| RainerGL | 19.03.2013 12:41 |
Nochmal zu oben.
Wie der Techniker gestern am Telefon sagte, könnte es wie folgt gewesen sein.
- Symantec findet Trojaner in Datei und kann sie nicht löschen, weil sie auf Shadow Copy liegt, 2 Versuche (2x "Application Popup" und Ntfs, 09:39:56 und 09:40:05 in Ereignisanzeige/System)
- Symantec sagt Trojaner gefunden und konnte nicht gelöscht oder in Quarantäne verschoben werden (09:40:34 in Ereignisanzeige/Anwendung)
- Symantec Client versucht deswegen PC Neustart, klappt aber nicht, weil man am Server einen Grund für Neustart eintragen muss (09:40:46 in Ereignisanzeige/Anwendung)
- Symantec Client versucht nochmal PC Neustart, klappt wieder nicht, siehe oben (09:41:50 in Ereignisanzeige/Anwendung)
TDSS-Killer ohne "loaded Modules", da Neustart notwendig:
Die ganzen DPMADirekt und EPO_OLF Dienste sind okay und die 2 von HP auch Code:
08:32:43.0422 7336 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:32:43.0797 7336 ============================================================
08:32:43.0797 7336 Current date / time: 2013/03/19 08:32:43.0797
08:32:43.0797 7336 SystemInfo:
08:32:43.0797 7336
08:32:43.0797 7336 OS Version: 6.1.7601 ServicePack: 1.0
08:32:43.0797 7336 Product type: Domain controller
08:32:43.0797 7336 ComputerName: XXX
08:32:43.0797 7336 UserName: Administrator
08:32:43.0797 7336 Windows directory: C:\Windows
08:32:43.0797 7336 System windows directory: C:\Windows
08:32:43.0797 7336 Running under WOW64
08:32:43.0797 7336 Processor architecture: Intel x64
08:32:43.0797 7336 Number of processors: 4
08:32:43.0797 7336 Page size: 0x1000
08:32:43.0797 7336 Boot type: Normal boot
08:32:43.0797 7336 ============================================================
08:32:44.0500 7336 Drive \Device\Harddisk0\DR0 - Size: 0x10000000000 (1024.00 Gb), SectorSize: 0x200, Cylinders: 0x20A2A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:32:44.0500 7336 ============================================================
08:32:44.0500 7336 \Device\Harddisk0\DR0:
08:32:44.0500 7336 MBR partitions:
08:32:44.0500 7336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:32:44.0500 7336 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7FFCD000
08:32:44.0500 7336 ============================================================
08:32:44.0516 7336 C: <-> \Device\Harddisk0\DR0\Partition2
08:32:44.0516 7336 ============================================================
08:32:44.0516 7336 Initialize success
08:32:44.0516 7336 ============================================================
08:33:34.0266 2696 ============================================================
08:33:34.0266 2696 Scan started
08:33:34.0266 2696 Mode: Manual; SigCheck; TDLFS;
08:33:34.0266 2696 ============================================================
08:33:34.0656 2696 ================ Scan system memory ========================
08:33:34.0656 2696 System memory - ok
08:33:34.0656 2696 ================ Scan services =============================
08:33:34.0938 2696 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:33:35.0063 2696 1394ohci - ok
08:33:35.0094 2696 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:33:35.0125 2696 ACPI - ok
08:33:35.0141 2696 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:33:35.0203 2696 AcpiPmi - ok
08:33:35.0234 2696 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:33:35.0281 2696 adp94xx - ok
08:33:35.0297 2696 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:33:35.0328 2696 adpahci - ok
08:33:35.0328 2696 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:33:35.0359 2696 adpu320 - ok
08:33:35.0391 2696 [ 012D4CE9215453F36C3ECE7B412427AD ] ADWS C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
08:33:35.0453 2696 ADWS - ok
08:33:35.0484 2696 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:33:35.0563 2696 AeLookupSvc - ok
08:33:35.0594 2696 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:33:35.0656 2696 AFD - ok
08:33:35.0688 2696 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:33:35.0703 2696 agp440 - ok
08:33:35.0719 2696 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:33:35.0766 2696 ALG - ok
08:33:35.0781 2696 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:33:35.0797 2696 aliide - ok
08:33:35.0813 2696 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:33:35.0828 2696 amdide - ok
08:33:35.0844 2696 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:33:35.0875 2696 AmdK8 - ok
08:33:35.0891 2696 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:33:35.0922 2696 AmdPPM - ok
08:33:35.0938 2696 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:33:35.0969 2696 amdsata - ok
08:33:35.0984 2696 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:33:36.0016 2696 amdsbs - ok
08:33:36.0031 2696 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:33:36.0047 2696 amdxata - ok
08:33:36.0094 2696 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
08:33:36.0141 2696 AppHostSvc - ok
08:33:36.0156 2696 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:33:36.0281 2696 AppID - ok
08:33:36.0281 2696 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:33:36.0344 2696 AppIDSvc - ok
08:33:36.0359 2696 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:33:36.0438 2696 Appinfo - ok
08:33:36.0453 2696 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:33:36.0500 2696 AppMgmt - ok
08:33:36.0500 2696 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:33:36.0531 2696 arc - ok
08:33:36.0547 2696 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:33:36.0563 2696 arcsas - ok
08:33:36.0609 2696 ASANYs_sem5 - ok
08:33:36.0703 2696 [ 1838F16E9CE03B993FC500703B711DAB ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe
08:33:36.0734 2696 aspnet_state - ok
08:33:36.0750 2696 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:33:36.0813 2696 AsyncMac - ok
08:33:36.0828 2696 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:33:36.0844 2696 atapi - ok
08:33:36.0875 2696 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:33:36.0969 2696 AudioEndpointBuilder - ok
08:33:36.0984 2696 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:33:37.0031 2696 AudioSrv - ok
08:33:37.0063 2696 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:33:37.0109 2696 b06bdrv - ok
08:33:37.0125 2696 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:33:37.0172 2696 b57nd60a - ok
08:33:37.0188 2696 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:33:37.0234 2696 Beep - ok
08:33:37.0266 2696 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:33:37.0344 2696 BFE - ok
08:33:37.0375 2696 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:33:37.0453 2696 BITS - ok
08:33:37.0469 2696 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:33:37.0484 2696 blbdrive - ok
08:33:37.0516 2696 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:33:37.0563 2696 bowser - ok
08:33:37.0578 2696 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:33:37.0625 2696 BrFiltLo - ok
08:33:37.0625 2696 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:33:37.0656 2696 BrFiltUp - ok
08:33:37.0672 2696 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:33:37.0734 2696 Browser - ok
08:33:37.0734 2696 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:33:37.0781 2696 Brserid - ok
08:33:37.0781 2696 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:33:37.0813 2696 BrSerWdm - ok
08:33:37.0828 2696 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:33:37.0844 2696 BrUsbMdm - ok
08:33:37.0859 2696 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:33:37.0891 2696 BrUsbSer - ok
08:33:37.0922 2696 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccEvtMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
08:33:37.0953 2696 ccEvtMgr - ok
08:33:37.0969 2696 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccSetMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
08:33:37.0969 2696 ccSetMgr - ok
08:33:37.0984 2696 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:33:38.0031 2696 cdfs - ok
08:33:38.0063 2696 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
08:33:38.0094 2696 cdrom - ok
08:33:38.0109 2696 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:33:38.0172 2696 CertPropSvc - ok
08:33:38.0203 2696 [ 602578AC3A8F694FA8EBE7B48B2392D4 ] CertSvc C:\Windows\system32\certsrv.exe
08:33:38.0250 2696 CertSvc - ok
08:33:38.0266 2696 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:33:38.0297 2696 CLFS - ok
08:33:38.0375 2696 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:33:38.0422 2696 clr_optimization_v2.0.50727_32 - ok
