:07:21.0897 2708 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:07:21.0901 2708 nvstor - ok
11:07:21.0926 2708 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:07:21.0930 2708 nv_agp - ok
11:07:22.0053 2708 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:07:22.0062 2708 odserv - ok
11:07:22.0098 2708 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:07:22.0101 2708 ohci1394 - ok
11:07:22.0158 2708 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:07:22.0162 2708 ose - ok
11:07:22.0206 2708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:07:22.0215 2708 p2pimsvc - ok
11:07:22.0254 2708 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:07:22.0268 2708 p2psvc - ok
11:07:22.0303 2708 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:07:22.0307 2708 Parport - ok
11:07:22.0331 2708 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:07:22.0333 2708 partmgr - ok
11:07:22.0375 2708 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:07:22.0383 2708 PcaSvc - ok
11:07:22.0404 2708 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:07:22.0409 2708 pci - ok
11:07:22.0444 2708 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:07:22.0445 2708 pciide - ok
11:07:22.0468 2708 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:07:22.0476 2708 pcmcia - ok
11:07:22.0485 2708 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:07:22.0488 2708 pcw - ok
11:07:22.0532 2708 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:07:22.0547 2708 PEAUTH - ok
11:07:22.0635 2708 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:07:22.0699 2708 PerfHost - ok
11:07:22.0797 2708 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:07:22.0829 2708 pla - ok
11:07:22.0928 2708 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:07:22.0939 2708 PlugPlay - ok
11:07:22.0972 2708 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:07:22.0978 2708 PNRPAutoReg - ok
11:07:23.0007 2708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:07:23.0016 2708 PNRPsvc - ok
11:07:23.0054 2708 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:07:23.0067 2708 PolicyAgent - ok
11:07:23.0112 2708 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:07:23.0120 2708 Power - ok
11:07:23.0166 2708 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:07:23.0170 2708 PptpMiniport - ok
11:07:23.0189 2708 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:07:23.0193 2708 Processor - ok
11:07:23.0239 2708 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:07:23.0247 2708 ProfSvc - ok
11:07:23.0265 2708 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:07:23.0268 2708 ProtectedStorage - ok
11:07:23.0302 2708 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:07:23.0306 2708 Psched - ok
11:07:23.0369 2708 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:07:23.0400 2708 ql2300 - ok
11:07:23.0422 2708 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:07:23.0427 2708 ql40xx - ok
11:07:23.0464 2708 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:07:23.0473 2708 QWAVE - ok
11:07:23.0493 2708 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:07:23.0496 2708 QWAVEdrv - ok
11:07:23.0507 2708 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:07:23.0509 2708 RasAcd - ok
11:07:23.0553 2708 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:07:23.0555 2708 RasAgileVpn - ok
11:07:23.0573 2708 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:07:23.0581 2708 RasAuto - ok
11:07:23.0594 2708 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:07:23.0597 2708 Rasl2tp - ok
11:07:23.0649 2708 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:07:23.0660 2708 RasMan - ok
11:07:23.0687 2708 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:07:23.0691 2708 RasPppoe - ok
11:07:23.0708 2708 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:07:23.0712 2708 RasSstp - ok
11:07:23.0751 2708 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:07:23.0760 2708 rdbss - ok
11:07:23.0783 2708 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:07:23.0784 2708 rdpbus - ok
11:07:23.0836 2708 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:07:23.0838 2708 RDPCDD - ok
11:07:23.0875 2708 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:07:23.0877 2708 RDPENCDD - ok
11:07:23.0904 2708 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:07:23.0905 2708 RDPREFMP - ok
11:07:23.0945 2708 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:07:23.0949 2708 RDPWD - ok
11:07:24.0008 2708 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:07:24.0014 2708 rdyboost - ok
11:07:24.0055 2708 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:07:24.0061 2708 RemoteAccess - ok
11:07:24.0092 2708 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:07:24.0101 2708 RemoteRegistry - ok