08:33:38.0438 2696 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:33:38.0453 2696 clr_optimization_v2.0.50727_64 - ok
08:33:38.0469 2696 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:33:38.0500 2696 CmBatt - ok
08:33:38.0516 2696 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:33:38.0531 2696 cmdide - ok
08:33:38.0563 2696 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
08:33:38.0625 2696 CNG - ok
08:33:38.0625 2696 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:33:38.0656 2696 Compbatt - ok
08:33:38.0672 2696 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:33:38.0719 2696 CompositeBus - ok
08:33:38.0719 2696 COMSysApp - ok
08:33:38.0734 2696 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:33:38.0766 2696 crcdisk - ok
08:33:38.0781 2696 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:33:38.0828 2696 CryptSvc - ok
08:33:38.0875 2696 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:33:38.0922 2696 DcomLaunch - ok
08:33:38.0953 2696 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:33:39.0016 2696 defragsvc - ok
08:33:39.0047 2696 [ CBD618F73F32DA9F8A63D3B3E8DF12A9 ] Dfs C:\Windows\system32\dfssvc.exe
08:33:39.0109 2696 Dfs - ok
08:33:39.0141 2696 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:33:39.0203 2696 DfsC - ok
08:33:39.0219 2696 [ FFFE7EF57BD8C93AB3076B340FAE0830 ] DfsDriver C:\Windows\system32\drivers\dfs.sys
08:33:39.0250 2696 DfsDriver - ok
08:33:39.0313 2696 [ C087263545318AA5007C46F79CA7509B ] DFSR C:\Windows\system32\DFSRs.exe
08:33:39.0422 2696 DFSR - ok
08:33:39.0453 2696 [ E66B02FC5250331BAAC1CAE2111D1288 ] DfsrRo C:\Windows\system32\drivers\dfsrro.sys
08:33:39.0484 2696 DfsrRo - ok
08:33:39.0500 2696 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:33:39.0563 2696 Dhcp - ok
08:33:39.0609 2696 [ E31F0BD0D7AB8207C24D5F9F336B1C1F ] DHCPServer C:\Windows\System32\dhcpssvc.dll
08:33:39.0688 2696 DHCPServer - ok
08:33:39.0703 2696 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:33:39.0750 2696 discache - ok
08:33:39.0766 2696 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:33:39.0797 2696 Disk - ok
08:33:39.0844 2696 [ AAAF242737F26627774A4CD55CD85FCE ] DNS C:\Windows\system32\dns.exe
08:33:39.0922 2696 DNS - ok
08:33:39.0938 2696 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:33:40.0000 2696 Dnscache - ok
08:33:40.0031 2696 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:33:40.0094 2696 dot3svc - ok
08:33:40.0141 2696 [ 238560BC8253431AA3FE9E6688D2EFEC ] DPMAdirektService C:\Program Files (x86)\DPMAdirekt\Server\jsl.exe
08:33:40.0156 2696 DPMAdirektService ( UnsignedFile.Multi.Generic ) - warning
08:33:40.0156 2696 DPMAdirektService - detected UnsignedFile.Multi.Generic (1)
08:33:40.0172 2696 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:33:40.0250 2696 DPS - ok
08:33:40.0281 2696 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:33:40.0344 2696 DXGKrnl - ok
08:33:40.0375 2696 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
08:33:40.0406 2696 E1G60 - ok
08:33:40.0422 2696 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:33:40.0484 2696 EapHost - ok
08:33:40.0547 2696 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:33:40.0625 2696 ebdrv - ok
08:33:40.0656 2696 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:33:40.0750 2696 eeCtrl - ok
08:33:40.0766 2696 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:33:40.0813 2696 EFS - ok
08:33:40.0844 2696 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:33:40.0891 2696 elxstor - ok
08:33:41.0125 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ATPAT1_Service C:\Program Files (x86)\EPO_OLF5\AT_Pat\bin\AT_Pat.exe
08:33:41.0281 2696 EPO_OLF_ATPAT1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:41.0281 2696 EPO_OLF_ATPAT1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:41.0609 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ATSFD1_Service C:\Program Files (x86)\EPO_OLF5\AT_SFD\bin\AT_SFD.exe
08:33:41.0734 2696 EPO_OLF_ATSFD1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:41.0734 2696 EPO_OLF_ATSFD1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:41.0953 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ATUMOD_Service C:\Program Files (x86)\EPO_OLF5\AT_UM\bin\AT_UM.exe
08:33:42.0078 2696 EPO_OLF_ATUMOD_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:42.0078 2696 EPO_OLF_ATUMOD_Service - detected UnsignedFile.Multi.Generic (1)
08:33:42.0281 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_DE2007_Service C:\Program Files (x86)\EPO_OLF5\de2007\bin\de2007.exe
08:33:42.0422 2696 EPO_OLF_DE2007_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:42.0422 2696 EPO_OLF_DE2007_Service - detected UnsignedFile.Multi.Generic (1)
08:33:42.0625 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_DKPAT1_Service C:\Program Files (x86)\EPO_OLF5\DK_plugin\bin\DK_plugin.exe
08:33:42.0750 2696 EPO_OLF_DKPAT1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:42.0750 2696 EPO_OLF_DKPAT1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:42.0969 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_EP1038_Service C:\Program Files (x86)\EPO_OLF5\ep1038\bin\ep1038.exe
08:33:43.0109 2696 EPO_OLF_EP1038_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:43.0109 2696 EPO_OLF_EP1038_Service - detected UnsignedFile.Multi.Generic (1)
08:33:43.0313 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_EP122K_Service C:\Program Files (x86)\EPO_OLF5\ep1200\bin\ep1200.exe
08:33:43.0438 2696 EPO_OLF_EP122K_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:43.0438 2696 EPO_OLF_EP122K_Service - detected UnsignedFile.Multi.Generic (1)
08:33:43.0609 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_EP2000_Service C:\Program Files (x86)\EPO_OLF5\ep1001\bin\ep1001.exe
08:33:43.0750 2696 EPO_OLF_EP2000_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:43.0750 2696 EPO_OLF_EP2000_Service - detected UnsignedFile.Multi.Generic (1)
08:33:43.0953 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_EPOPPO_Service C:\Program Files (x86)\EPO_OLF5\ep_oppo\bin\ep_oppo.exe
08:33:44.0094 2696 EPO_OLF_EPOPPO_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:44.0094 2696 EPO_OLF_EPOPPO_Service - detected UnsignedFile.Multi.Generic (1)
08:33:44.0328 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ES3101_Service C:\Program Files (x86)\EPO_OLF5\es3101e\bin\es3101e.exe
08:33:44.0453 2696 EPO_OLF_ES3101_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:44.0453 2696 EPO_OLF_ES3101_Service - detected UnsignedFile.Multi.Generic (1)
08:33:44.0656 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ESEPVL_Service C:\Program Files (x86)\EPO_OLF5\esEPvalidation\bin\esEPvalidation.exe
08:33:44.0781 2696 EPO_OLF_ESEPVL_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:44.0781 2696 EPO_OLF_ESEPVL_Service - detected UnsignedFile.Multi.Generic (1)
08:33:45.0000 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ESTSUB_Service C:\Program Files (x86)\EPO_OLF5\esTSubs\bin\esTSubs.exe
08:33:45.0125 2696 EPO_OLF_ESTSUB_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:45.0125 2696 EPO_OLF_ESTSUB_Service - detected UnsignedFile.Multi.Generic (1)
08:33:45.0313 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_FIEPFI_Service C:\Program Files (x86)\EPO_OLF5\FIEPPlugin\bin\FIEPPlugin.exe
08:33:45.0453 2696 EPO_OLF_FIEPFI_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:45.0453 2696 EPO_OLF_FIEPFI_Service - detected UnsignedFile.Multi.Generic (1)
08:33:45.0641 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_FIHAKE_Service C:\Program Files (x86)\EPO_OLF5\FIPlugin\bin\FIPlugin.exe
08:33:45.0766 2696 EPO_OLF_FIHAKE_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:45.0766 2696 EPO_OLF_FIHAKE_Service - detected UnsignedFile.Multi.Generic (1)
08:33:45.0969 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_FIPCT1_Service C:\Program Files (x86)\EPO_OLF5\FIPCTPlugin\bin\FIPCTPlugin.exe
08:33:46.0094 2696 EPO_OLF_FIPCT1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:46.0094 2696 EPO_OLF_FIPCT1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:46.0266 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_FISUBS_Service C:\Program Files (x86)\EPO_OLF5\FISFDPlugin\bin\FISFDPlugin.exe
08:33:46.0391 2696 EPO_OLF_FISUBS_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:46.0391 2696 EPO_OLF_FISUBS_Service - detected UnsignedFile.Multi.Generic (1)
08:33:46.0594 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_FIUMOD_Service C:\Program Files (x86)\EPO_OLF5\FIUMPlugin\bin\FIUMPlugin.exe
08:33:46.0734 2696 EPO_OLF_FIUMOD_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:46.0734 2696 EPO_OLF_FIUMOD_Service - detected UnsignedFile.Multi.Generic (1)
08:33:46.0766 2696 [ C356CFC68B9BB035923CCE5F429D028D ] EPO_OLF_FMGRDN_Service C:\Program Files (x86)\EPO_OLF5\OLFGuardian.exe
08:33:46.0813 2696 EPO_OLF_FMGRDN_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:46.0813 2696 EPO_OLF_FMGRDN_Service - detected UnsignedFile.Multi.Generic (1)
08:33:47.0031 2696 [ 1805949BC5B61E33F5C385C8777A3FD6 ] EPO_OLF_FMMNGR_Service C:\Program Files (x86)\EPO_OLF5\fm\bin\OLFfm.exe
08:33:47.0172 2696 EPO_OLF_FMMNGR_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:47.0172 2696 EPO_OLF_FMMNGR_Service - detected UnsignedFile.Multi.Generic (1)
08:33:47.0359 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_FRDPT4_Service C:\Program Files (x86)\EPO_OLF5\Plug_FR\bin\Plug_FR.exe
08:33:47.0484 2696 EPO_OLF_FRDPT4_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:47.0484 2696 EPO_OLF_FRDPT4_Service - detected UnsignedFile.Multi.Generic (1)
08:33:47.0656 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_FRSUBS_Service C:\Program Files (x86)\EPO_OLF5\e3fr\bin\e3fr.exe
08:33:47.0781 2696 EPO_OLF_FRSUBS_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:47.0781 2696 EPO_OLF_FRSUBS_Service - detected UnsignedFile.Multi.Generic (1)
08:33:47.0953 2696 [ 5158DA4BC018C73BBC75F5CDCF25A95A ] EPO_OLF_IBR101_Service C:\Program Files (x86)\EPO_OLF5\pct\pcti.exe
08:33:48.0078 2696 EPO_OLF_IBR101_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:48.0078 2696 EPO_OLF_IBR101_Service - detected UnsignedFile.Multi.Generic (1)
08:33:48.0359 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_IBR401_Service C:\Program Files (x86)\EPO_OLF5\PCT_Demand\bin\PCT_Demand.exe
08:33:48.0484 2696 EPO_OLF_IBR401_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:48.0484 2696 EPO_OLF_IBR401_Service - detected UnsignedFile.Multi.Generic (1)
08:33:48.0688 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_IBRSFD_Service C:\Program Files (x86)\EPO_OLF5\PCTSFD\bin\PCTSFD.exe
08:33:48.0813 2696 EPO_OLF_IBRSFD_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:48.0813 2696 EPO_OLF_IBRSFD_Service - detected UnsignedFile.Multi.Generic (1)
08:33:49.0016 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ISEPVL_Service C:\Program Files (x86)\EPO_OLF5\IS-EPval\bin\IS-EPval.exe
08:33:49.0141 2696 EPO_OLF_ISEPVL_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:49.0141 2696 EPO_OLF_ISEPVL_Service - detected UnsignedFile.Multi.Generic (1)
08:33:49.0344 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ISPAT1_Service C:\Program Files (x86)\EPO_OLF5\IS_plugin\bin\IS_plugin.exe
08:33:49.0469 2696 EPO_OLF_ISPAT1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:49.0469 2696 EPO_OLF_ISPAT1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:49.0672 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_NLAANV_Service C:\Program Files (x86)\EPO_OLF5\nl_aanvraag\bin\nl_aanvraag.exe
08:33:49.0813 2696 EPO_OLF_NLAANV_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:49.0813 2696 EPO_OLF_NLAANV_Service - detected UnsignedFile.Multi.Generic (1)
08:33:50.0016 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_NLEPNL_Service C:\Program Files (x86)\EPO_OLF5\nlepnl_post\bin\nlepnl_post.exe
08:33:50.0141 2696 EPO_OLF_NLEPNL_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:50.0141 2696 EPO_OLF_NLEPNL_Service - detected UnsignedFile.Multi.Generic (1)
08:33:50.0344 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_NLPOST_Service C:\Program Files (x86)\EPO_OLF5\nl_post\bin\nl_post.exe
08:33:50.0484 2696 EPO_OLF_NLPOST_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:50.0484 2696 EPO_OLF_NLPOST_Service - detected UnsignedFile.Multi.Generic (1)
08:33:50.0703 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_PLPAT1_Service C:\Program Files (x86)\EPO_OLF5\Patenty\bin\Patenty.exe
08:33:50.0828 2696 EPO_OLF_PLPAT1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:50.0828 2696 EPO_OLF_PLPAT1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:51.0047 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_PLWZU1_Service C:\Program Files (x86)\EPO_OLF5\WzoUzyt\bin\WzoUzyt.exe
08:33:51.0172 2696 EPO_OLF_PLWZU1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:51.0172 2696 EPO_OLF_PLWZU1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:51.0359 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ROB01A_Service C:\Program Files (x86)\EPO_OLF5\ROb01a\bin\ROb01a.exe
08:33:51.0484 2696 EPO_OLF_ROB01A_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:51.0484 2696 EPO_OLF_ROB01A_Service - detected UnsignedFile.Multi.Generic (1)
08:33:51.0703 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ROEPRO_Service C:\Program Files (x86)\EPO_OLF5\roepro\bin\roepro.exe
08:33:51.0828 2696 EPO_OLF_ROEPRO_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:51.0828 2696 EPO_OLF_ROEPRO_Service - detected UnsignedFile.Multi.Generic (1)
08:33:52.0000 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_ROPCT1_Service C:\Program Files (x86)\EPO_OLF5\ROpct\bin\ROpct.exe
08:33:52.0141 2696 EPO_OLF_ROPCT1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:52.0141 2696 EPO_OLF_ROPCT1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:52.0375 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_SEPAT1_Service C:\Program Files (x86)\EPO_OLF5\SEClient141\bin\SEClient141.exe
08:33:52.0500 2696 EPO_OLF_SEPAT1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:52.0500 2696 EPO_OLF_SEPAT1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:52.0703 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_SEVAL1_Service C:\Program Files (x86)\EPO_OLF5\SEValidering\bin\SEValidering.exe
08:33:52.0828 2696 EPO_OLF_SEVAL1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:52.0828 2696 EPO_OLF_SEVAL1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:53.0047 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_SK8001_Service C:\Program Files (x86)\EPO_OLF5\sk8001\bin\sk8001.exe
08:33:53.0172 2696 EPO_OLF_SK8001_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:53.0172 2696 EPO_OLF_SK8001_Service - detected UnsignedFile.Multi.Generic (1)
08:33:53.0391 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_SK8002_Service C:\Program Files (x86)\EPO_OLF5\sk8002\bin\sk8002.exe
08:33:53.0516 2696 EPO_OLF_SK8002_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:53.0516 2696 EPO_OLF_SK8002_Service - detected UnsignedFile.Multi.Generic (1)
08:33:53.0703 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_SKSFD1_Service C:\Program Files (x86)\EPO_OLF5\skSFD\bin\skSFD.exe
08:33:53.0844 2696 EPO_OLF_SKSFD1_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:53.0844 2696 EPO_OLF_SKSFD1_Service - detected UnsignedFile.Multi.Generic (1)
08:33:54.0047 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_UK177E_Service C:\Program Files (x86)\EPO_OLF5\uk177\bin\uk177.exe
08:33:54.0172 2696 EPO_OLF_UK177E_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:54.0172 2696 EPO_OLF_UK177E_Service - detected UnsignedFile.Multi.Generic (1)
08:33:54.0359 2696 [ 3677FB12AA0D69727DCCCD9250B985E5 ] EPO_OLF_UKNPUK_Service C:\Program Files (x86)\EPO_OLF5\NP1\bin\NP1.exe
08:33:54.0484 2696 EPO_OLF_UKNPUK_Service ( UnsignedFile.Multi.Generic ) - warning
08:33:54.0484 2696 EPO_OLF_UKNPUK_Service - detected UnsignedFile.Multi.Generic (1)
08:33:54.0516 2696 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:33:54.0547 2696 EraserUtilRebootDrv - ok
08:33:54.0578 2696 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:33:54.0609 2696 ErrDev - ok
08:33:54.0641 2696 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:33:54.0688 2696 EventSystem - ok
08:33:54.0703 2696 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:33:54.0766 2696 exfat - ok
08:33:54.0781 2696 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:33:54.0844 2696 fastfat - ok
08:33:54.0859 2696 [ F30A540AF561BAD1DD1A074738ED1CDA ] FCRegSvc C:\Windows\system32\FCRegSvc.dll
08:33:54.0906 2696 FCRegSvc - ok
08:33:54.0922 2696 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:33:54.0953 2696 fdc - ok
08:33:54.0953 2696 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:33:55.0016 2696 fdPHost - ok
08:33:55.0031 2696 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:33:55.0094 2696 FDResPub - ok
08:33:55.0094 2696 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:33:55.0125 2696 FileInfo - ok
08:33:55.0125 2696 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:33:55.0188 2696 Filetrace - ok
08:33:55.0219 2696 FirebirdGuardianOLF - ok
08:33:55.0234 2696 FirebirdServerOLF - ok