11:07:24.0166 2708 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:07:24.0170 2708 RFCOMM - ok
11:07:24.0206 2708 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:07:24.0212 2708 RpcEptMapper - ok
11:07:24.0243 2708 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:07:24.0246 2708 RpcLocator - ok
11:07:24.0296 2708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:07:24.0311 2708 RpcSs - ok
11:07:24.0362 2708 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:07:24.0365 2708 rspndr - ok
11:07:24.0462 2708 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
11:07:24.0469 2708 RSUSBSTOR - ok
11:07:24.0499 2708 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:07:24.0502 2708 SamSs - ok
11:07:24.0542 2708 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:07:24.0545 2708 sbp2port - ok
11:07:24.0588 2708 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:07:24.0598 2708 SCardSvr - ok
11:07:24.0617 2708 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:07:24.0620 2708 scfilter - ok
11:07:24.0671 2708 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:07:24.0697 2708 Schedule - ok
11:07:24.0735 2708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:07:24.0739 2708 SCPolicySvc - ok
11:07:24.0810 2708 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:07:24.0818 2708 SDRSVC - ok
11:07:24.0851 2708 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:07:24.0854 2708 secdrv - ok
11:07:24.0871 2708 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:07:24.0878 2708 seclogon - ok
11:07:24.0912 2708 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:07:24.0917 2708 SENS - ok
11:07:24.0936 2708 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:07:24.0943 2708 SensrSvc - ok
11:07:24.0960 2708 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:07:24.0962 2708 Serenum - ok
11:07:24.0995 2708 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:07:24.0998 2708 Serial - ok
11:07:25.0021 2708 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:07:25.0024 2708 sermouse - ok
11:07:25.0075 2708 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:07:25.0082 2708 SessionEnv - ok
11:07:25.0092 2708 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:07:25.0094 2708 sffdisk - ok
11:07:25.0102 2708 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:07:25.0104 2708 sffp_mmc - ok
11:07:25.0119 2708 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:07:25.0121 2708 sffp_sd - ok
11:07:25.0132 2708 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:07:25.0134 2708 sfloppy - ok
11:07:25.0191 2708 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:07:25.0203 2708 SharedAccess - ok
11:07:25.0227 2708 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:07:25.0242 2708 ShellHWDetection - ok
11:07:25.0276 2708 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:07:25.0278 2708 SiSRaid2 - ok
11:07:25.0300 2708 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:07:25.0303 2708 SiSRaid4 - ok
11:07:25.0325 2708 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:07:25.0329 2708 Smb - ok
11:07:25.0379 2708 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:07:25.0383 2708 SNMPTRAP - ok
11:07:25.0405 2708 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:07:25.0408 2708 spldr - ok
11:07:25.0474 2708 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:07:25.0492 2708 Spooler - ok
11:07:25.0633 2708 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:07:25.0709 2708 sppsvc - ok
11:07:25.0721 2708 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:07:25.0727 2708 sppuinotify - ok
11:07:25.0860 2708 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS
11:07:25.0880 2708 SRTSP - ok
11:07:25.0906 2708 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS
11:07:25.0909 2708 SRTSPX - ok
11:07:25.0958 2708 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:07:25.0968 2708 srv - ok
11:07:26.0007 2708 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:07:26.0016 2708 srv2 - ok
11:07:26.0038 2708 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:07:26.0043 2708 srvnet - ok
11:07:26.0088 2708 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:07:26.0096 2708 SSDPSRV - ok
11:07:26.0106 2708 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:07:26.0111 2708 SstpSvc - ok
11:07:26.0166 2708 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:07:26.0172 2708 ssudmdm - ok
11:07:26.0206 2708 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:07:26.0208 2708 stexstor - ok
11:07:26.0263 2708 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:07:26.0280 2708 stisvc - ok
11:07:26.0304 2708 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:07:26.0306 2708 swenum - ok