08:33:55.0250 2696 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:33:55.0281 2696 flpydisk - ok
08:33:55.0313 2696 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:33:55.0344 2696 FltMgr - ok
08:33:55.0375 2696 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
08:33:55.0453 2696 FontCache - ok
08:33:55.0500 2696 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:33:55.0516 2696 FontCache3.0.0.0 - ok
08:33:55.0531 2696 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:33:55.0547 2696 FsDepends - ok
08:33:55.0578 2696 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:33:55.0594 2696 Fs_Rec - ok
08:33:55.0609 2696 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:33:55.0641 2696 gagp30kx - ok
08:33:55.0656 2696 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:33:55.0734 2696 gpsvc - ok
08:33:55.0750 2696 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:33:55.0781 2696 HDAudBus - ok
08:33:55.0797 2696 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:33:55.0828 2696 HidBatt - ok
08:33:55.0844 2696 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:33:55.0906 2696 hidserv - ok
08:33:55.0922 2696 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
08:33:55.0953 2696 HidUsb - ok
08:33:55.0969 2696 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:33:56.0031 2696 hkmsvc - ok
08:33:56.0047 2696 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:33:56.0078 2696 HpSAMD - ok
08:33:56.0094 2696 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:33:56.0172 2696 HTTP - ok
08:33:56.0188 2696 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:33:56.0219 2696 hwpolicy - ok
08:33:56.0234 2696 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:33:56.0266 2696 i8042prt - ok
08:33:56.0281 2696 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:33:56.0328 2696 iaStorV - ok
08:33:56.0359 2696 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:33:56.0391 2696 idsvc - ok
08:33:56.0406 2696 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:33:56.0438 2696 iirsp - ok
08:33:56.0453 2696 [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe
08:33:56.0500 2696 IISADMIN - ok
08:33:56.0531 2696 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:33:56.0609 2696 IKEEXT - ok
08:33:56.0625 2696 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:33:56.0656 2696 intelide - ok
08:33:56.0672 2696 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:33:56.0703 2696 intelppm - ok
08:33:56.0719 2696 [ FF0FB51A0ACC2E2D0D412138A05A0B59 ] ioatdma C:\Windows\System32\Drivers\qd260x64.sys
08:33:56.0750 2696 ioatdma - ok
08:33:56.0766 2696 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:33:56.0828 2696 IPBusEnum - ok
08:33:56.0844 2696 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:33:56.0891 2696 IpFilterDriver - ok
08:33:56.0938 2696 [ F49F39620FDCAB02D12F5F28602CA636 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:33:56.0984 2696 iphlpsvc - ok
08:33:57.0016 2696 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:33:57.0047 2696 IPMIDRV - ok
08:33:57.0063 2696 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:33:57.0109 2696 IPNAT - ok
08:33:57.0125 2696 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:33:57.0156 2696 isapnp - ok
08:33:57.0172 2696 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:33:57.0203 2696 iScsiPrt - ok
08:33:57.0250 2696 [ 50FC561231A9B1EFD2B47625BE4272B3 ] IsmServ C:\Windows\System32\ismserv.exe
08:33:57.0297 2696 IsmServ - ok
08:33:57.0328 2696 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
08:33:57.0344 2696 kbdclass - ok
08:33:57.0359 2696 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
08:33:57.0406 2696 kbdhid - ok
08:33:57.0422 2696 [ C118A82CD78818C29AB228366EBF81C3 ] kdc C:\Windows\System32\lsass.exe
08:33:57.0438 2696 kdc - ok
08:33:57.0453 2696 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:33:57.0469 2696 KeyIso - ok
08:33:57.0484 2696 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:33:57.0500 2696 KSecDD - ok
08:33:57.0516 2696 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:33:57.0563 2696 KSecPkg - ok
08:33:57.0563 2696 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:33:57.0625 2696 ksthunk - ok
08:33:57.0656 2696 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:33:57.0719 2696 KtmRm - ok
08:33:57.0750 2696 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:33:57.0813 2696 LanmanServer - ok
08:33:57.0828 2696 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:33:57.0891 2696 LanmanWorkstation - ok
08:33:57.0984 2696 [ 6ABE9ECAAB7DD0CC6F46EC830E0FE8FC ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
08:33:58.0063 2696 LiveUpdate - ok
08:33:58.0094 2696 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:33:58.0156 2696 lltdio - ok
08:33:58.0172 2696 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:33:58.0234 2696 lltdsvc - ok
08:33:58.0250 2696 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:33:58.0313 2696 lmhosts - ok
08:33:58.0406 2696 [ 7109163D8027076D2680CFC4E80E2A28 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
08:33:58.0438 2696 LMIGuardianSvc - ok
08:33:58.0453 2696 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
08:33:58.0484 2696 LMIInfo - ok
08:33:58.0516 2696 [ 8054CE1FC8B417691960D00F931516A7 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
08:33:58.0531 2696 LMIMaint - ok
08:33:58.0547 2696 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
08:33:58.0578 2696 lmimirr - ok
08:33:58.0578 2696 LMIRfsClientNP - ok
08:33:58.0594 2696 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
08:33:58.0609 2696 LMIRfsDriver - ok
08:33:58.0641 2696 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
08:33:58.0672 2696 LogMeIn - ok
08:33:58.0688 2696 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:33:58.0703 2696 LSI_FC - ok
08:33:58.0719 2696 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:33:58.0734 2696 LSI_SAS - ok
08:33:58.0734 2696 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:33:58.0766 2696 LSI_SAS2 - ok
08:33:58.0781 2696 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:33:58.0797 2696 LSI_SCSI - ok
08:33:58.0813 2696 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:33:58.0859 2696 luafv - ok
08:33:58.0953 2696 [ 9B35583D94EC79FD640E0B3A6E5CB541 ] MailStoreServer C:\Program Files (x86)\deepinvent\MailStore Server\MailStoreServer.exe
08:33:59.0109 2696 MailStoreServer - ok
08:33:59.0125 2696 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:33:59.0156 2696 megasas - ok
08:33:59.0172 2696 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:33:59.0219 2696 MegaSR - ok
08:33:59.0234 2696 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:33:59.0297 2696 MMCSS - ok
08:33:59.0297 2696 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:33:59.0359 2696 Modem - ok
08:33:59.0359 2696 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:33:59.0391 2696 monitor - ok
08:33:59.0406 2696 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
08:33:59.0422 2696 mouclass - ok
08:33:59.0438 2696 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:33:59.0453 2696 mouhid - ok
08:33:59.0484 2696 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:33:59.0500 2696 mountmgr - ok
08:33:59.0563 2696 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:33:59.0594 2696 MozillaMaintenance - ok
08:33:59.0609 2696 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:33:59.0656 2696 mpio - ok
08:33:59.0656 2696 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:33:59.0719 2696 mpsdrv - ok
08:33:59.0734 2696 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:33:59.0844 2696 MpsSvc - ok
08:33:59.0875 2696 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:33:59.0938 2696 mrxsmb - ok
08:33:59.0953 2696 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:34:00.0000 2696 mrxsmb10 - ok
08:34:00.0016 2696 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:34:00.0047 2696 mrxsmb20 - ok
08:34:00.0063 2696 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:34:00.0078 2696 msahci - ok
08:34:00.0094 2696 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:34:00.0125 2696 msdsm - ok
08:34:00.0141 2696 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:34:00.0172 2696 MSDTC - ok
08:34:00.0172 2696 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:34:00.0234 2696 Msfs - ok
08:34:00.0234 2696 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:34:00.0297 2696 mshidkmdf - ok
08:34:00.0313 2696 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:34:00.0328 2696 msisadrv - ok
08:34:00.0344 2696 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:34:00.0406 2696 MSiSCSI - ok
08:34:00.0422 2696 msiserver - ok
08:34:00.0438 2696 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:34:00.0469 2696 MsRPC - ok
08:34:00.0500 2696 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:34:00.0516 2696 mssmbios - ok
08:34:00.0531 2696 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:34:00.0563 2696 MTConfig - ok
08:34:00.0578 2696 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:34:00.0609 2696 Mup - ok
08:34:00.0625 2696 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:34:00.0703 2696 napagent - ok
08:34:00.0766 2696 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130318.025\ENG64.SYS
08:34:00.0797 2696 NAVENG - ok
08:34:00.0828 2696 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130318.025\EX64.SYS
08:34:00.0891 2696 NAVEX15 - ok
08:34:00.0922 2696 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:34:01.0000 2696 NDIS - ok
08:34:01.0016 2696 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:34:01.0078 2696 NdisCap - ok
08:34:01.0094 2696 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:34:01.0172 2696 NdisTapi - ok
08:34:01.0188 2696 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:34:01.0250 2696 Ndisuio - ok
08:34:01.0281 2696 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:34:01.0344 2696 NdisWan - ok
08:34:01.0359 2696 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:34:01.0422 2696 NDProxy - ok
08:34:01.0453 2696 [ B6CBA9A0403E2C1A9EA03C33A4932E89 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:34:01.0469 2696 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:34:01.0484 2696 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:34:01.0500 2696 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:34:01.0563 2696 NetBIOS - ok
08:34:01.0578 2696 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:34:01.0656 2696 NetBT - ok
08:34:01.0672 2696 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:34:01.0688 2696 Netlogon - ok
08:34:01.0719 2696 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:34:01.0797 2696 Netman - ok
08:34:01.0797 2696 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:34:01.0891 2696 netprofm - ok
08:34:01.0906 2696 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:34:01.0938 2696 NetTcpPortSharing - ok
08:34:01.0938 2696 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:34:01.0969 2696 nfrd960 - ok
08:34:01.0969 2696 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:34:02.0031 2696 NlaSvc - ok
08:34:02.0219 2696 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Windows\SysWOW64\NMSAccessU.exe
08:34:02.0250 2696 NMSAccess - ok
08:34:02.0266 2696 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:34:02.0313 2696 Npfs - ok
08:34:02.0328 2696 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:34:02.0375 2696 nsi - ok
08:34:02.0391 2696 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:34:02.0438 2696 nsiproxy - ok
08:34:02.0453 2696 [ C118A82CD78818C29AB228366EBF81C3 ] NTDS C:\Windows\System32\lsass.exe
08:34:02.0469 2696 NTDS - ok
08:34:02.0500 2696 [ 20C9F6D2A8449D00C72ABA9ECF6959F6 ] NtFrs C:\Windows\system32\ntfrs.exe
08:34:02.0547 2696 NtFrs - ok
08:34:02.0578 2696 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:34:02.0656 2696 Ntfs - ok
08:34:02.0672 2696 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:34:02.0734 2696 Null - ok
08:34:02.0750 2696 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:34:02.0781 2696 nvraid - ok
08:34:02.0813 2696 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:34:02.0828 2696 nvstor - ok
08:34:02.0859 2696 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:34:02.0875 2696 nv_agp - ok
08:34:02.0891 2696 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:34:02.0922 2696 ohci1394 - ok
08:34:02.0938 2696 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:34:02.0969 2696 Parport - ok
08:34:02.0984 2696 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:34:03.0000 2696 partmgr - ok
08:34:03.0031 2696 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:34:03.0063 2696 pci - ok
08:34:03.0078 2696 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:34:03.0094 2696 pciide - ok
08:34:03.0109 2696 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:34:03.0141 2696 pcmcia - ok
08:34:03.0141 2696 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:34:03.0172 2696 pcw - ok
08:34:03.0188 2696 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:34:03.0250 2696 PEAUTH - ok
08:34:03.0266 2696 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:34:03.0297 2696 PerfHost - ok
08:34:03.0328 2696 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:34:03.0406 2696 pla - ok
08:34:03.0453 2696 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:34:03.0516 2696 PlugPlay - ok
08:34:03.0531 2696 [ 35CCB20B0D730B7764D049463E4B2AC5 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:34:03.0547 2696 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
08:34:03.0547 2696 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
08:34:03.0563 2696 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:34:03.0641 2696 PolicyAgent - ok
08:34:03.0656 2696 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:34:03.0734 2696 Power - ok
08:34:03.0750 2696 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:34:03.0813 2696 PptpMiniport - ok
08:34:03.0828 2696 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:34:03.0859 2696 Processor - ok
08:34:03.0875 2696 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:34:03.0922 2696 ProfSvc - ok
08:34:03.0922 2696 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:34:03.0938 2696 ProtectedStorage - ok
08:34:03.0969 2696 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:34:04.0031 2696 Psched - ok
08:34:04.0063 2696 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:34:04.0109 2696 ql2300 - ok
08:34:04.0125 2696 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:34:04.0156 2696 ql40xx - ok
08:34:04.0156 2696 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:34:04.0203 2696 RasAcd - ok
08:34:04.0219 2696 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:34:04.0281 2696 RasAgileVpn - ok
08:34:04.0297 2696 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:34:04.0359 2696 RasAuto - ok
08:34:04.0375 2696 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:34:04.0438 2696 Rasl2tp - ok
08:34:04.0469 2696 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:34:04.0531 2696 RasMan - ok
08:34:04.0563 2696 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:34:04.0609 2696 RasPppoe - ok
08:34:04.0625 2696 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:34:04.0688 2696 RasSstp - ok
08:34:04.0703 2696 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:34:04.0781 2696 rdbss - ok
08:34:04.0797 2696 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:34:04.0828 2696 rdpbus - ok
08:34:04.0844 2696 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:34:04.0891 2696 RDPCDD - ok
08:34:04.0922 2696 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:34:05.0016 2696 RDPDR - ok
08:34:05.0031 2696 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:34:05.0078 2696 RDPENCDD - ok
08:34:05.0094 2696 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:34:05.0141 2696 RDPREFMP - ok
08:34:05.0172 2696 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:34:05.0203 2696 RDPWD - ok
08:34:05.0234 2696 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:34:05.0297 2696 RemoteAccess - ok
08:34:05.0313 2696 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:34:05.0375 2696 RemoteRegistry - ok
08:34:05.0391 2696 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:34:05.0438 2696 RpcEptMapper - ok
08:34:05.0453 2696 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:34:05.0484 2696 RpcLocator - ok
08:34:05.0516 2696 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:34:05.0563 2696 RpcSs - ok
08:34:05.0578 2696 [ 551EF8EFA329F5E27A16D2793123943A ] RSoPProv C:\Windows\system32\RSoPProv.exe
08:34:05.0609 2696 RSoPProv - ok
08:34:05.0625 2696 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:34:05.0688 2696 rspndr - ok
08:34:05.0703 2696 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
08:34:05.0734 2696 s3cap - ok
08:34:05.0750 2696 [ D65E5E5C59F70516E856F5350106CDAB ] sacdrv C:\Windows\system32\DRIVERS\sacdrv.sys
08:34:05.0766 2696 sacdrv - ok
08:34:05.0781 2696 [ 1F8597C49E2F6FEAE04ED4E3D978465B ] sacsvr C:\Windows\system32\sacsvr.dll
08:34:05.0813 2696 sacsvr - ok
08:34:05.0813 2696 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:34:05.0828 2696 SamSs - ok