11:07:26.0350 2708 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:07:26.0368 2708 swprv - ok
11:07:26.0428 2708 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS
11:07:26.0440 2708 SymDS - ok
11:07:26.0513 2708 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS
11:07:26.0538 2708 SymEFA - ok
11:07:26.0574 2708 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:07:26.0579 2708 SymEvent - ok
11:07:26.0620 2708 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS
11:07:26.0627 2708 SymIRON - ok
11:07:26.0650 2708 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS
11:07:26.0662 2708 SymNetS - ok
11:07:26.0754 2708 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:07:26.0796 2708 SysMain - ok
11:07:26.0807 2708 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:07:26.0814 2708 TabletInputService - ok
11:07:26.0837 2708 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:07:26.0847 2708 TapiSrv - ok
11:07:26.0884 2708 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:07:26.0890 2708 TBS - ok
11:07:26.0974 2708 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:07:27.0023 2708 Tcpip - ok
11:07:27.0084 2708 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:07:27.0114 2708 TCPIP6 - ok
11:07:27.0153 2708 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:07:27.0158 2708 tcpipreg - ok
11:07:27.0204 2708 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:07:27.0206 2708 TDPIPE - ok
11:07:27.0234 2708 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:07:27.0236 2708 TDTCP - ok
11:07:27.0264 2708 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:07:27.0269 2708 tdx - ok
11:07:27.0279 2708 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:07:27.0282 2708 TermDD - ok
11:07:27.0330 2708 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:07:27.0346 2708 TermService - ok
11:07:27.0356 2708 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:07:27.0361 2708 Themes - ok
11:07:27.0391 2708 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:07:27.0395 2708 THREADORDER - ok
11:07:27.0417 2708 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:07:27.0425 2708 TrkWks - ok
11:07:27.0476 2708 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:07:27.0481 2708 TrustedInstaller - ok
11:07:27.0509 2708 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:07:27.0512 2708 tssecsrv - ok
11:07:27.0532 2708 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:07:27.0536 2708 TsUsbFlt - ok
11:07:27.0555 2708 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:07:27.0557 2708 TsUsbGD - ok
11:07:27.0696 2708 [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
11:07:27.0742 2708 TuneUp.UtilitiesSvc - ok
11:07:27.0801 2708 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
11:07:27.0803 2708 TuneUpUtilitiesDrv - ok
11:07:27.0845 2708 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:07:27.0849 2708 tunnel - ok
11:07:27.0890 2708 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
11:07:27.0892 2708 TurboB - ok
11:07:27.0950 2708 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:07:27.0955 2708 TurboBoost - ok
11:07:27.0994 2708 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:07:27.0997 2708 uagp35 - ok
11:07:28.0021 2708 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
11:07:28.0023 2708 UBHelper - ok
11:07:28.0050 2708 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:07:28.0059 2708 udfs - ok
11:07:28.0100 2708 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:07:28.0105 2708 UI0Detect - ok
11:07:28.0120 2708 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:07:28.0123 2708 uliagpkx - ok
11:07:28.0167 2708 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:07:28.0170 2708 umbus - ok
11:07:28.0195 2708 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:07:28.0197 2708 UmPass - ok
11:07:28.0324 2708 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:07:28.0385 2708 UNS - ok
11:07:28.0425 2708 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:07:28.0441 2708 upnphost - ok
11:07:28.0492 2708 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:07:28.0495 2708 usbccgp - ok
11:07:28.0545 2708 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:07:28.0549 2708 usbcir - ok
11:07:28.0571 2708 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:07:28.0573 2708 usbehci - ok
11:07:28.0616 2708 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:07:28.0625 2708 usbhub - ok
11:07:28.0647 2708 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:07:28.0649 2708 usbohci - ok
11:07:28.0691 2708 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:07:28.0693 2708 usbprint - ok
11:07:28.0736 2708 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:07:28.0739 2708 usbscan - ok