08:34:05.0844 2696 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:34:05.0859 2696 sbp2port - ok
08:34:05.0875 2696 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:34:05.0938 2696 SCardSvr - ok
08:34:05.0953 2696 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:34:06.0016 2696 scfilter - ok
08:34:06.0047 2696 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:34:06.0141 2696 Schedule - ok
08:34:06.0156 2696 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:34:06.0203 2696 SCPolicySvc - ok
08:34:06.0203 2696 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:34:06.0266 2696 secdrv - ok
08:34:06.0281 2696 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:34:06.0344 2696 seclogon - ok
08:34:06.0391 2696 [ 2A711646B0327B08EF7DBC0721185126 ] semsrv C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\bin\SemSvc.exe
08:34:06.0422 2696 semsrv - ok
08:34:06.0453 2696 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:34:06.0500 2696 SENS - ok
08:34:06.0516 2696 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:34:06.0547 2696 Serenum - ok
08:34:06.0563 2696 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:34:06.0594 2696 Serial - ok
08:34:06.0609 2696 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:34:06.0641 2696 sermouse - ok
08:34:06.0656 2696 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:34:06.0719 2696 SessionEnv - ok
08:34:06.0734 2696 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:34:06.0766 2696 sffdisk - ok
08:34:06.0781 2696 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:34:06.0813 2696 sffp_mmc - ok
08:34:06.0828 2696 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:34:06.0859 2696 sffp_sd - ok
08:34:06.0859 2696 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:34:06.0891 2696 sfloppy - ok
08:34:06.0906 2696 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:34:06.0953 2696 SharedAccess - ok
08:34:06.0984 2696 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:34:07.0063 2696 ShellHWDetection - ok
08:34:07.0063 2696 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:34:07.0078 2696 SiSRaid2 - ok
08:34:07.0094 2696 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:34:07.0109 2696 SiSRaid4 - ok
08:34:07.0125 2696 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:34:07.0188 2696 Smb - ok
08:34:07.0313 2696 [ 13FFB1D55C2710ABC3119474A83C0A44 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
08:34:07.0438 2696 SmcService - ok
08:34:07.0453 2696 [ D48F87803F3965EE04D9BCB318791AAB ] SMR311 C:\Windows\system32\drivers\SMR311.SYS
08:34:07.0484 2696 SMR311 - ok
08:34:07.0500 2696 [ 0BDEF6DADB43601FDCB031B4B0383580 ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
08:34:07.0531 2696 SNAC - ok
08:34:07.0563 2696 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:34:07.0594 2696 SNMPTRAP - ok
08:34:07.0594 2696 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:34:07.0609 2696 spldr - ok
08:34:07.0641 2696 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:34:07.0688 2696 Spooler - ok
08:34:07.0750 2696 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:34:08.0031 2696 sppsvc - ok
08:34:08.0031 2696 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:34:08.0094 2696 sppuinotify - ok
08:34:08.0125 2696 [ 83834EBC0786CCF5EE64FBBB6A89CF3A ] SRTSP C:\Windows\system32\Drivers\SRTSP64.SYS
08:34:08.0172 2696 SRTSP - ok
08:34:08.0188 2696 [ E47D5D68917E0D70E3730263D41CEFA3 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL64.SYS
08:34:08.0219 2696 SRTSPL - ok
08:34:08.0219 2696 [ EA2051FF6A40C89EAA98C1769AD68597 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX64.SYS
08:34:08.0250 2696 SRTSPX - ok
08:34:08.0266 2696 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:34:08.0328 2696 srv - ok
08:34:08.0344 2696 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:34:08.0391 2696 srv2 - ok
08:34:08.0406 2696 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:34:08.0438 2696 srvnet - ok
08:34:08.0469 2696 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:34:08.0516 2696 SSDPSRV - ok
08:34:08.0531 2696 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:34:08.0594 2696 SstpSvc - ok
08:34:08.0594 2696 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:34:08.0625 2696 stexstor - ok
08:34:08.0641 2696 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
08:34:08.0672 2696 storflt - ok
08:34:08.0672 2696 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:34:08.0703 2696 storvsc - ok
08:34:08.0719 2696 [ 7AFDE8E361E3919B58FDDAF62490AB3B ] storvsp C:\Windows\system32\drivers\storvsp.sys
08:34:08.0766 2696 storvsp - ok
08:34:08.0781 2696 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:34:08.0797 2696 swenum - ok
08:34:08.0828 2696 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:34:08.0891 2696 swprv - ok
08:34:08.0922 2696 [ 4402CF4959A30CB6A008099ABA8F22A9 ] Symantec AntiVirus C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
08:34:08.0969 2696 Symantec AntiVirus - ok
08:34:09.0000 2696 [ D1F1A5E72E33D6BE449F5F1F4A513DD1 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
08:34:09.0031 2696 SymEvent - ok
08:34:09.0047 2696 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:34:09.0125 2696 TapiSrv - ok
08:34:09.0141 2696 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:34:09.0203 2696 TBS - ok
08:34:09.0250 2696 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:34:09.0313 2696 Tcpip - ok
08:34:09.0344 2696 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:34:09.0391 2696 TCPIP6 - ok
08:34:09.0406 2696 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:34:09.0438 2696 tcpipreg - ok
08:34:09.0453 2696 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:34:09.0500 2696 TDPIPE - ok
08:34:09.0516 2696 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:34:09.0547 2696 TDTCP - ok
08:34:09.0563 2696 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:34:09.0625 2696 tdx - ok
08:34:09.0641 2696 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:34:09.0656 2696 TermDD - ok
08:34:09.0672 2696 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:34:09.0734 2696 TermService - ok
08:34:09.0750 2696 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:34:09.0797 2696 THREADORDER - ok
08:34:09.0813 2696 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:34:09.0875 2696 TrkWks - ok
08:34:09.0891 2696 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:34:09.0953 2696 TrustedInstaller - ok
08:34:09.0969 2696 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:34:10.0031 2696 tssecsrv - ok
08:34:10.0063 2696 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:34:10.0109 2696 TsUsbFlt - ok
08:34:10.0125 2696 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:34:10.0188 2696 tunnel - ok
08:34:10.0203 2696 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:34:10.0234 2696 uagp35 - ok
08:34:10.0250 2696 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:34:10.0328 2696 udfs - ok
08:34:10.0344 2696 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:34:10.0375 2696 UI0Detect - ok
08:34:10.0391 2696 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:34:10.0422 2696 uliagpkx - ok
08:34:10.0438 2696 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
08:34:10.0469 2696 umbus - ok
08:34:10.0484 2696 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:34:10.0516 2696 UmPass - ok
08:34:10.0531 2696 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
08:34:10.0563 2696 UmRdpService - ok
08:34:10.0578 2696 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:34:10.0656 2696 upnphost - ok
08:34:10.0672 2696 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
08:34:10.0719 2696 usbccgp - ok
08:34:10.0750 2696 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:34:10.0766 2696 usbehci - ok
08:34:10.0797 2696 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
08:34:10.0828 2696 usbhub - ok
08:34:10.0844 2696 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
08:34:10.0875 2696 usbohci - ok
08:34:10.0891 2696 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:34:10.0922 2696 usbprint - ok
08:34:10.0938 2696 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
08:34:10.0984 2696 USBSTOR - ok
08:34:11.0000 2696 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:34:11.0016 2696 usbuhci - ok
08:34:11.0031 2696 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:34:11.0094 2696 UxSms - ok
08:34:11.0109 2696 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:34:11.0125 2696 VaultSvc - ok
08:34:11.0141 2696 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:34:11.0172 2696 vdrvroot - ok
08:34:11.0188 2696 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:34:11.0266 2696 vds - ok
08:34:11.0281 2696 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:34:11.0297 2696 vga - ok
08:34:11.0313 2696 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:34:11.0359 2696 VgaSave - ok
08:34:11.0375 2696 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:34:11.0406 2696 vhdmp - ok
08:34:11.0438 2696 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:34:11.0453 2696 viaide - ok
08:34:11.0469 2696 [ 1720D283BDB1EAA7F21976586FF52B95 ] Vid C:\Windows\system32\drivers\Vid.sys
08:34:11.0500 2696 Vid - ok
08:34:11.0516 2696 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:34:11.0547 2696 vmbus - ok
08:34:11.0563 2696 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
08:34:11.0578 2696 VMBusHID - ok
08:34:11.0609 2696 [ ABF3B0C5D57C8E1B69ACA9D76169E87C ] vmci C:\Windows\system32\DRIVERS\vmci.sys
08:34:11.0625 2696 vmci - ok
08:34:11.0672 2696 [ BF00D49741139A46B85026CD4C5E0DB5 ] VMMEMCTL C:\Program Files\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys
08:34:11.0688 2696 VMMEMCTL - ok
08:34:11.0703 2696 [ 181C7CED01FF74CBE3590B033A60D02C ] vmmouse C:\Windows\system32\DRIVERS\vmmouse.sys
08:34:11.0719 2696 vmmouse - ok
08:34:11.0734 2696 [ DF3622859EC8B61A0A343509B0463A0D ] vmrawdsk C:\Program Files\VMware\VMware Tools\vmrawdsk.sys
08:34:11.0750 2696 vmrawdsk - ok
08:34:11.0781 2696 [ EE81A40B5AA9B284430C011C8AB2E8AD ] VMTools C:\Program Files\VMware\VMware Tools\VMwareService.exe
08:34:11.0828 2696 VMTools - ok
08:34:11.0844 2696 [ B49B55CD0ED3447435A8DC142C053DAD ] VMUpgradeHelper C:\Program Files\VMware\VMware Tools\VMUpgradeHelper.exe
08:34:11.0875 2696 VMUpgradeHelper - ok
08:34:11.0875 2696 vmvss - ok
08:34:11.0891 2696 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:34:11.0922 2696 volmgr - ok
08:34:11.0938 2696 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:34:11.0969 2696 volmgrx - ok
08:34:12.0000 2696 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:34:12.0031 2696 volsnap - ok
08:34:12.0047 2696 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:34:12.0078 2696 vsmraid - ok
08:34:12.0109 2696 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:34:12.0203 2696 VSS - ok
08:34:12.0234 2696 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:34:12.0313 2696 W32Time - ok
08:34:12.0344 2696 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
08:34:12.0375 2696 W3SVC - ok
08:34:12.0391 2696 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:34:12.0422 2696 WacomPen - ok
08:34:12.0438 2696 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:34:12.0500 2696 WANARP - ok
08:34:12.0500 2696 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:34:12.0547 2696 Wanarpv6 - ok
08:34:12.0563 2696 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
08:34:12.0578 2696 WAS - ok
08:34:12.0625 2696 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:34:12.0703 2696 wbengine - ok
08:34:12.0703 2696 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:34:12.0734 2696 WcsPlugInService - ok
08:34:12.0750 2696 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:34:12.0766 2696 Wd - ok
08:34:12.0813 2696 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:34:12.0859 2696 Wdf01000 - ok
08:34:12.0875 2696 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:34:12.0969 2696 WdiServiceHost - ok
08:34:12.0969 2696 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:34:13.0000 2696 WdiSystemHost - ok
08:34:13.0000 2696 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:34:13.0063 2696 Wecsvc - ok
08:34:13.0078 2696 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:34:13.0141 2696 wercplsupport - ok
08:34:13.0141 2696 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:34:13.0203 2696 WerSvc - ok
08:34:13.0219 2696 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:34:13.0266 2696 WfpLwf - ok
08:34:13.0266 2696 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:34:13.0297 2696 WIMMount - ok
08:34:13.0297 2696 WinHttpAutoProxySvc - ok
08:34:13.0375 2696 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:34:13.0438 2696 Winmgmt - ok
08:34:13.0484 2696 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
08:34:13.0578 2696 WinRM - ok
08:34:13.0609 2696 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:34:13.0641 2696 WmiAcpi - ok
08:34:13.0656 2696 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:34:13.0703 2696 wmiApSrv - ok
08:34:13.0719 2696 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:34:13.0797 2696 WPDBusEnum - ok
08:34:13.0859 2696 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:34:13.0969 2696 ws2ifsl - ok
08:34:14.0031 2696 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:34:14.0094 2696 wuauserv - ok
08:34:14.0109 2696 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:34:14.0156 2696 WudfPf - ok
08:34:14.0172 2696 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:34:14.0203 2696 wudfsvc - ok
08:34:14.0219 2696 ================ Scan global ===============================
08:34:14.0219 2696 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:34:14.0234 2696 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:34:14.0250 2696 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:34:14.0266 2696 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:34:14.0281 2696 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:34:14.0281 2696 [Global] - ok
08:34:14.0281 2696 ================ Scan MBR ==================================
08:34:14.0297 2696 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:34:14.0531 2696 \Device\Harddisk0\DR0 - ok
08:34:14.0531 2696 ================ Scan VBR ==================================
08:34:14.0547 2696 [ 2482DF44B23CBD2474F5A1EBBB1239F5 ] \Device\Harddisk0\DR0\Partition1
08:34:14.0547 2696 \Device\Harddisk0\DR0\Partition1 - ok
08:34:14.0563 2696 [ E3AA2738001878DC7A54F0D20756A92E ] \Device\Harddisk0\DR0\Partition2
08:34:14.0563 2696 \Device\Harddisk0\DR0\Partition2 - ok
08:34:14.0563 2696 ============================================================
08:34:14.0563 2696 Scan finished
08:34:14.0563 2696 ============================================================
08:34:14.0578 8380 Detected object count: 44
08:34:14.0578 8380 Actual detected object count: 44
08:35:11.0000 8380 DPMAdirektService ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0000 8380 DPMAdirektService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0000 8380 EPO_OLF_ATPAT1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0000 8380 EPO_OLF_ATPAT1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0016 8380 EPO_OLF_ATSFD1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0016 8380 EPO_OLF_ATSFD1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0016 8380 EPO_OLF_ATUMOD_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0016 8380 EPO_OLF_ATUMOD_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0016 8380 EPO_OLF_DE2007_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0016 8380 EPO_OLF_DE2007_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0031 8380 EPO_OLF_DKPAT1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0031 8380 EPO_OLF_DKPAT1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0031 8380 EPO_OLF_EP1038_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0031 8380 EPO_OLF_EP1038_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0031 8380 EPO_OLF_EP122K_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0031 8380 EPO_OLF_EP122K_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0031 8380 EPO_OLF_EP2000_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0031 8380 EPO_OLF_EP2000_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0047 8380 EPO_OLF_EPOPPO_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0047 8380 EPO_OLF_EPOPPO_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0047 8380 EPO_OLF_ES3101_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0047 8380 EPO_OLF_ES3101_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0063 8380 EPO_OLF_ESEPVL_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0063 8380 EPO_OLF_ESEPVL_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0063 8380 EPO_OLF_ESTSUB_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0063 8380 EPO_OLF_ESTSUB_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0063 8380 EPO_OLF_FIEPFI_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0063 8380 EPO_OLF_FIEPFI_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0078 8380 