11:07:28.0822 2708 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:07:28.0825 2708 USBSTOR - ok
11:07:28.0891 2708 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:07:28.0894 2708 usbuhci - ok
11:07:28.0937 2708 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:07:28.0942 2708 usbvideo - ok
11:07:28.0969 2708 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:07:28.0974 2708 UxSms - ok
11:07:29.0063 2708 [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp C:\Windows\System32\uxtuneup.dll
11:07:29.0067 2708 UxTuneUp - ok
11:07:29.0099 2708 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:07:29.0103 2708 VaultSvc - ok
11:07:29.0135 2708 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:07:29.0139 2708 vdrvroot - ok
11:07:29.0182 2708 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:07:29.0198 2708 vds - ok
11:07:29.0235 2708 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:07:29.0238 2708 vga - ok
11:07:29.0251 2708 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:07:29.0256 2708 VgaSave - ok
11:07:29.0271 2708 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:07:29.0276 2708 vhdmp - ok
11:07:29.0289 2708 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:07:29.0291 2708 viaide - ok
11:07:29.0512 2708 [ 3D542F5DADE8B181AB261C648C15462D ] VmbService C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
11:07:29.0516 2708 VmbService - ok
11:07:29.0556 2708 [ 1E4D31FEC921300C5F262C52F5FCC666 ] vodafone_K3805-z_dc_enum C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
11:07:29.0559 2708 vodafone_K3805-z_dc_enum - ok
11:07:29.0614 2708 [ CD9E990F5E9DA640FF9B61CCDF8F6F41 ] vodafone_zte_cdc_acm C:\Windows\system32\DRIVERS\vodafone_zte_cdc_acm.sys
11:07:29.0617 2708 vodafone_zte_cdc_acm - ok
11:07:29.0691 2708 [ 38D96C6C41281FD87DFE97C21AE19F9C ] vodafone_zte_cdc_ecm C:\Windows\system32\DRIVERS\vodafone_zte_cdc_ecm.sys
11:07:29.0694 2708 vodafone_zte_cdc_ecm - ok
11:07:29.0723 2708 [ 8B011E1083749E0333B7142C20DBD8D3 ] vodafone_zte_cpo C:\Windows\system32\DRIVERS\vodafone_zte_cpo.sys
11:07:29.0725 2708 vodafone_zte_cpo - ok
11:07:29.0765 2708 [ 050CBF9057BC646F6CDD3F14879916A0 ] vodafone_zte_ecm_enum C:\Windows\system32\DRIVERS\vodafone_zte_ecm_enum.sys
11:07:29.0768 2708 vodafone_zte_ecm_enum - ok
11:07:29.0793 2708 [ 050CBF9057BC646F6CDD3F14879916A0 ] vodafone_zte_ecm_enum_filter C:\Windows\system32\DRIVERS\vodafone_zte_ecm_enum_filter.sys
11:07:29.0796 2708 vodafone_zte_ecm_enum_filter - ok
11:07:29.0838 2708 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:07:29.0841 2708 volmgr - ok
11:07:29.0859 2708 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:07:29.0869 2708 volmgrx - ok
11:07:29.0884 2708 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:07:29.0891 2708 volsnap - ok
11:07:29.0927 2708 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:07:29.0932 2708 vsmraid - ok
11:07:30.0005 2708 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:07:30.0041 2708 VSS - ok
11:07:30.0058 2708 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:07:30.0060 2708 vwifibus - ok
11:07:30.0069 2708 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:07:30.0072 2708 vwififlt - ok
11:07:30.0091 2708 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:07:30.0104 2708 W32Time - ok
11:07:30.0138 2708 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:07:30.0140 2708 WacomPen - ok
11:07:30.0169 2708 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:07:30.0173 2708 WANARP - ok
11:07:30.0183 2708 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:07:30.0185 2708 Wanarpv6 - ok
11:07:30.0261 2708 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:07:30.0298 2708 wbengine - ok
11:07:30.0313 2708 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:07:30.0322 2708 WbioSrvc - ok
11:07:30.0349 2708 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:07:30.0362 2708 wcncsvc - ok
11:07:30.0373 2708 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:07:30.0379 2708 WcsPlugInService - ok
11:07:30.0410 2708 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:07:30.0412 2708 Wd - ok
11:07:30.0472 2708 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:07:30.0490 2708 Wdf01000 - ok
11:07:30.0547 2708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:07:30.0553 2708 WdiServiceHost - ok
11:07:30.0562 2708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:07:30.0568 2708 WdiSystemHost - ok
11:07:30.0585 2708 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:07:30.0597 2708 WebClient - ok
11:07:30.0617 2708 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:07:30.0627 2708 Wecsvc - ok
11:07:30.0644 2708 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:07:30.0651 2708 wercplsupport - ok
11:07:30.0676 2708 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:07:30.0683 2708 WerSvc - ok
11:07:30.0714 2708 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:07:30.0716 2708 WfpLwf - ok
11:07:30.0740 2708 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:07:30.0743 2708 WIMMount - ok
11:07:30.0818 2708 WinDefend - ok
11:07:30.0860 2708 WinHttpAutoProxySvc - ok
11:07:30.0935 2708 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:07:30.0942 2708 Winmgmt - ok
11:07:31.0031 2708 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:07:31.0078 2708 WinRM - ok
11:07:31.0122 2708 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:07:31.0124 2708 WinUsb - ok
11:07:31.0180 2708 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:07:31.0201 2708 Wlansvc - ok
11:07:31.0254 2708 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:07:31.0256 2708 wlcrasvc - ok
11:07:31.0386 2708 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:07:31.0430 2708 wlidsvc - ok
11:07:31.0458 2708 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:07:31.0460 2708 WmiAcpi - ok
11:07:31.0500 2708 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:07:31.0506 2708 wmiApSrv - ok
11:07:31.0551 2708 WMPNetworkSvc - ok
11:07:31.0592 2708 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:07:31.0598 2708 WPCSvc - ok
11:07:31.0612 2708 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:07:31.0619 2708 WPDBusEnum - ok
11:07:31.0659 2708 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:07:31.0661 2708 ws2ifsl - ok
11:07:31.0686 2708 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:07:31.0692 2708 wscsvc - ok
11:07:31.0700 2708 WSearch - ok
11:07:31.0807 2708 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:07:31.0868 2708 wuauserv - ok
11:07:31.0899 2708 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:07:31.0903 2708 WudfPf - ok
11:07:31.0940 2708 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:07:31.0947 2708 WUDFRd - ok
11:07:31.0980 2708 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:07:31.0988 2708 wudfsvc - ok
11:07:32.0024 2708 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:07:32.0033 2708 WwanSvc - ok
11:07:32.0058 2708 ================ Scan global ===============================
11:07:32.0090 2708 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:07:32.0128 2708 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:07:32.0145 2708 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
11:07:32.0185 2708 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:07:32.0221 2708 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:07:32.0234 2708 [Global] - ok
11:07:32.0235 2708 ================ Scan MBR ==================================
11:07:32.0252 2708 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:07:33.0484 2708 \Device\Harddisk0\DR0 - ok
11:07:33.0486 2708 ================ Scan VBR ==================================
11:07:33.0514 2708 [ 4C95CDB6B889F8077222576059BDC780 ] \Device\Harddisk0\DR0\Partition1
11:07:33.0517 2708 \Device\Harddisk0\DR0\Partition1 - ok
11:07:33.0538 2708 [ 58048D983270AD02AEAB191FA6C50735 ] \Device\Harddisk0\DR0\Partition2
11:07:33.0545 2708 \Device\Harddisk0\DR0\Partition2 - ok
11:07:33.0546 2708 ============================================================
11:07:33.0546 2708 Scan finished
11:07:33.0546 2708 ============================================================
11:07:33.0575 3916 Detected object count: 0
11:07:33.0575 3916 Actual detected object count: 0
11:07:52.0413 6036 Deinitialize success
Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455
Run by ulligd469 at 11:09:25 on 2013-03-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4078.2338 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Start Menu XP\StartMenuXP.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\DOLBY PCEE4\pcee4.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\splwow64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mystart.incredimail.com/mb134?a=13UltVReni0
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://acer.msn.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coieplg.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [StartMenuXP] C:\Program Files\Start Menu XP\StartMenuXP.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{86E231E1-244F-43DE-8F4A-2386B02D1D6C} : DHCPNameServer = 192.168.1.250
TCP: Interfaces\{BD02CDF0-7DB2-4456-98BB-E4E0D3D1583E} : DHCPNameServer = 192.168.2.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
IFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO: msoxmled.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO: mspview.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO: mstore.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO: nobuclient.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
x64-mStart Page = hxxp://acer.msn.com
x64-mDefault_Page_URL = hxxp://acer.msn.com
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
x64-IFEO: msoxmled.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
x64-IFEO: mspview.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
x64-IFEO: mstore.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
x64-IFEO: nobuclient.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ulligd469\AppData\Roaming\Mozilla\Firefox\Profiles\n17ai6vb.default\
FF - prefs.js: browser.startup.homepage - hxxp://de.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/mb134/?loc=ff_address_bar&a=13UltVReni0&search=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
FF - ExtSQL: 2013-01-21 13:28; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309000.009\symds64.sys [2012-10-6 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309000.009\symefa64.sys [2012-10-6 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20120803.001\BHDrvx64.sys [2012-8-18 1161376]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309000.009\ccsetx64.sys [2012-10-6 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20120824.001\IDSviA64.sys [2012-8-25 512672]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-6-1 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-6-1 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-6-1 62776]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309000.009\ironx64.sys [2012-10-6 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309000.009\symnets.sys [2012-10-6 405624]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-6-1 203776]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-6-1 352336]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-1-18 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-1 13336]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-6-1 244624]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-6 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-6 682344]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe [2012-10-6 138272]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-5-29 2143072]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-1 2656280]
R2 VmbService;Vodafone-Mobile-Broadband-Dienst;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-7-14 9216]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-6-1 115216]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-13 28832]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-19 138912]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-6-1 138024]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-6-1 76912]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-6 24176]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-9-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-9-30 180736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-20 11856]
R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys [2010-9-1 75776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe --> C:\ProgramData\DatacardService\DCService.exe [?]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-13 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-13 154272]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-13 280224]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-5-19 99384]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-4-2 173424]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-6-1 247400]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-5-19 203320]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 vodafone_zte_cdc_acm;Vodafone Vodafone ZTE CDC-ACM driver (ZTE);C:\Windows\System32\drivers\vodafone_zte_cdc_acm.sys [2011-5-20 79872]
S3 vodafone_zte_cdc_ecm;vodafone_zte_cdc_ecm;C:\Windows\System32\drivers\vodafone_zte_cdc_ecm.sys [2011-5-20 58880]
S3 vodafone_zte_cpo;Vodafone Vodafone ZTE Install;C:\Windows\System32\drivers\vodafone_zte_cpo.sys [2011-5-20 14336]
S3 vodafone_zte_ecm_enum;Vodafone Vodafone ZTE DC Enumerator (ZTE);C:\Windows\System32\drivers\vodafone_zte_ecm_enum.sys [2011-5-20 56320]
S3 vodafone_zte_ecm_enum_filter;vodafone_zte_ecm_enum_filter;C:\Windows\System32\drivers\vodafone_zte_ecm_enum_filter.sys [2011-5-20 56320]
S4 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-7-12 872552]
S4 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-03-06 16:48:37 -------- d-----w- C:\Users\ulligd469\AppData\Roaming\Malwarebytes
2013-03-06 16:48:30 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-06 16:48:29 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-06 16:48:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-06 16:48:12 -------- d-----w- C:\Users\ulligd469\AppData\Local\Programs
.
==================== Find3M ====================
.
2013-03-06 17:24:58 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-06 17:24:58 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 11:10:53,09 ===============
Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 19.05.2012 21:06:57 System Uptime: 10.03.2013 10:43:55 (1 hours ago) . Motherboard: Acer | | JE70_HR Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz | CPU1 | 782/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 450 GiB total, 361,306 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP34: 18.07.2012 15:05:31 - Windows Update RP35: 18.08.2012 20:12:18 - Windows Update RP36: 18.08.2012 21:13:08 - Windows Update RP37: 22.08.2012 21:22:45 - Windows Update RP38: 23.08.2012 16:28:42 - ##IDS_ERROR_1715## RP39: 24.08.2012 16:14:39 - Windows Update RP40: 25.08.2012 16:38:19 - Installiert The Witcher Enhanced Edition RP41: 25.08.2012 17:18:53 - DirectX wurde installiert RP42: 25.08.2012 17:21:34 - Microsoft Visual C++ 2005 Redistributable wird installiert RP43: 06.10.2012 15:06:07 - Windows Update RP44: 21.01.2013 13:45:56 - Windows Update . ==== Image File Execution Options ============= . IFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: msoxmled.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: mspview.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: mstore.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: nobuclient.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: powerpnt.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO: winword.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" x64-IFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" x64-IFEO: msoxmled.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" x64-IFEO: mspview.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" x64-IFEO: mstore.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" x64-IFEO: nobuclient.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" x64-IFEO: powerpnt.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" x64-IFEO: winword.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) ???? ??? Windows Live ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?????????? Windows Live ?????????? Windows Live ??????????? ?? Windows Live Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Registration Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.2 MUI Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver ATI Catalyst Install Manager Backup Manager V3 Bluetooth Win7 Suite (64) Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MG2100 series Benutzerregistrierung Canon MG2100 series MP Drivers Canon MG2100 series On-screen Manual Canon MP Navigator EX 5.0 Canon My Printer Canon Solution Menu EX Catalyst Control Center - Branding Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Classic Shell D3DX10 DHTML Editing Component Dolby Advanced Audio v2 eBay Worldwide ETDWare PS/2-X64 8.0.6.0_WHQL Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galeria fotogràfica del Windows Live Galerie de photos Windows Live Galerie foto Windows Live Galería fotográfica de Windows Live Identity Card IncrediMail IncrediMail 2.0 IncrediMail JunkFilter Plus Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Junk Mail filter update JunkFilterPlus Launch Manager Malwarebytes Anti-Malware Version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft FrontPage 2002 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (German) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.5 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (German) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (German) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 12.0 (x86 de) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MyWinLocker MyWinLocker 4 MyWinLocker Suite newsXpresso Norton Internet Security Norton Online Backup NTI Media Maker 9 Personal Translator 14 Professional Photo Notifier and Animation Creator Picasa 3 Poczta uslugi Windows Live Podstawowe programy Windows Live Pošta Windows Live PX Profile Update Raccolta foto di Windows Live Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Renesas Electronics USB 3.0 Host Controller Driver S?????? f?t???af??? t?? Windows Live Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Segeln - Die Simulation Shredder Start Menu XP Version 4.3 The Witcher 2 Enhanced Edition Version 3.0 The Witcher Enhanced Edition TuneUp Utilities 2012 TuneUp Utilities Language Pack (de-DE) Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Vodafone Mobile Broadband Lite Welcome Center Windows Live Windows Live ??? Windows Live ???? Windows Live Argazki Galeria Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotogaléria Windows Live Fotograf Galerisi Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima Yu-Gi-Oh! Power of Chaos JOEY THE PASSION Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY . ==== End Of File =========================== |
|
| Themen zu Telekom Abuse |
| anschluss, brief, dienste, ebanking, ebay, erhalte, erlaubte, hjack, infizierte, karte, kreditkarte, kunde, logdateien, mail, massen-e-mails, neue, neuen, offene, passwörter, prüfen, rechner, router, tablet, telekom, trojaner, trojanern, unbekannte, ungewollte, viren, wlan, würmer, ändern |
Linear-Darstellung