EPO_OLF_FIHAKE_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0078 8380 EPO_OLF_FIHAKE_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0078 8380 EPO_OLF_FIPCT1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0078 8380 EPO_OLF_FIPCT1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0078 8380 EPO_OLF_FISUBS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0078 8380 EPO_OLF_FISUBS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0078 8380 EPO_OLF_FIUMOD_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0078 8380 EPO_OLF_FIUMOD_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0094 8380 EPO_OLF_FMGRDN_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0094 8380 EPO_OLF_FMGRDN_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0094 8380 EPO_OLF_FMMNGR_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0094 8380 EPO_OLF_FMMNGR_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0094 8380 EPO_OLF_FRDPT4_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0094 8380 EPO_OLF_FRDPT4_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0094 8380 EPO_OLF_FRSUBS_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0094 8380 EPO_OLF_FRSUBS_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0094 8380 EPO_OLF_IBR101_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0094 8380 EPO_OLF_IBR101_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0109 8380 EPO_OLF_IBR401_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0109 8380 EPO_OLF_IBR401_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0109 8380 EPO_OLF_IBRSFD_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0109 8380 EPO_OLF_IBRSFD_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0109 8380 EPO_OLF_ISEPVL_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0109 8380 EPO_OLF_ISEPVL_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0109 8380 EPO_OLF_ISPAT1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0109 8380 EPO_OLF_ISPAT1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0109 8380 EPO_OLF_NLAANV_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0109 8380 EPO_OLF_NLAANV_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0125 8380 EPO_OLF_NLEPNL_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0125 8380 EPO_OLF_NLEPNL_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0125 8380 EPO_OLF_NLPOST_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0125 8380 EPO_OLF_NLPOST_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0125 8380 EPO_OLF_PLPAT1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0125 8380 EPO_OLF_PLPAT1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0125 8380 EPO_OLF_PLWZU1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0125 8380 EPO_OLF_PLWZU1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0125 8380 EPO_OLF_ROB01A_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0125 8380 EPO_OLF_ROB01A_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0141 8380 EPO_OLF_ROEPRO_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0141 8380 EPO_OLF_ROEPRO_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0141 8380 EPO_OLF_ROPCT1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0141 8380 EPO_OLF_ROPCT1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0141 8380 EPO_OLF_SEPAT1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0141 8380 EPO_OLF_SEPAT1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0141 8380 EPO_OLF_SEVAL1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0141 8380 EPO_OLF_SEVAL1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0141 8380 EPO_OLF_SK8001_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0141 8380 EPO_OLF_SK8001_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0156 8380 EPO_OLF_SK8002_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0156 8380 EPO_OLF_SK8002_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0156 8380 EPO_OLF_SKSFD1_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0156 8380 EPO_OLF_SKSFD1_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0156 8380 EPO_OLF_UK177E_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0156 8380 EPO_OLF_UK177E_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0156 8380 EPO_OLF_UKNPUK_Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0156 8380 EPO_OLF_UKNPUK_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0172 8380 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0172 8380 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:35:11.0172 8380 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
08:35:11.0172 8380 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
MBAR:
Für mich nichts verdächtiges, ?? meistens Symantec Code:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows Server 2008 R2 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 10.0.9200.16521
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.400000 GHz
Memory total: 10736951296, free: 6730244096
------------ Kernel report ------------
03/19/2013 08:38:26
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\DRIVERS\NDIS.SYS
\SystemRoot\system32\DRIVERS\msrpc.sys
\SystemRoot\system32\DRIVERS\NETIO.SYS
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\DRIVERS\lsi_sas.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\dfsrro.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\SRTSP64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\SystemRoot\System32\Drivers\SRTSPX64.SYS
\SystemRoot\system32\drivers\dfs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\vmmouse.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\vmci.sys
\SystemRoot\system32\DRIVERS\vgapnp.sys
\SystemRoot\system32\DRIVERS\E1G6032E.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\lmimirr.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_LSI_SAS.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\framebuf.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\HTTP.sys
\??\C:\Program Files\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys
\??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
\??\C:\Windows\system32\drivers\LMIRfsDriver.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\drivers\rdpdr.sys
\SystemRoot\system32\drivers\tdtcp.sys
\SystemRoot\System32\DRIVERS\tssecsrv.sys
\SystemRoot\System32\Drivers\RDPWD.SYS
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\RDPDD.dll
\SystemRoot\System32\drivers\SMR311.SYS
\??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130318.025\EX64.SYS
\??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20130318.025\ENG64.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\gdi32.dll
\Windows\System32\sechost.dll
\Windows\System32\imagehlp.dll
\Windows\System32\clbcatq.dll
\Windows\System32\user32.dll
\Windows\System32\difxapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\shlwapi.dll
\Windows\System32\msctf.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\Wldap32.dll
\Windows\System32\wininet.dll
\Windows\System32\usp10.dll
\Windows\System32\msvcrt.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shell32.dll
\Windows\System32\normaliz.dll
\Windows\System32\ws2_32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\nsi.dll
\Windows\System32\kernel32.dll
\Windows\System32\imm32.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8008a28060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000062\
Lower Device Object: 0xfffffa800880e530
Lower Device Driver Name: \Driver\LSI_SAS\
Device already Exists: 0xfffffa80106637e0
Downloaded database version: v2013.03.19.04
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8008a28060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8008a28b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8008a28060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800880e530, DeviceName: \Device\00000062\, DriverName: \Driver\LSI_SAS\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a00c3d4580, 0xfffffa8008a28060, 0xfffffa800cb12790
Lower DeviceData: 0xfffff8a0147c98e0, 0xfffffa800880e530, 0xfffffa80106637e0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\Windows\system32\drivers\SMR311.dat (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: D8FC951E
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 2147274752
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1099511627776 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-2147463648-2147483648)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
Was bedeutet dieser Eintrag "Disk drives: C:\ DRIVE_FIXED"?
Hat MBAR etwas geändert?
McAfee Labs Stinger hat auch nichts gefunden, aber Rootkit Scan funktioniert nur auf 32bit BS.
Symantec Komplett Scan auch nicht. |
Lesestoff: