Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Spyware Z.Bot124.Gen eingefangen

Spyware Z.Bot124.Gen eingefangen


Log-Analyse und Auswertung: Spyware Z.Bot124.Gen eingefangen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 13.08.2012, 20:02   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:
ATTFilter
:OTL
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:5.6
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.1.100012
FF - user.js - File not found
[2012.05.27 19:59:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n6w7b2n8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found.
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-21-2874892723-2777576554-1002166398-1000..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a5bf545a-503d-11e1-ad7e-0016cfd96530}\Shell - "" = AutoRun
O33 - MountPoints2\{a5bf545a-503d-11e1-ad7e-0016cfd96530}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a5bf545c-503d-11e1-ad7e-0016cfd96530}\Shell - "" = AutoRun
O33 - MountPoints2\{a5bf545c-503d-11e1-ad7e-0016cfd96530}\Shell\AutoRun\command - "" = E:\AutoRun.exe
:Files
C:\ProgramData\*.pad
C:\hb32.exe
C:\pdftk.exe
C:\wmpfirefoxplugin.exe
C:\zaSetup_92_058_000_de.exe
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache
C:\Windows.old\Windows\$NtUninstallMTF1011$\apUninstall.exe
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.08.2012, 19:51   #17
SkylightMuc
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


So,


Code:
ATTFilter
All processes killed
========== OTL ==========
Prefs.js: wtxpcom@mybrowserbar.com:5.6 removed from extensions.enabledItems
Prefs.js: toolbar@ask.com:3.14.1.100012 removed from extensions.enabledItems
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n6w7b2n8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n6w7b2n8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n6w7b2n8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n6w7b2n8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n6w7b2n8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n6w7b2n8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2874892723-2777576554-1002166398-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5bf545a-503d-11e1-ad7e-0016cfd96530}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5bf545a-503d-11e1-ad7e-0016cfd96530}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5bf545a-503d-11e1-ad7e-0016cfd96530}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5bf545a-503d-11e1-ad7e-0016cfd96530}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5bf545c-503d-11e1-ad7e-0016cfd96530}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5bf545c-503d-11e1-ad7e-0016cfd96530}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5bf545c-503d-11e1-ad7e-0016cfd96530}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5bf545c-503d-11e1-ad7e-0016cfd96530}\ not found.
File E:\AutoRun.exe not found.
========== FILES ==========
C:\ProgramData\go_0molg.pad moved successfully.
C:\hb32.exe moved successfully.
C:\pdftk.exe moved successfully.
C:\wmpfirefoxplugin.exe moved successfully.
C:\zaSetup_92_058_000_de.exe moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\Windows.old\Windows\$NtUninstallMTF1011$\apUninstall.exe moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 50694857 bytes
->Temporary Internet Files folder emptied: 922057132 bytes
->FireFox cache emptied: 64914400 bytes
->Flash cache emptied: 14081 bytes
 
User: ***Adm
->Temp folder emptied: 4499910 bytes
->Temporary Internet Files folder emptied: 120267051 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1070 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1199096 bytes
RecycleBin emptied: 1439529 bytes
 
Total Files Cleaned = 1.111,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: ***
->Flash cache emptied: 0 bytes
 
User: ***Adm
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.57.0 log created on 08142012_152203

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
__________________
Alt 15.08.2012, 19:19   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
__________________
Alt 16.08.2012, 08:32   #19
SkylightMuc
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Hallo,

Es gab noch eine zusätzliche Option "loaded modules" - hätte die mit angehakt werden müssen?

Hier ist der log

Code:
ATTFilter
09:26:20.0900 3192  TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
09:26:20.0978 3192  ============================================================
09:26:20.0978 3192  Current date / time: 2012/08/16 09:26:20.0978
09:26:20.0978 3192  SystemInfo:
09:26:20.0978 3192  
09:26:20.0978 3192  OS Version: 6.0.6002 ServicePack: 2.0
09:26:20.0978 3192  Product type: Workstation
09:26:20.0978 3192  ComputerName: ***-PC
09:26:20.0978 3192  UserName: ***
09:26:20.0978 3192  Windows directory: C:\Windows
09:26:20.0978 3192  System windows directory: C:\Windows
09:26:20.0978 3192  Processor architecture: Intel x86
09:26:20.0978 3192  Number of processors: 2
09:26:20.0978 3192  Page size: 0x1000
09:26:20.0978 3192  Boot type: Normal boot
09:26:20.0978 3192  ============================================================
09:26:28.0473 3192  Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:26:28.0473 3192  ============================================================
09:26:28.0473 3192  \Device\Harddisk0\DR0:
09:26:28.0473 3192  MBR partitions:
09:26:28.0473 3192  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0xB02886A
09:26:28.0503 3192  ============================================================
09:26:28.0693 3192  C: <-> \Device\Harddisk0\DR0\Partition1
09:26:28.0693 3192  ============================================================
09:26:28.0693 3192  Initialize success
09:26:28.0693 3192  ============================================================
09:27:34.0112 1344  ============================================================
09:27:34.0112 1344  Scan started
09:27:34.0112 1344  Mode: Manual; SigCheck; TDLFS; 
09:27:34.0112 1344  ============================================================
09:27:41.0772 1344  ================ Scan services =============================
09:27:45.0984 1344  [ 82b296ae1892fe3dbee00c9cf92f8ac7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
09:27:46.0158 1344  ACPI - ok
09:27:46.0478 1344  [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:27:46.0488 1344  AdobeARMservice - ok
09:27:46.0928 1344  [ 5e1a953c6472e7bb644892a4d0df5e72 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:27:47.0058 1344  AdobeFlashPlayerUpdateSvc - ok
09:27:47.0268 1344  [ 2edc5bbac6c651ece337bde8ed97c9fb ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:27:47.0318 1344  adp94xx - ok
09:27:47.0368 1344  [ b84088ca3cdca97da44a984c6ce1ccad ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:27:47.0398 1344  adpahci - ok
09:27:47.0428 1344  [ 7880c67bccc27c86fd05aa2afb5ea469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
09:27:47.0448 1344  adpu160m - ok
09:27:47.0578 1344  [ 9ae713f8e30efc2abccd84904333df4d ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:27:47.0608 1344  adpu320 - ok
09:27:47.0798 1344  [ 9d1fda9e086ba64e3c93c9de32461bcf ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:27:49.0120 1344  AeLookupSvc - ok
09:27:49.0450 1344  [ 3911b972b55fea0478476b2e777b29fa ] AFD             C:\Windows\system32\drivers\afd.sys
09:27:49.0587 1344  AFD - ok
09:27:49.0867 1344  [ ef23439cdd587f64c2c1b8825cead7d8 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:27:49.0883 1344  agp440 - ok
09:27:50.0014 1344  [ ae1fdf7bf7bb6c6a70f67699d880592a ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:27:50.0024 1344  aic78xx - ok
09:27:50.0164 1344  [ a1545b731579895d8cc44fc0481c1192 ] ALG             C:\Windows\System32\alg.exe
09:27:51.0794 1344  ALG - ok
09:27:51.0814 1344  [ 90395b64600ebb4552e26e178c94b2e4 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:27:51.0834 1344  aliide - ok
09:27:51.0884 1344  [ 2b13e304c9dfdfa5eb582f6a149fa2c7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:27:51.0894 1344  amdagp - ok
09:27:51.0914 1344  [ 0577df1d323fe75a739c787893d300ea ] amdide          C:\Windows\system32\drivers\amdide.sys
09:27:51.0944 1344  amdide - ok
09:27:52.0085 1344  [ dc487885bcef9f28eece6fac0e5ddfc5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
09:27:53.0738 1344  AmdK7 - ok
09:27:53.0769 1344  [ 0ca0071da4315b00fc1328ca86b425da ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:27:53.0899 1344  AmdK8 - ok
09:27:54.0069 1344  [ 466a0d95960dad3222c896d2cea99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
09:27:54.0079 1344  AntiVirSchedulerService - ok
09:27:54.0229 1344  [ a489be6bb0aa1ff406b488b60542314b ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
09:27:54.0239 1344  AntiVirService - ok
09:27:54.0529 1344  [ 676894fa57b671fec5c3f05f8929e03b ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
09:27:54.0659 1344  AntiVirWebService - ok
09:27:54.0799 1344  [ c6d704c7f0434dc791aac37cac4b6e14 ] Appinfo         C:\Windows\System32\appinfo.dll
09:27:54.0943 1344  Appinfo - ok
09:27:55.0272 1344  [ 7ef47644b74ebe721cc32211d3c35e76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:27:55.0373 1344  Apple Mobile Device - ok
09:27:55.0491 1344  [ 0fe769cae5855b53c90e23f85e7e89ff ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:27:55.0604 1344  AppMgmt - ok
09:27:55.0744 1344  [ 5f673180268bb1fdb69c99b6619fe379 ] arc             C:\Windows\system32\drivers\arc.sys
09:27:55.0774 1344  arc - ok
09:27:55.0807 1344  [ 957f7540b5e7f602e44648c7de5a1c05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:27:55.0833 1344  arcsas - ok
09:27:55.0998 1344  [ 53b202abee6455406254444303e87be1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:27:56.0090 1344  AsyncMac - ok
09:27:56.0139 1344  [ 1f05b78ab91c9075565a9d8a4b880bc4 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:27:56.0154 1344  atapi - ok
09:27:56.0283 1344  [ 68e2a1a0407a66cf50da0300852424ab ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:27:56.0365 1344  AudioEndpointBuilder - ok
09:27:56.0456 1344  [ 68e2a1a0407a66cf50da0300852424ab ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:27:56.0499 1344  Audiosrv - ok
09:27:56.0746 1344  [ d5541f0afb767e85fc412fc609d96a74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
09:27:56.0778 1344  avgntflt - ok
09:27:56.0883 1344  [ 7d967a682d4694df7fa57d63a2db01fe ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
09:27:56.0898 1344  avipbb - ok
09:27:57.0152 1344  [ 53e56450da16a1a7f0d002f511113f67 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
09:27:57.0168 1344  avkmgr - ok
09:27:57.0565 1344  [ cf6a67c90951e3e763d2135dede44b85 ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
09:27:58.0010 1344  BCM43XV - ok
09:27:58.0121 1344  [ 08015d34f6fdd0b355805bad978497c3 ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
09:27:58.0277 1344  bcm4sbxp - ok
09:27:58.0448 1344  [ 67e506b75bd5326a3ec7b70bd014dfb6 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:27:58.0511 1344  Beep - ok
09:27:58.0593 1344  [ c789af0f724fda5852fb9a7d3a432381 ] BFE             C:\Windows\System32\bfe.dll
09:27:58.0833 1344  BFE - ok
09:27:59.0453 1344  [ 93952506c6d67330367f7e7934b6a02f ] BITS            C:\Windows\System32\qmgr.dll
09:27:59.0583 1344  BITS - ok
09:27:59.0593 1344  blbdrive - ok
09:27:59.0924 1344  [ db5bea73edaf19ac68b2c0fad0f92b1a ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:27:59.0977 1344  Bonjour Service - ok
09:28:00.0026 1344  [ 35f376253f687bde63976ccb3f2108ca ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:28:00.0124 1344  bowser - ok
09:28:00.0192 1344  [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
09:28:00.0319 1344  BrFiltLo - ok
09:28:00.0344 1344  [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
09:28:00.0520 1344  BrFiltUp - ok
09:28:00.0572 1344  [ a3629a0c4226f9e9c72faaeebc3ad33c ] Browser         C:\Windows\System32\browser.dll
09:28:00.0721 1344  Browser - ok
09:28:00.0852 1344  [ b304e75cff293029eddf094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
09:28:00.0962 1344  Brserid - ok
09:28:01.0009 1344  [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
09:28:01.0096 1344  BrSerWdm - ok
09:28:01.0125 1344  [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
09:28:01.0171 1344  BrUsbMdm - ok
09:28:01.0197 1344  [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
09:28:01.0277 1344  BrUsbSer - ok
09:28:01.0402 1344  [ 6d39c954799b63ba866910234cf7d726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
09:28:01.0458 1344  BthEnum - ok
09:28:01.0511 1344  [ ad07c1ec6665b8b35741ab91200c6b68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:28:01.0600 1344  BTHMODEM - ok
09:28:01.0741 1344  [ 5904efa25f829bf84ea6fb045134a1d8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:28:01.0815 1344  BthPan - ok
09:28:01.0928 1344  [ 611ff3f2f095c8d4a6d4cfd9dcc09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
09:28:02.0191 1344  BTHPORT - ok
09:28:02.0235 1344  [ a4c8377fa4a994e07075107dbe2e3dce ] BthServ         C:\Windows\System32\bthserv.dll
09:28:02.0356 1344  BthServ - ok
09:28:02.0392 1344  [ d330803eab2a15caec7f011f1d4cb30e ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
09:28:02.0472 1344  BTHUSB - ok
09:28:02.0536 1344  [ 7add03e75beb9e6dd102c3081d29840a ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:28:02.0701 1344  cdfs - ok
09:28:02.0802 1344  [ 6b4bffb9becd728097024276430db314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:28:03.0003 1344  cdrom - ok
09:28:03.0136 1344  [ 312ec3e37a0a1f2006534913e37b4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:28:03.0288 1344  CertPropSvc - ok
09:28:03.0350 1344  [ da8e0afc7baa226c538ef53ac2f90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:28:03.0584 1344  circlass - ok
09:28:03.0674 1344  [ d7659d3b5b92c31e84e53c1431f35132 ] CLFS            C:\Windows\system32\CLFS.sys
09:28:03.0704 1344  CLFS - ok
09:28:03.0824 1344  [ 8ee772032e2fe80a924f3b8dd5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:28:03.0834 1344  clr_optimization_v2.0.50727_32 - ok
09:28:04.0024 1344  [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:28:04.0074 1344  clr_optimization_v4.0.30319_32 - ok
09:28:04.0144 1344  [ 99afc3795b58cc478fbbbcdc658fcb56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:28:04.0194 1344  CmBatt - ok
09:28:04.0314 1344  [ 45201046c776ffdaf3fc8a0029c581c8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:28:04.0324 1344  cmdide - ok
09:28:04.0444 1344  [ 6afef0b60fa25de07c0968983ee4f60a ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:28:04.0454 1344  Compbatt - ok
09:28:04.0464 1344  COMSysApp - ok
09:28:04.0534 1344  [ 2a213ae086bbec5e937553c7d9a2b22c ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:28:04.0544 1344  crcdisk - ok
09:28:04.0584 1344  [ 22a7f883508176489f559ee745b5bf5d ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
09:28:04.0694 1344  Crusoe - ok
09:28:04.0942 1344  [ 75c6a297e364014840b48eccd7525e30 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:28:05.0230 1344  CryptSvc - ok
09:28:05.0303 1344  [ 9bdb2e89be8d0ef37b1f25c3d3fc192c ] CSC             C:\Windows\system32\drivers\csc.sys
09:28:05.0606 1344  CSC - ok
09:28:05.0660 1344  [ 0a2095f92f6ae4fe6484d911b0c21e95 ] CscService      C:\Windows\System32\cscsvc.dll
09:28:05.0794 1344  CscService - ok
09:28:05.0844 1344  [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:28:05.0973 1344  DcomLaunch - ok
09:28:06.0018 1344  [ 622c41a07ca7e6dd91770f50d532cb6c ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:28:06.0112 1344  DfsC - ok
09:28:06.0664 1344  [ 2cc3dcfb533a1035b13dcab6160ab38b ] DFSR            C:\Windows\system32\DFSR.exe
09:28:07.0715 1344  DFSR - ok
09:28:07.0965 1344  [ 9028559c132146fb75eb7acf384b086a ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
09:28:08.0085 1344  Dhcp - ok
09:28:08.0165 1344  [ 5d4aefc3386920236a548271f8f1af6a ] disk            C:\Windows\system32\drivers\disk.sys
09:28:08.0185 1344  disk - ok
09:28:08.0235 1344  [ 57d762f6f5974af0da2be88a3349baaa ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:28:08.0275 1344  Dnscache - ok
09:28:08.0345 1344  [ 324fd74686b1ef5e7c19a8af49e748f6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:28:08.0445 1344  dot3svc - ok
09:28:08.0615 1344  [ a622e888f8aa2f6b49e9bc466f0e5def ] DPS             C:\Windows\system32\dps.dll
09:28:08.0675 1344  DPS - ok
09:28:08.0805 1344  [ 97fef831ab90bee128c9af390e243f80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:28:08.0905 1344  drmkaud - ok
09:28:09.0365 1344  [ c68ac676b0ef30cfbb1080adce49eb1f ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:28:09.0765 1344  DXGKrnl - ok
09:28:09.0954 1344  [ f88fb26547fd2ce6d0a5af2985892c48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
09:28:10.0007 1344  E1G60 - ok
09:28:10.0103 1344  [ c0b95e40d85cd807d614e264248a45b9 ] EapHost         C:\Windows\System32\eapsvc.dll
09:28:10.0202 1344  EapHost - ok
09:28:10.0344 1344  [ 7f64ea048dcfac7acf8b4d7b4e6fe371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
09:28:10.0366 1344  Ecache - ok
09:28:10.0975 1344  [ e8f3f21a71720c84bcf423b80028359f ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:28:11.0038 1344  elxstor - ok
09:28:11.0318 1344  [ 4e6b23dfc917ea39306b529b773950f4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
09:28:11.0833 1344  EMDMgmt - ok
09:28:11.0989 1344  [ 67058c46504bc12d821f38cf99b7b28f ] EventSystem     C:\Windows\system32\es.dll
09:28:12.0083 1344  EventSystem - ok
09:28:12.0208 1344  [ 22b408651f9123527bcee54b4f6c5cae ] exfat           C:\Windows\system32\drivers\exfat.sys
09:28:12.0332 1344  exfat - ok
09:28:12.0410 1344  [ 1e9b9a70d332103c52995e957dc09ef8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:28:12.0442 1344  fastfat - ok
09:28:12.0754 1344  [ dfba0f60fa301e5b1bfb1403a93ee23e ] Fax             C:\Windows\system32\fxssvc.exe
09:28:12.0988 1344  Fax - ok
09:28:13.0128 1344  [ 63bdada84951b9c03e641800e176898a ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:28:13.0300 1344  fdc - ok
09:28:13.0346 1344  [ 6629b5f0e98151f4afdd87567ea32ba3 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:28:13.0502 1344  fdPHost - ok
09:28:13.0549 1344  [ 89ed56dce8e47af40892778a5bd31fd2 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:28:13.0643 1344  FDResPub - ok
09:28:13.0908 1344  [ a8c0139a884861e3aae9cfe73b208a9f ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:28:13.0986 1344  FileInfo - ok
09:28:14.0042 1344  [ 0ae429a696aecbc5970e3cf2c62635ae ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:28:14.0162 1344  Filetrace - ok
09:28:14.0292 1344  [ 6603957eff5ec62d25075ea8ac27de68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:28:14.0382 1344  flpydisk - ok
09:28:14.0482 1344  [ 01334f9ea68e6877c4ef05d3ea8abb05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:28:14.0502 1344  FltMgr - ok
09:28:15.0092 1344  [ 8ce364388c8eca59b14b539179276d44 ] FontCache       C:\Windows\system32\FntCache.dll
09:28:15.0252 1344  FontCache - ok
09:28:15.0542 1344  [ c7fbdd1ed42f82bfa35167a5c9803ea3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:28:15.0552 1344  FontCache3.0.0.0 - ok
09:28:15.0602 1344  [ b972a66758577e0bfd1de0f91aaa27b5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:28:15.0702 1344  Fs_Rec - ok
09:28:15.0802 1344  [ 4e1cd0a45c50a8882616cae5bf82f3c5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:28:15.0812 1344  gagp30kx - ok
09:28:16.0303 1344  [ 8182ff89c65e4d38b2de4bb0fb18564e ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:28:16.0313 1344  GEARAspiWDM - ok
09:28:16.0508 1344  [ cd5d0aeee35dfd4e986a5aa1500a6e66 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:28:16.0939 1344  gpsvc - ok
09:28:17.0033 1344  [ f02a533f517eb38333cb12a9e8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:28:17.0045 1344  gupdate - ok
09:28:17.0057 1344  [ f02a533f517eb38333cb12a9e8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:28:17.0069 1344  gupdatem - ok
09:28:17.0441 1344  [ c1b577b2169900f4cf7190c39f085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:28:17.0456 1344  gusvc - ok
09:28:17.0599 1344  [ 3f90e001369a07243763bd5a523d8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:28:17.0656 1344  HdAudAddService - ok
09:28:17.0837 1344  [ 062452b7ffd68c8c042a6261fe8dff4a ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:28:18.0055 1344  HDAudBus - ok
09:28:18.0086 1344  [ 1338520e78d90154ed6be8f84de5fceb ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:28:18.0211 1344  HidBth - ok
09:28:18.0231 1344  [ ff3160c3a2445128c5a6d9b076da519e ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:28:18.0331 1344  HidIr - ok
09:28:18.0421 1344  [ 84067081f3318162797385e11a8f0582 ] hidserv         C:\Windows\system32\hidserv.dll
09:28:18.0531 1344  hidserv - ok
09:28:18.0651 1344  [ 3c64042b95e583b366ba4e5d2450235e ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
09:28:18.0741 1344  HidUsb - ok
09:28:18.0841 1344  [ d8ad255b37da92434c26e4876db7d418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:28:18.0921 1344  hkmsvc - ok
09:28:18.0971 1344  [ df353b401001246853763c4b7aaa6f50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
09:28:18.0981 1344  HpCISSs - ok
09:28:19.0141 1344  [ 46d67209550973257601a533e2ac5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:28:19.0201 1344  HSFHWAZL - ok
09:28:19.0551 1344  [ ec36f1d542ed4252390d446bf6d4dfd0 ] HSF_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:28:19.0651 1344  HSF_DPV - ok
09:28:19.0941 1344  [ f870aa3e254628ebeafe754108d664de ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:28:20.0121 1344  HTTP - ok
09:28:20.0231 1344  [ a89423d0132c8ab69ba621b6ce191714 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
09:28:20.0311 1344  hwdatacard - ok
09:28:20.0431 1344  [ 324c2152ff2c61abae92d09f3cca4d63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
09:28:20.0441 1344  i2omp - ok
09:28:20.0691 1344  [ 22d56c8184586b7a1f6fa60be5f5a2bd ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:28:20.0811 1344  i8042prt - ok
09:28:21.0511 1344  [ 5f43e40c46d98e5e1e7d8a77d7bbf738 ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:28:22.0700 1344  ialm - ok
09:28:22.0743 1344  [ c957bf4b5d80b46c5017bf0101e6c906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
09:28:22.0758 1344  iaStorV - ok
09:28:23.0045 1344  [ 98477b08e61945f974ed9fdc4cb6bdab ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:28:23.0217 1344  idsvc - ok
09:28:23.0388 1344  [ 5f43e40c46d98e5e1e7d8a77d7bbf738 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:28:23.0591 1344  igfx - ok
09:28:23.0654 1344  [ 2d077bf86e843f901d8db709c95b49a5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:28:23.0669 1344  iirsp - ok
09:28:23.0763 1344  [ 9908d8a397b76cd8d31d0d383c5773c9 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:28:23.0888 1344  IKEEXT - ok
09:28:23.0966 1344  [ 83aa759f3189e6370c30de5dc5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:28:23.0981 1344  intelide - ok
09:28:24.0059 1344  [ 224191001e78c89dfa78924c3ea595ff ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:28:24.0122 1344  intelppm - ok
09:28:24.0215 1344  [ 9ac218c6e6105477484c6fdbe7d409a4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:28:24.0324 1344  IPBusEnum - ok
09:28:24.0387 1344  [ 62c265c38769b864cb25b4bcf62df6c3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:28:24.0449 1344  IpFilterDriver - ok
09:28:24.0543 1344  [ 1998bd97f950680bb55f55a7244679c2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:28:24.0605 1344  iphlpsvc - ok
09:28:24.0605 1344  IpInIp - ok
09:28:24.0668 1344  [ 40f34f8aba2a015d780e4b09138b6c17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
09:28:24.0808 1344  IPMIDRV - ok
09:28:24.0839 1344  [ 8793643a67b42cec66490b2a0cf92d68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
09:28:24.0886 1344  IPNAT - ok
09:28:24.0997 1344  [ 57edb35ea2feca88f8b17c0c095c9a56 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:28:25.0107 1344  iPod Service - ok
09:28:25.0177 1344  [ 109c0dfb82c3632fbd11949b73aeeac9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:28:25.0287 1344  IRENUM - ok
09:28:25.0337 1344  [ 350fca7e73cf65bcef43fae1e4e91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:28:25.0357 1344  isapnp - ok
09:28:25.0437 1344  [ 232fa340531d940aac623b121a595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
09:28:25.0457 1344  iScsiPrt - ok
09:28:25.0487 1344  [ bced60d16156e428f8df8cf27b0df150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
09:28:25.0497 1344  iteatapi - ok
09:28:25.0547 1344  [ 06fa654504a498c30adca8bec4e87e7e ] iteraid         C:\Windows\system32\drivers\iteraid.sys
09:28:25.0557 1344  iteraid - ok
09:28:25.0617 1344  [ 37605e0a8cf00cbba538e753e4344c6e ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:28:25.0627 1344  kbdclass - ok
09:28:25.0657 1344  [ d2600cb17b7408b4a83f231dc9a11ac3 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:28:25.0737 1344  kbdhid - ok
09:28:25.0797 1344  [ a3e186b4b935905b829219502557314e ] KeyIso          C:\Windows\system32\lsass.exe
09:28:25.0877 1344  KeyIso - ok
09:28:25.0947 1344  [ 4a1445efa932a3baf5bdb02d7131ee20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:28:25.0997 1344  KSecDD - ok
09:28:26.0127 1344  [ 8078f8f8f7a79e2e6b494523a828c585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:28:26.0297 1344  KtmRm - ok
09:28:26.0377 1344  [ 1bf5eebfd518dd7298434d8c862f825d ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:28:26.0417 1344  LanmanServer - ok
09:28:26.0487 1344  [ 1db69705b695b987082c8baec0c6b34f ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:28:26.0557 1344  LanmanWorkstation - ok
09:28:26.0617 1344  [ d1c5883087a0c3f1344d9d55a44901f6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:28:26.0657 1344  lltdio - ok
09:28:26.0747 1344  [ 2d5a428872f1442631d0959a34abff63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:28:26.0867 1344  lltdsvc - ok
09:28:26.0897 1344  [ 35d40113e4a5b961b6ce5c5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:28:26.0997 1344  lmhosts - ok
09:28:27.0037 1344  [ a2262fb9f28935e862b4db46438c80d2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:28:27.0057 1344  LSI_FC - ok
09:28:27.0087 1344  [ 30d73327d390f72a62f32c103daf1d6d ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:28:27.0097 1344  LSI_SAS - ok
09:28:27.0117 1344  [ e1e36fefd45849a95f1ab81de0159fe3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:28:27.0137 1344  LSI_SCSI - ok
09:28:27.0187 1344  [ 8f5c7426567798e62a3b3614965d62cc ] luafv           C:\Windows\system32\drivers\luafv.sys
09:28:27.0277 1344  luafv - ok
09:28:27.0397 1344  [ 6dfe7f2e8e8a337263aa5c92a215f161 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:28:27.0407 1344  MBAMProtector - ok
09:28:27.0707 1344  [ 43683e970f008c93c9429ef428147a54 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:28:28.0449 1344  MBAMService - ok
09:28:28.0691 1344  [ d153b14fc6598eae8422a2037553adce ] megasas         C:\Windows\system32\drivers\megasas.sys
09:28:28.0708 1344  megasas - ok
09:28:28.0766 1344  [ 1076ffcffaae8385fd62dfcb25ac4708 ] MMCSS           C:\Windows\system32\mmcss.dll
09:28:28.0847 1344  MMCSS - ok
09:28:28.0927 1344  [ e13b5ea0f51ba5b1512ec671393d09ba ] Modem           C:\Windows\system32\drivers\modem.sys
09:28:28.0953 1344  Modem - ok
09:28:28.0997 1344  [ 0a9bb33b56e294f686abb7c1e4e2d8a8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:28:29.0029 1344  monitor - ok
09:28:29.0076 1344  [ 5bf6a1326a335c5298477754a506d263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:28:29.0090 1344  mouclass - ok
09:28:29.0130 1344  [ a3a6dff7e9e757db3df51a833bc28885 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
09:28:29.0226 1344  mouhid - ok
09:28:29.0294 1344  [ bdafc88aa6b92f7842416ea6a48e1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
09:28:29.0316 1344  MountMgr - ok
09:28:29.0379 1344  [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:28:29.0392 1344  MozillaMaintenance - ok
09:28:29.0500 1344  [ 583a41f26278d9e0ea548163d6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:28:29.0514 1344  mpio - ok
09:28:29.0566 1344  [ 22241feba9b2defa669c8cb0a8dd7d2e ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:28:29.0622 1344  mpsdrv - ok
09:28:29.0704 1344  [ 5de62c6e9108f14f6794060a9bdecaec ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:28:29.0796 1344  MpsSvc - ok
09:28:29.0839 1344  [ 4fbbb70d30fd20ec51f80061703b001e ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
09:28:29.0851 1344  Mraid35x - ok
09:28:29.0914 1344  [ 82cea0395524aacfeb58ba1448e8325c ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:28:29.0992 1344  MRxDAV - ok
09:28:30.0052 1344  [ 1e94971c4b446ab2290deb71d01cf0c2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:28:30.0126 1344  mrxsmb - ok
09:28:30.0169 1344  [ 4fccb34d793b116423209c0f8b7a3b03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:28:30.0249 1344  mrxsmb10 - ok
09:28:30.0335 1344  [ c3cb1b40ad4a0124d617a1199b0b9d7c ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:28:30.0374 1344  mrxsmb20 - ok
09:28:30.0454 1344  [ 742aed7939e734c36b7e8d6228ce26b7 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:28:30.0466 1344  msahci - ok
09:28:30.0520 1344  [ 3fc82a2ae4cc149165a94699183d3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:28:30.0533 1344  msdsm - ok
09:28:30.0599 1344  [ fd7520cc3a80c5fc8c48852bb24c6ded ] MSDTC           C:\Windows\System32\msdtc.exe
09:28:30.0715 1344  MSDTC - ok
09:28:30.0772 1344  [ a9927f4a46b816c92f461acb90cf8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:28:30.0877 1344  Msfs - ok
09:28:31.0025 1344  [ 0f400e306f385c56317357d6dea56f62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:28:31.0038 1344  msisadrv - ok
09:28:31.0128 1344  [ 85466c0757a23d9a9aecdc0755203cb2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:28:31.0171 1344  MSiSCSI - ok
09:28:31.0177 1344  msiserver - ok
09:28:31.0221 1344  [ d8c63d34d9c9e56c059e24ec7185cc07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:28:31.0255 1344  MSKSSRV - ok
09:28:31.0369 1344  [ 1d373c90d62ddb641d50e55b9e78d65e ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:28:31.0556 1344  MSPCLOCK - ok
09:28:31.0587 1344  [ b572da05bf4e098d4bba3a4734fb505b ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:28:31.0681 1344  MSPQM - ok
09:28:31.0712 1344  [ b49456d70555de905c311bcda6ec6adb ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:28:31.0743 1344  MsRPC - ok
09:28:31.0790 1344  [ e384487cb84be41d09711c30ca79646c ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:28:31.0806 1344  mssmbios - ok
09:28:31.0837 1344  [ 7199c1eec1e4993caf96b8c0a26bd58a ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:28:31.0888 1344  MSTEE - ok
09:28:31.0928 1344  [ 6a57b5733d4cb702c8ea4542e836b96c ] Mup             C:\Windows\system32\Drivers\mup.sys
09:28:31.0938 1344  Mup - ok
09:28:32.0028 1344  [ e4eaf0c5c1b41b5c83386cf212ca9584 ] napagent        C:\Windows\system32\qagentRT.dll
09:28:32.0108 1344  napagent - ok
09:28:32.0248 1344  [ 85c44fdff9cf7e72a40dcb7ec06a4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:28:32.0358 1344  NativeWifiP - ok
09:28:32.0458 1344  [ 1357274d1883f68300aeadd15d7bbb42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:28:32.0498 1344  NDIS - ok
09:28:32.0568 1344  [ 0e186e90404980569fb449ba7519ae61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:28:32.0638 1344  NdisTapi - ok
09:28:32.0678 1344  [ d6973aa34c4d5d76c0430b181c3cd389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:28:32.0758 1344  Ndisuio - ok
09:28:32.0808 1344  [ 818f648618ae34f729fdb47ec68345c3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:28:32.0828 1344  NdisWan - ok
09:28:32.0868 1344  [ 71dab552b41936358f3b541ae5997fb3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:28:32.0908 1344  NDProxy - ok
09:28:32.0998 1344  [ bcd093a5a6777cf626434568dc7dba78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:28:33.0058 1344  NetBIOS - ok
09:28:33.0167 1344  [ ecd64230a59cbd93c85f1cd1cab9f3f6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
09:28:33.0213 1344  netbt - ok
09:28:33.0248 1344  [ a3e186b4b935905b829219502557314e ] Netlogon        C:\Windows\system32\lsass.exe
09:28:33.0273 1344  Netlogon - ok
09:28:33.0386 1344  [ c8052711daecc48b982434c5116ca401 ] Netman          C:\Windows\System32\netman.dll
09:28:33.0467 1344  Netman - ok
09:28:33.0546 1344  [ 2ef3bbe22e5a5acd1428ee387a0d0172 ] netprofm        C:\Windows\System32\netprofm.dll
09:28:33.0624 1344  netprofm - ok
09:28:33.0665 1344  [ d6c4e4a39a36029ac0813d476fbd0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:28:33.0677 1344  NetTcpPortSharing - ok
09:28:33.0736 1344  [ 2e7fb731d4790a1bc6270accefacb36e ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:28:33.0748 1344  nfrd960 - ok
09:28:33.0839 1344  [ 2997b15415f9bbe05b5a4c1c85e0c6a2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:28:33.0870 1344  NlaSvc - ok
09:28:34.0046 1344  [ d36f239d7cce1931598e8fb90a0dbc26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:28:34.0086 1344  Npfs - ok
09:28:34.0122 1344  [ 8bb86f0c7eea2bded6fe095d0b4ca9bd ] nsi             C:\Windows\system32\nsisvc.dll
09:28:34.0149 1344  nsi - ok
09:28:34.0211 1344  [ 609773e344a97410ce4ebf74a8914fcf ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:28:34.0313 1344  nsiproxy - ok
09:28:34.0471 1344  [ 6a4a98cee84cf9e99564510dda4baa47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:28:34.0541 1344  Ntfs - ok
09:28:34.0606 1344  [ e875c093aec0c978a90f30c9e0dfbb72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
09:28:34.0670 1344  ntrigdigi - ok
09:28:34.0703 1344  [ c5dbbcda07d780bda9b685df333bb41e ] Null            C:\Windows\system32\drivers\Null.sys
09:28:34.0789 1344  Null - ok
09:28:34.0825 1344  [ e69e946f80c1c31c53003bfbf50cbb7c ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:28:34.0889 1344  nvraid - ok
09:28:34.0917 1344  [ 9e0ba19a28c498a6d323d065db76dffc ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:28:34.0946 1344  nvstor - ok
09:28:34.0997 1344  [ 07c186427eb8fcc3d8d7927187f260f7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:28:35.0011 1344  nv_agp - ok
09:28:35.0018 1344  NwlnkFlt - ok
09:28:35.0026 1344  NwlnkFwd - ok
09:28:35.0074 1344  [ 6f310e890d46e246e0e261a63d9b36b4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
09:28:35.0137 1344  ohci1394 - ok
09:28:35.0250 1344  [ 7a56cf3e3f12e8af599963b16f50fb6a ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:28:35.0279 1344  ose - ok
09:28:35.0358 1344  [ 0c8e8e61ad1eb0b250b846712c917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
09:28:35.0520 1344  p2pimsvc - ok
09:28:35.0535 1344  [ 0c8e8e61ad1eb0b250b846712c917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:28:35.0623 1344  p2psvc - ok
09:28:35.0672 1344  [ 0fa9b5055484649d63c303fe404e5f4d ] Parport         C:\Windows\system32\drivers\parport.sys
09:28:35.0760 1344  Parport - ok
09:28:35.0843 1344  [ b9c2b89f08670e159f7181891e449cd9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:28:35.0886 1344  partmgr - ok
09:28:35.0922 1344  [ 4f9a6a8a31413180d0fcb279ad5d8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:28:35.0988 1344  Parvdm - ok
09:28:36.0022 1344  [ c6276ad11f4bb49b58aa1ed88537f14a ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:28:36.0239 1344  PcaSvc - ok
09:28:36.0300 1344  [ 941dc1d19e7e8620f40bbc206981efdb ] pci             C:\Windows\system32\drivers\pci.sys
09:28:36.0318 1344  pci - ok
09:28:36.0353 1344  [ 3b1901e401473e03eb8c874271e50c26 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:28:36.0368 1344  pciide - ok
09:28:36.0386 1344  [ e6f3fb1b86aa519e7698ad05e58b04e5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:28:36.0401 1344  pcmcia - ok
09:28:36.0443 1344  [ 6349f6ed9c623b44b52ea3c63c831a92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:28:36.0874 1344  PEAUTH - ok
09:28:36.0999 1344  [ b1689df169143f57053f795390c99db3 ] pla             C:\Windows\system32\pla.dll
09:28:37.0094 1344  pla - ok
09:28:37.0168 1344  [ c5e7f8a996ec0a82d508fd9064a5569e ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:28:37.0234 1344  PlugPlay - ok
09:28:37.0283 1344  [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
09:28:37.0353 1344  PNRPAutoReg - ok
09:28:37.0369 1344  [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
09:28:37.0399 1344  PNRPsvc - ok
09:28:37.0514 1344  [ d0494460421a03cd5225cca0059aa146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:28:37.0591 1344  PolicyAgent - ok
09:28:37.0643 1344  [ ecfffaec0c1ecd8dbc77f39070ea1db1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:28:37.0680 1344  PptpMiniport - ok
09:28:37.0720 1344  [ 0e3cef5d28b40cf273281d620c50700a ] Processor       C:\Windows\system32\drivers\processr.sys
09:28:37.0797 1344  Processor - ok
09:28:37.0867 1344  [ 0508faa222d28835310b7bfca7a77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:28:37.0927 1344  ProfSvc - ok
09:28:37.0947 1344  [ a3e186b4b935905b829219502557314e ] ProtectedStorage C:\Windows\system32\lsass.exe
09:28:37.0991 1344  ProtectedStorage - ok
09:28:38.0008 1344  [ 99514faa8df93d34b5589187db3aa0ba ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
09:28:38.0070 1344  PSched - ok
09:28:38.0102 1344  [ 49452bfcec22f36a7a9b9c2181bc3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
09:28:38.0114 1344  PxHelp20 - ok
09:28:38.0157 1344  [ ccdac889326317792480c0a67156a1ec ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:28:38.0206 1344  ql2300 - ok
09:28:38.0253 1344  [ 81a7e5c076e59995d54bc1ed3a16e60b ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:28:38.0266 1344  ql40xx - ok
09:28:38.0354 1344  [ e9ecae663f47e6cb43962d18ab18890f ] QWAVE           C:\Windows\system32\qwave.dll
09:28:38.0397 1344  QWAVE - ok
09:28:38.0427 1344  [ 9f5e0e1926014d17486901c88eca2db7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:28:38.0466 1344  QWAVEdrv - ok
09:28:38.0503 1344  [ 147d7f9c556d259924351feb0de606c3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:28:38.0548 1344  RasAcd - ok
09:28:38.0590 1344  [ f6a452eb4ceadbb51c9e0ee6b3ecef0f ] RasAuto         C:\Windows\System32\rasauto.dll
09:28:38.0632 1344  RasAuto - ok
09:28:38.0698 1344  [ a214adbaf4cb47dd2728859ef31f26b0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:28:38.0724 1344  Rasl2tp - ok
09:28:38.0817 1344  [ 75d47445d70ca6f9f894b032fbc64fcf ] RasMan          C:\Windows\System32\rasmans.dll
09:28:38.0886 1344  RasMan - ok
09:28:38.0923 1344  [ 509a98dd18af4375e1fc40bc175f1def ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:28:38.0958 1344  RasPppoe - ok
09:28:38.0994 1344  [ 2005f4a1e05fa09389ac85840f0a9e4d ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:28:39.0028 1344  RasSstp - ok
09:28:39.0100 1344  [ b14c9d5b9add2f84f70570bbbfaa7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:28:39.0141 1344  rdbss - ok
09:28:39.0330 1344  [ 89e59be9a564262a3fb6c4f4f1cd9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:28:39.0396 1344  RDPCDD - ok
09:28:39.0505 1344  [ 943b18305eae3935598a9b4a3d560b4c ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
09:28:39.0576 1344  rdpdr - ok
09:28:39.0616 1344  [ 9d91fe5286f748862ecffa05f8a0710c ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:28:39.0666 1344  RDPENCDD - ok
09:28:39.0708 1344  [ c127ebd5afab31524662c48dfceb773a ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:28:40.0044 1344  RDPWD - ok
09:28:40.0107 1344  [ bcdd6b4804d06b1f7ebf29e53a57ece9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:28:40.0153 1344  RemoteAccess - ok
09:28:40.0253 1344  [ 9e6894ea18daff37b63e1005f83ae4ab ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:28:40.0303 1344  RemoteRegistry - ok
09:28:40.0463 1344  [ 6482707f9f4da0ecbab43b2e0398a101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:28:40.0483 1344  RFCOMM - ok
09:28:40.0563 1344  [ ea885e7a56f1be1f14c372337c42fe48 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
09:28:40.0593 1344  rimmptsk - ok
09:28:40.0643 1344  [ d7e09bc852684a7b1fc0f74fe090d45a ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
09:28:40.0733 1344  rimsptsk - ok
09:28:40.0833 1344  [ b0a7494a9ba7909efac64e05d3f160db ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
09:28:41.0023 1344  rismxdp - ok
09:28:41.0093 1344  [ 5123f83cbc4349d065534eeb6bbdc42b ] RpcLocator      C:\Windows\system32\locator.exe
09:28:41.0193 1344  RpcLocator - ok
09:28:41.0303 1344  [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] RpcSs           C:\Windows\system32\rpcss.dll
09:28:41.0653 1344  RpcSs - ok
09:28:41.0793 1344  [ 9c508f4074a39e8b4b31d27198146fad ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:28:41.0863 1344  rspndr - ok
09:28:41.0933 1344  [ a3e186b4b935905b829219502557314e ] SamSs           C:\Windows\system32\lsass.exe
09:28:41.0963 1344  SamSs - ok
09:28:42.0063 1344  [ 3ce8f073a557e172b330109436984e30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:28:42.0077 1344  sbp2port - ok
09:28:42.0437 1344  [ 794d4b48dfb6e999537c7c3947863463 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
09:28:43.0286 1344  SBSDWSCService - ok
09:28:43.0482 1344  [ 77b7a11a0c3d78d3386398fbbea1b632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:28:43.0532 1344  SCardSvr - ok
09:28:43.0839 1344  [ 1a58069db21d05eb2ab58ee5753ebe8d ] Schedule        C:\Windows\system32\schedsvc.dll
09:28:44.0409 1344  Schedule - ok
09:28:44.0503 1344  [ 312ec3e37a0a1f2006534913e37b4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:28:44.0549 1344  SCPolicySvc - ok
09:28:44.0752 1344  [ 8f36b54688c31eed4580129040c6a3d3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
09:28:44.0768 1344  sdbus - ok
09:28:44.0863 1344  [ 716313d9f6b0529d03f726d5aaf6f191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:28:44.0963 1344  SDRSVC - ok
09:28:44.0973 1344  [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:28:45.0043 1344  secdrv - ok
09:28:45.0143 1344  [ fd5199d4d8a521005e4b5ee7fe00fa9b ] seclogon        C:\Windows\system32\seclogon.dll
09:28:45.0313 1344  seclogon - ok
09:28:45.0383 1344  [ a9bbab5759771e523f55563d6cbe140f ] SENS            C:\Windows\System32\sens.dll
09:28:45.0443 1344  SENS - ok
09:28:45.0583 1344  [ 68e44e331d46f0fb38f0863a84cd1a31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:28:45.0693 1344  Serenum - ok
09:28:45.0743 1344  [ c70d69a918b178d3c3b06339b40c2e1b ] Serial          C:\Windows\system32\drivers\serial.sys
09:28:45.0793 1344  Serial - ok
09:28:45.0853 1344  [ 8af3d28a879bf75db53a0ee7a4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:28:45.0883 1344  sermouse - ok
09:28:45.0963 1344  [ d2193326f729b163125610dbf3e17d57 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:28:45.0993 1344  SessionEnv - ok
09:28:46.0043 1344  [ 3efa810bdca87f6ecc24f9832243fe86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
09:28:46.0163 1344  sffdisk - ok
09:28:46.0213 1344  [ 8fd08a310645fe872eeec6e08c6bf3ee ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:28:46.0303 1344  sffp_mmc - ok
09:28:46.0383 1344  [ 9f66a46c55d6f1ccabc79bb7afccc545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
09:28:46.0423 1344  sffp_sd - ok
09:28:46.0453 1344  [ 46ed8e91793b2e6f848015445a0ac188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:28:46.0523 1344  sfloppy - ok
09:28:46.0623 1344  [ e1499bd0ff76b1b2fbbf1af339d91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:28:46.0683 1344  SharedAccess - ok
09:28:46.0803 1344  [ c7230fbee14437716701c15be02c27b8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:28:46.0843 1344  ShellHWDetection - ok
09:28:46.0943 1344  [ d2a595d6eebeeaf4334f8e50efbc9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:28:46.0963 1344  sisagp - ok
09:28:46.0983 1344  [ cedd6f4e7d84e9f98b34b3fe988373aa ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
09:28:46.0993 1344  SiSRaid2 - ok
09:28:47.0013 1344  [ df843c528c4f69d12ce41ce462e973a7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:28:47.0033 1344  SiSRaid4 - ok
09:28:47.0901 1344  [ 862bb4cbc05d80c5b45be430e5ef872f ] slsvc           C:\Windows\system32\SLsvc.exe
09:28:49.0212 1344  slsvc - ok
09:28:49.0290 1344  [ 6edc422215cd78aa8a9cde6b30abbd35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
09:28:49.0322 1344  SLUINotify - ok
09:28:49.0431 1344  [ 7b75299a4d201d6a6533603d6914ab04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:28:49.0446 1344  Smb - ok
09:28:49.0540 1344  [ 2a146a055b4401c16ee62d18b8e2a032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:28:49.0571 1344  SNMPTRAP - ok
09:28:50.0024 1344  [ 7aebdeef071fe28b0eef2cdd69102bff ] spldr           C:\Windows\system32\drivers\spldr.sys
09:28:50.0039 1344  spldr - ok
09:28:50.0117 1344  [ 8554097e5136c3bf9f69fe578a1b35f4 ] Spooler         C:\Windows\System32\spoolsv.exe
09:28:50.0320 1344  Spooler - ok
09:28:50.0554 1344  [ 41987f9fc0e61adf54f581e15029ad91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:28:50.0960 1344  srv - ok
09:28:51.0084 1344  [ ff33aff99564b1aa534f58868cbe41ef ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:28:51.0225 1344  srv2 - ok
09:28:51.0490 1344  [ 7605c0e1d01a08f3ecd743f38b834a44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:28:51.0630 1344  srvnet - ok
09:28:51.0724 1344  [ 03d50b37234967433a5ea5ba72bc0b62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:28:52.0551 1344  SSDPSRV - ok
09:28:52.0629 1344  [ a36ee93698802cd899f98bfd553d8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
09:28:52.0644 1344  ssmdrv - ok
09:28:53.0019 1344  [ 6f1a32e7b7b30f004d9a20afadb14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:28:53.0206 1344  SstpSvc - ok
09:28:53.0378 1344  [ 5de7d67e49b88f5f07f3e53c4b92a352 ] stisvc          C:\Windows\System32\wiaservc.dll
09:28:53.0830 1344  stisvc - ok
09:28:54.0033 1344  [ 7ba58ecf0c0a9a69d44b3dca62becf56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:28:54.0048 1344  swenum - ok
09:28:54.0360 1344  [ f21fd248040681cca1fb6c9a03aaa93d ] swprv           C:\Windows\System32\swprv.dll
09:28:54.0660 1344  swprv - ok
09:28:54.0820 1344  [ 192aa3ac01df071b541094f251deed10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
09:28:54.0840 1344  Symc8xx - ok
09:28:54.0880 1344  [ 8c8eb8c76736ebaf3b13b633b2e64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
09:28:54.0890 1344  Sym_hi - ok
09:28:54.0980 1344  [ 8072af52b5fd103bbba387a1e49f62cb ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
09:28:55.0000 1344  Sym_u3 - ok
09:28:55.0241 1344  [ 9a51b04e9886aa4ee90093586b0ba88d ] SysMain         C:\Windows\system32\sysmain.dll
09:28:55.0300 1344  SysMain - ok
09:28:55.0491 1344  [ 2dca225eae15f42c0933e998ee0231c3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:28:55.0507 1344  TabletInputService - ok
09:28:55.0666 1344  [ d7673e4b38ce21ee54c59eeeb65e2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:28:55.0770 1344  TapiSrv - ok
09:28:55.0835 1344  [ cb05822cd9cc6c688168e113c603dbe7 ] TBS             C:\Windows\System32\tbssvc.dll
09:28:55.0877 1344  TBS - ok
09:28:56.0698 1344  [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:28:58.0502 1344  Tcpip - ok
09:28:58.0942 1344  [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
09:29:00.0045 1344  Tcpip6 - ok
09:29:00.0212 1344  [ 608c345a255d82a6289c2d468eb41fd7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:29:00.0396 1344  tcpipreg - ok
09:29:00.0654 1344  [ 5dcf5e267be67a1ae926f2df77fbcc56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:29:00.0680 1344  TDPIPE - ok
09:29:00.0715 1344  [ 389c63e32b3cefed425b61ed92d3f021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:29:00.0751 1344  TDTCP - ok
09:29:00.0830 1344  [ 76b06eb8a01fc8624d699e7045303e54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:29:00.0878 1344  tdx - ok
09:29:00.0933 1344  [ 3cad38910468eab9a6479e2f01db43c7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:29:00.0953 1344  TermDD - ok
09:29:01.0124 1344  [ bb95da09bef6e7a131bff3ba5032090d ] TermService     C:\Windows\System32\termsrv.dll
09:29:01.0444 1344  TermService - ok
09:29:01.0576 1344  [ c7230fbee14437716701c15be02c27b8 ] Themes          C:\Windows\system32\shsvcs.dll
09:29:01.0689 1344  Themes - ok
09:29:01.0721 1344  [ 1076ffcffaae8385fd62dfcb25ac4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:29:01.0764 1344  THREADORDER - ok
09:29:01.0822 1344  [ ec74e77d0eb004bd3a809b5f8fb8c2ce ] TrkWks          C:\Windows\System32\trkwks.dll
09:29:01.0851 1344  TrkWks - ok
09:29:01.0975 1344  [ 97d9d6a04e3ad9b6c626b9931db78dba ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:29:02.0011 1344  TrustedInstaller - ok
09:29:02.0046 1344  [ dcf0f056a2e4f52287264f5ab29cf206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:29:02.0087 1344  tssecsrv - ok
09:29:02.0196 1344  [ caecc0120ac49e3d2f758b9169872d38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
09:29:02.0336 1344  tunmp - ok
09:29:02.0399 1344  [ 300db877ac094feab0be7688c3454a9c ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:29:02.0461 1344  tunnel - ok
09:29:02.0555 1344  [ c3ade15414120033a36c0f293d4a4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:29:02.0570 1344  uagp35 - ok
09:29:02.0664 1344  [ d9728af68c4c7693cb100b8441cbdec6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:29:02.0679 1344  udfs - ok
09:29:02.0731 1344  [ ecef404f62863755951e09c802c94ad5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:29:02.0781 1344  UI0Detect - ok
09:29:02.0931 1344  [ 75e6890ebfce0841d3291b02e7a8bdb0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:29:02.0941 1344  uliagpkx - ok
09:29:02.0981 1344  [ 3cd4ea35a6221b85dcc25daa46313f8d ] uliahci         C:\Windows\system32\drivers\uliahci.sys
09:29:03.0001 1344  uliahci - ok
09:29:03.0021 1344  [ 8514d0e5cd0534467c5fc61be94a569f ] UlSata          C:\Windows\system32\drivers\ulsata.sys
09:29:03.0071 1344  UlSata - ok
09:29:03.0091 1344  [ 38c3c6e62b157a6bc46594fada45c62b ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
09:29:03.0101 1344  ulsata2 - ok
09:29:03.0131 1344  [ 32cff9f809ae9aed85464492bf3e32d2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:29:03.0181 1344  umbus - ok
09:29:03.0331 1344  [ 8a66360f38f81e960e2367b428cbd5d9 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:29:03.0431 1344  UmRdpService - ok
09:29:03.0501 1344  [ 68308183f4ae0be7bf8ecd07cb297999 ] upnphost        C:\Windows\System32\upnphost.dll
09:29:03.0551 1344  upnphost - ok
09:29:03.0681 1344  [ eafe1e00739afe6c51487a050e772e17 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
09:29:03.0761 1344  USBAAPL - ok
09:29:03.0851 1344  [ caf811ae4c147ffcd5b51750c7f09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:29:03.0911 1344  usbccgp - ok
09:29:04.0001 1344  [ e9476e6c486e76bc4898074768fb7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:29:04.0121 1344  usbcir - ok
09:29:04.0308 1344  [ 79e96c23a97ce7b8f14d310da2db0c9b ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:29:04.0589 1344  usbehci - ok
09:29:04.0764 1344  [ 4673bbcb006af60e7abddbe7a130ba42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:29:04.0836 1344  usbhub - ok
09:29:04.0954 1344  [ 38dbc7dd6cc5a72011f187425384388b ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:29:05.0060 1344  usbohci - ok
09:29:05.0163 1344  [ e75c4b5269091d15a2e7dc0b6d35f2f5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:29:05.0224 1344  usbprint - ok
09:29:05.0278 1344  [ be3da31c191bc222d9ad503c5224f2ad ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:29:05.0357 1344  USBSTOR - ok
09:29:05.0433 1344  [ 814d653efc4d48be3b04a307eceff56f ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:29:05.0484 1344  usbuhci - ok
09:29:05.0703 1344  [ 35c9095fa7076466afbfc5b9ec4b779e ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
09:29:05.0726 1344  usb_rndisx - ok
09:29:05.0792 1344  [ 1509e705f3ac1d474c92454a5c2dd81f ] UxSms           C:\Windows\System32\uxsms.dll
09:29:05.0831 1344  UxSms - ok
09:29:05.0887 1344  [ cd88d1b7776dc17a119049742ec07eb4 ] vds             C:\Windows\System32\vds.exe
09:29:05.0918 1344  vds - ok
09:29:05.0993 1344  [ 7d92be0028ecdedec74617009084b5ef ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:29:06.0068 1344  vga - ok
09:29:06.0297 1344  [ 2e93ac0a1d8c79d019db6c51f036636c ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:29:06.0360 1344  VgaSave - ok
09:29:06.0453 1344  [ 045d9961e591cf0674a920b6ba3ba5cb ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:29:06.0453 1344  viaagp - ok
09:29:06.0485 1344  [ 56a4de5f02f2e88182b0981119b4dd98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:29:06.0531 1344  ViaC7 - ok
09:29:06.0609 1344  [ fd2e3175fcada350c7ab4521dca187ec ] viaide          C:\Windows\system32\drivers\viaide.sys
09:29:06.0625 1344  viaide - ok
09:29:07.0077 1344  [ 69503668ac66c77c6cd7af86fbdf8c43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:29:07.0093 1344  volmgr - ok
09:29:07.0343 1344  [ 23e41b834759917bfd6b9a0d625d0c28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:29:07.0483 1344  volmgrx - ok
09:29:07.0733 1344  [ 147281c01fcb1df9252de2a10d5e7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:29:08.0060 1344  volsnap - ok
09:29:08.0107 1344  [ d984439746d42b30fc65a4c3546c6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:29:08.0123 1344  vsmraid - ok
09:29:08.0559 1344  [ db3d19f850c6eb32bdcb9bc0836acddb ] VSS             C:\Windows\system32\vssvc.exe
09:29:08.0653 1344  VSS - ok
09:29:08.0731 1344  [ 96ea68b9eb310a69c25ebb0282b2b9de ] W32Time         C:\Windows\system32\w32time.dll
09:29:08.0793 1344  W32Time - ok
09:29:08.0825 1344  [ 48dfee8f1af7c8235d4e626f0c4fe031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:29:08.0871 1344  WacomPen - ok
09:29:08.0965 1344  [ 55201897378cca7af8b5efd874374a26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:29:08.0981 1344  Wanarp - ok
09:29:09.0036 1344  [ 55201897378cca7af8b5efd874374a26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:29:09.0076 1344  Wanarpv6 - ok
09:29:09.0396 1344  [ 20b23332885dfb93fe0185362ee811e9 ] wbengine        C:\Windows\system32\wbengine.exe
09:29:09.0806 1344  wbengine - ok
09:29:09.0926 1344  [ a3cd60fd826381b49f03832590e069af ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:29:09.0976 1344  wcncsvc - ok
09:29:10.0146 1344  [ 11bcb7afcdd7aadacb5746f544d3a9c7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:29:10.0264 1344  WcsPlugInService - ok
09:29:10.0330 1344  [ afc5ad65b991c1e205cf25cfdbf7a6f4 ] Wd              C:\Windows\system32\drivers\wd.sys
09:29:10.0343 1344  Wd - ok
09:29:10.0505 1344  [ b6f0a7ad6d4bd325fbcd8bac96cd8d96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:29:10.0572 1344  Wdf01000 - ok
09:29:10.0637 1344  [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:29:10.0711 1344  WdiServiceHost - ok
09:29:10.0716 1344  [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:29:10.0816 1344  WdiSystemHost - ok
09:29:10.0888 1344  [ 04c37d8107320312fbae09926103d5e2 ] WebClient       C:\Windows\System32\webclnt.dll
09:29:10.0952 1344  WebClient - ok
09:29:11.0101 1344  [ ae3736e7e8892241c23e4ebbb7453b60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:29:11.0148 1344  Wecsvc - ok
09:29:11.0214 1344  [ 670ff720071ed741206d69bd995ea453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:29:11.0274 1344  wercplsupport - ok
09:29:11.0414 1344  [ 32b88481d3b326da6deb07b1d03481e7 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:29:11.0454 1344  WerSvc - ok
09:29:11.0664 1344  [ 5c7bdcf5864db00323fe2d90fa26a8a2 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:29:11.0834 1344  winachsf - ok
09:29:12.0024 1344  [ 4575aa12561c5648483403541d0d7f2b ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:29:12.0074 1344  WinDefend - ok
09:29:12.0074 1344  WinHttpAutoProxySvc - ok
09:29:12.0344 1344  [ 6b2a1d0e80110e3d04e6863c6e62fd8a ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:29:12.0384 1344  Winmgmt - ok
09:29:12.0504 1344  [ 7cfe68bdc065e55aa5e8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:29:12.0624 1344  WinRM - ok
09:29:12.0734 1344  [ c008405e4feeb069e30da1d823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:29:12.0804 1344  Wlansvc - ok
09:29:12.0834 1344  [ 2e7255d172df0b8283cdfb7b433b864e ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:29:12.0894 1344  WmiAcpi - ok
09:29:12.0994 1344  [ 43be3875207dcb62a85c8c49970b66cc ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:29:13.0014 1344  wmiApSrv - ok
09:29:13.0279 1344  [ 3978704576a121a9204f8cc49a301a9b ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:29:13.0383 1344  WMPNetworkSvc - ok
09:29:13.0420 1344  [ 801fbdb89d472b3c467eb112a0fc9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:29:13.0489 1344  WPDBusEnum - ok
09:29:13.0576 1344  [ de9d36f91a4df3d911626643debf11ea ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
09:29:13.0620 1344  WpdUsb - ok
09:29:13.0854 1344  [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:29:13.0888 1344  WPFFontCache_v0400 - ok
09:29:13.0925 1344  [ e3a3cb253c0ec2494d4a61f5e43a389c ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:29:13.0951 1344  ws2ifsl - ok
09:29:14.0022 1344  [ 1ca6c40261ddc0425987980d0cd2aaab ] wscsvc          C:\Windows\System32\wscsvc.dll
09:29:14.0054 1344  wscsvc - ok
09:29:14.0059 1344  WSearch - ok
09:29:14.0298 1344  [ a583f4bf607ebc5709578433207a76a8 ] WTGService      C:\Program Files\Verbindungsassistent\WTGService.exe
09:29:14.0406 1344  WTGService - ok
09:29:14.0617 1344  [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv        C:\Windows\system32\wuaueng.dll
09:29:15.0394 1344  wuauserv - ok
09:29:15.0565 1344  [ ac13cb789d93412106b0fb6c7eb2bcb6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:29:15.0612 1344  WUDFRd - ok
09:29:15.0706 1344  [ 575a4190d989f64732119e4114045a4f ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:29:15.0768 1344  wudfsvc - ok
09:29:15.0768 1344  ================ Scan global ===============================
09:29:15.0809 1344  (f31eebc1a1c81fd04005489cc3dcdfe7) C:\Windows\system32\basesrv.dll
09:29:15.0959 1344  (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
09:29:16.0049 1344  (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
09:29:16.0129 1344  (d4e6d91c1349b7bfb3599a6ada56851b) C:\Windows\system32\services.exe
09:29:16.0219 1344  [Global] - ok
09:29:16.0219 1344  ================ Scan MBR ==================================
09:29:16.0279 1344  MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
09:29:17.0209 1344  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:29:17.0209 1344  \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:29:17.0209 1344  ================ Scan VBR ==================================
09:29:17.0239 1344  Boot (0x1200)   (122a44dccb2363f7a2069a84552be001) \Device\Harddisk0\DR0\Partition1
09:29:17.0299 1344  \Device\Harddisk0\DR0\Partition1 - ok
09:29:17.0299 1344  ============================================================
09:29:17.0299 1344  Scan finished
09:29:17.0299 1344  ============================================================
09:29:17.0309 0348  Detected object count: 1
09:29:17.0309 0348  Actual detected object count: 1
09:29:47.0623 0348  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:29:47.0623 0348  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Alt 16.08.2012, 10:50   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Code:
ATTFilter
\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
Diesen Eintrag => TDSS File System <= bitte mit dem TDSS-Killer fixen. Aber bitte nur diesen Eintrag!
Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.08.2012, 11:18   #21
SkylightMuc
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


So ...

Code:
ATTFilter
12:14:45.0382 0748  Scan started
12:14:45.0382 0748  Mode: Manual; SigCheck; TDLFS; 
12:14:45.0382 0748  ============================================================
12:14:45.0991 0748  ================ Scan services =============================
12:14:46.0350 0748  [ 82b296ae1892fe3dbee00c9cf92f8ac7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
12:14:46.0396 0748  ACPI - ok
12:14:46.0552 0748  [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:14:46.0584 0748  AdobeARMservice - ok
12:14:46.0708 0748  [ 5e1a953c6472e7bb644892a4d0df5e72 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:14:46.0740 0748  AdobeFlashPlayerUpdateSvc - ok
12:14:46.0802 0748  [ 2edc5bbac6c651ece337bde8ed97c9fb ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:14:46.0818 0748  adp94xx - ok
12:14:46.0864 0748  [ b84088ca3cdca97da44a984c6ce1ccad ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:14:46.0880 0748  adpahci - ok
12:14:46.0911 0748  [ 7880c67bccc27c86fd05aa2afb5ea469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
12:14:46.0927 0748  adpu160m - ok
12:14:46.0942 0748  [ 9ae713f8e30efc2abccd84904333df4d ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:14:46.0958 0748  adpu320 - ok
12:14:47.0005 0748  [ 9d1fda9e086ba64e3c93c9de32461bcf ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:14:47.0036 0748  AeLookupSvc - ok
12:14:47.0176 0748  [ 3911b972b55fea0478476b2e777b29fa ] AFD             C:\Windows\system32\drivers\afd.sys
12:14:47.0192 0748  AFD - ok
12:14:47.0239 0748  [ ef23439cdd587f64c2c1b8825cead7d8 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:14:47.0254 0748  agp440 - ok
12:14:47.0286 0748  [ ae1fdf7bf7bb6c6a70f67699d880592a ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:14:47.0301 0748  aic78xx - ok
12:14:47.0332 0748  [ a1545b731579895d8cc44fc0481c1192 ] ALG             C:\Windows\System32\alg.exe
12:14:47.0364 0748  ALG - ok
12:14:47.0395 0748  [ 90395b64600ebb4552e26e178c94b2e4 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:14:47.0410 0748  aliide - ok
12:14:47.0442 0748  [ 2b13e304c9dfdfa5eb582f6a149fa2c7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:14:47.0457 0748  amdagp - ok
12:14:47.0473 0748  [ 0577df1d323fe75a739c787893d300ea ] amdide          C:\Windows\system32\drivers\amdide.sys
12:14:47.0488 0748  amdide - ok
12:14:47.0504 0748  [ dc487885bcef9f28eece6fac0e5ddfc5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
12:14:47.0551 0748  AmdK7 - ok
12:14:47.0582 0748  [ 0ca0071da4315b00fc1328ca86b425da ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:14:47.0629 0748  AmdK8 - ok
12:14:47.0738 0748  [ 466a0d95960dad3222c896d2cea99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
12:14:47.0738 0748  AntiVirSchedulerService - ok
12:14:47.0800 0748  [ a489be6bb0aa1ff406b488b60542314b ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
12:14:47.0816 0748  AntiVirService - ok
12:14:47.0925 0748  [ 676894fa57b671fec5c3f05f8929e03b ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:14:47.0956 0748  AntiVirWebService - ok
12:14:48.0019 0748  [ c6d704c7f0434dc791aac37cac4b6e14 ] Appinfo         C:\Windows\System32\appinfo.dll
12:14:48.0034 0748  Appinfo - ok
12:14:48.0159 0748  [ 7ef47644b74ebe721cc32211d3c35e76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:14:48.0175 0748  Apple Mobile Device - ok
12:14:48.0222 0748  [ 0fe769cae5855b53c90e23f85e7e89ff ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:14:48.0237 0748  AppMgmt - ok
12:14:48.0300 0748  [ 5f673180268bb1fdb69c99b6619fe379 ] arc             C:\Windows\system32\drivers\arc.sys
12:14:48.0315 0748  arc - ok
12:14:48.0378 0748  [ 957f7540b5e7f602e44648c7de5a1c05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:14:48.0393 0748  arcsas - ok
12:14:48.0440 0748  [ 53b202abee6455406254444303e87be1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:14:48.0487 0748  AsyncMac - ok
12:14:48.0534 0748  [ 1f05b78ab91c9075565a9d8a4b880bc4 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:14:48.0549 0748  atapi - ok
12:14:48.0596 0748  [ 68e2a1a0407a66cf50da0300852424ab ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:14:48.0627 0748  AudioEndpointBuilder - ok
12:14:48.0643 0748  [ 68e2a1a0407a66cf50da0300852424ab ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:14:48.0674 0748  Audiosrv - ok
12:14:48.0721 0748  [ d5541f0afb767e85fc412fc609d96a74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:14:48.0736 0748  avgntflt - ok
12:14:48.0846 0748  [ 7d967a682d4694df7fa57d63a2db01fe ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:14:48.0861 0748  avipbb - ok
12:14:48.0924 0748  [ 53e56450da16a1a7f0d002f511113f67 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:14:48.0939 0748  avkmgr - ok
12:14:49.0002 0748  [ cf6a67c90951e3e763d2135dede44b85 ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
12:14:49.0064 0748  BCM43XV - ok
12:14:49.0095 0748  [ 08015d34f6fdd0b355805bad978497c3 ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
12:14:49.0126 0748  bcm4sbxp - ok
12:14:49.0236 0748  [ 67e506b75bd5326a3ec7b70bd014dfb6 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:14:49.0251 0748  Beep - ok
12:14:49.0314 0748  [ c789af0f724fda5852fb9a7d3a432381 ] BFE             C:\Windows\System32\bfe.dll
12:14:49.0345 0748  BFE - ok
12:14:49.0407 0748  [ 93952506c6d67330367f7e7934b6a02f ] BITS            C:\Windows\System32\qmgr.dll
12:14:49.0485 0748  BITS - ok
12:14:49.0485 0748  blbdrive - ok
12:14:49.0579 0748  [ db5bea73edaf19ac68b2c0fad0f92b1a ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:14:49.0610 0748  Bonjour Service - ok
12:14:49.0657 0748  [ 35f376253f687bde63976ccb3f2108ca ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:14:49.0672 0748  bowser - ok
12:14:49.0735 0748  [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
12:14:49.0766 0748  BrFiltLo - ok
12:14:49.0813 0748  [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
12:14:49.0844 0748  BrFiltUp - ok
12:14:49.0922 0748  [ a3629a0c4226f9e9c72faaeebc3ad33c ] Browser         C:\Windows\System32\browser.dll
12:14:49.0969 0748  Browser - ok
12:14:50.0031 0748  [ b304e75cff293029eddf094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
12:14:50.0094 0748  Brserid - ok
12:14:50.0234 0748  [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
12:14:50.0281 0748  BrSerWdm - ok
12:14:50.0328 0748  [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
12:14:50.0374 0748  BrUsbMdm - ok
12:14:50.0437 0748  [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
12:14:50.0484 0748  BrUsbSer - ok
12:14:50.0546 0748  [ 6d39c954799b63ba866910234cf7d726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:14:50.0562 0748  BthEnum - ok
12:14:50.0640 0748  [ ad07c1ec6665b8b35741ab91200c6b68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:14:50.0686 0748  BTHMODEM - ok
12:14:50.0733 0748  [ 5904efa25f829bf84ea6fb045134a1d8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:14:50.0764 0748  BthPan - ok
12:14:50.0858 0748  [ 611ff3f2f095c8d4a6d4cfd9dcc09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:14:50.0889 0748  BTHPORT - ok
12:14:50.0920 0748  [ a4c8377fa4a994e07075107dbe2e3dce ] BthServ         C:\Windows\System32\bthserv.dll
12:14:50.0936 0748  BthServ - ok
12:14:50.0967 0748  [ d330803eab2a15caec7f011f1d4cb30e ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:14:50.0998 0748  BTHUSB - ok
12:14:51.0045 0748  [ 7add03e75beb9e6dd102c3081d29840a ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:14:51.0076 0748  cdfs - ok
12:14:51.0123 0748  [ 6b4bffb9becd728097024276430db314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:14:51.0154 0748  cdrom - ok
12:14:51.0217 0748  [ 312ec3e37a0a1f2006534913e37b4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:14:51.0248 0748  CertPropSvc - ok
12:14:51.0310 0748  [ da8e0afc7baa226c538ef53ac2f90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:14:51.0373 0748  circlass - ok
12:14:51.0451 0748  [ d7659d3b5b92c31e84e53c1431f35132 ] CLFS            C:\Windows\system32\CLFS.sys
12:14:51.0466 0748  CLFS - ok
12:14:51.0669 0748  [ 8ee772032e2fe80a924f3b8dd5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:14:51.0685 0748  clr_optimization_v2.0.50727_32 - ok
12:14:51.0778 0748  [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:14:51.0794 0748  clr_optimization_v4.0.30319_32 - ok
12:14:51.0841 0748  [ 99afc3795b58cc478fbbbcdc658fcb56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:14:51.0856 0748  CmBatt - ok
12:14:51.0919 0748  [ 45201046c776ffdaf3fc8a0029c581c8 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:14:51.0919 0748  cmdide - ok
12:14:51.0966 0748  [ 6afef0b60fa25de07c0968983ee4f60a ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:14:51.0981 0748  Compbatt - ok
12:14:51.0981 0748  COMSysApp - ok
12:14:51.0997 0748  [ 2a213ae086bbec5e937553c7d9a2b22c ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:14:52.0012 0748  crcdisk - ok
12:14:52.0028 0748  [ 22a7f883508176489f559ee745b5bf5d ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
12:14:52.0059 0748  Crusoe - ok
12:14:52.0122 0748  [ 75c6a297e364014840b48eccd7525e30 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:14:52.0137 0748  CryptSvc - ok
12:14:52.0184 0748  [ 9bdb2e89be8d0ef37b1f25c3d3fc192c ] CSC             C:\Windows\system32\drivers\csc.sys
12:14:52.0200 0748  CSC - ok
12:14:52.0262 0748  [ 0a2095f92f6ae4fe6484d911b0c21e95 ] CscService      C:\Windows\System32\cscsvc.dll
12:14:52.0278 0748  CscService - ok
12:14:52.0324 0748  [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:14:52.0356 0748  DcomLaunch - ok
12:14:52.0387 0748  [ 622c41a07ca7e6dd91770f50d532cb6c ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:14:52.0402 0748  DfsC - ok
12:14:52.0512 0748  [ 2cc3dcfb533a1035b13dcab6160ab38b ] DFSR            C:\Windows\system32\DFSR.exe
12:14:52.0574 0748  DFSR - ok
12:14:52.0652 0748  [ 9028559c132146fb75eb7acf384b086a ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
12:14:52.0683 0748  Dhcp - ok
12:14:52.0714 0748  [ 5d4aefc3386920236a548271f8f1af6a ] disk            C:\Windows\system32\drivers\disk.sys
12:14:52.0730 0748  disk - ok
12:14:52.0761 0748  [ 57d762f6f5974af0da2be88a3349baaa ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:14:52.0777 0748  Dnscache - ok
12:14:52.0824 0748  [ 324fd74686b1ef5e7c19a8af49e748f6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:14:52.0855 0748  dot3svc - ok
12:14:52.0902 0748  [ a622e888f8aa2f6b49e9bc466f0e5def ] DPS             C:\Windows\system32\dps.dll
12:14:52.0933 0748  DPS - ok
12:14:52.0964 0748  [ 97fef831ab90bee128c9af390e243f80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:14:52.0980 0748  drmkaud - ok
12:14:53.0042 0748  [ c68ac676b0ef30cfbb1080adce49eb1f ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:14:53.0073 0748  DXGKrnl - ok
12:14:53.0120 0748  [ f88fb26547fd2ce6d0a5af2985892c48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
12:14:53.0167 0748  E1G60 - ok
12:14:53.0214 0748  [ c0b95e40d85cd807d614e264248a45b9 ] EapHost         C:\Windows\System32\eapsvc.dll
12:14:53.0245 0748  EapHost - ok
12:14:53.0276 0748  [ 7f64ea048dcfac7acf8b4d7b4e6fe371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
12:14:53.0292 0748  Ecache - ok
12:14:53.0307 0748  [ e8f3f21a71720c84bcf423b80028359f ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:14:53.0338 0748  elxstor - ok
12:14:53.0385 0748  [ 4e6b23dfc917ea39306b529b773950f4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
12:14:53.0416 0748  EMDMgmt - ok
12:14:53.0463 0748  [ 67058c46504bc12d821f38cf99b7b28f ] EventSystem     C:\Windows\system32\es.dll
12:14:53.0479 0748  EventSystem - ok
12:14:53.0541 0748  [ 22b408651f9123527bcee54b4f6c5cae ] exfat           C:\Windows\system32\drivers\exfat.sys
12:14:53.0557 0748  exfat - ok
12:14:53.0604 0748  [ 1e9b9a70d332103c52995e957dc09ef8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:14:53.0635 0748  fastfat - ok
12:14:53.0697 0748  [ dfba0f60fa301e5b1bfb1403a93ee23e ] Fax             C:\Windows\system32\fxssvc.exe
12:14:53.0728 0748  Fax - ok
12:14:53.0760 0748  [ 63bdada84951b9c03e641800e176898a ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:14:53.0822 0748  fdc - ok
12:14:53.0853 0748  [ 6629b5f0e98151f4afdd87567ea32ba3 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:14:53.0900 0748  fdPHost - ok
12:14:53.0931 0748  [ 89ed56dce8e47af40892778a5bd31fd2 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:14:53.0978 0748  FDResPub - ok
12:14:54.0009 0748  [ a8c0139a884861e3aae9cfe73b208a9f ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:14:54.0025 0748  FileInfo - ok
12:14:54.0072 0748  [ 0ae429a696aecbc5970e3cf2c62635ae ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:14:54.0103 0748  Filetrace - ok
12:14:54.0118 0748  [ 6603957eff5ec62d25075ea8ac27de68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:14:54.0165 0748  flpydisk - ok
12:14:54.0196 0748  [ 01334f9ea68e6877c4ef05d3ea8abb05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:14:54.0228 0748  FltMgr - ok
12:14:54.0274 0748  [ 8ce364388c8eca59b14b539179276d44 ] FontCache       C:\Windows\system32\FntCache.dll
12:14:54.0306 0748  FontCache - ok
12:14:54.0399 0748  [ c7fbdd1ed42f82bfa35167a5c9803ea3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:14:54.0399 0748  FontCache3.0.0.0 - ok
12:14:54.0446 0748  [ b972a66758577e0bfd1de0f91aaa27b5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:14:54.0462 0748  Fs_Rec - ok
12:14:54.0508 0748  [ 4e1cd0a45c50a8882616cae5bf82f3c5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:14:54.0524 0748  gagp30kx - ok
12:14:54.0555 0748  [ 8182ff89c65e4d38b2de4bb0fb18564e ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:14:54.0571 0748  GEARAspiWDM - ok
12:14:54.0618 0748  [ cd5d0aeee35dfd4e986a5aa1500a6e66 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:14:54.0649 0748  gpsvc - ok
12:14:54.0711 0748  [ f02a533f517eb38333cb12a9e8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:54.0727 0748  gupdate - ok
12:14:54.0727 0748  [ f02a533f517eb38333cb12a9e8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:54.0742 0748  gupdatem - ok
12:14:54.0789 0748  [ c1b577b2169900f4cf7190c39f085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:14:54.0805 0748  gusvc - ok
12:14:54.0852 0748  [ 3f90e001369a07243763bd5a523d8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:14:54.0867 0748  HdAudAddService - ok
12:14:54.0914 0748  [ 062452b7ffd68c8c042a6261fe8dff4a ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:14:54.0961 0748  HDAudBus - ok
12:14:55.0008 0748  [ 1338520e78d90154ed6be8f84de5fceb ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:14:55.0070 0748  HidBth - ok
12:14:55.0086 0748  [ ff3160c3a2445128c5a6d9b076da519e ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:14:55.0148 0748  HidIr - ok
12:14:55.0179 0748  [ 84067081f3318162797385e11a8f0582 ] hidserv         C:\Windows\system32\hidserv.dll
12:14:55.0195 0748  hidserv - ok
12:14:55.0210 0748  [ 3c64042b95e583b366ba4e5d2450235e ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:14:55.0273 0748  HidUsb - ok
12:14:55.0320 0748  [ d8ad255b37da92434c26e4876db7d418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:14:55.0351 0748  hkmsvc - ok
12:14:55.0351 0748  [ df353b401001246853763c4b7aaa6f50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
12:14:55.0366 0748  HpCISSs - ok
12:14:55.0398 0748  [ 46d67209550973257601a533e2ac5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
12:14:55.0429 0748  HSFHWAZL - ok
12:14:55.0476 0748  [ ec36f1d542ed4252390d446bf6d4dfd0 ] HSF_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
12:14:55.0538 0748  HSF_DPV - ok
12:14:55.0616 0748  [ f870aa3e254628ebeafe754108d664de ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:14:55.0632 0748  HTTP - ok
12:14:55.0663 0748  [ a89423d0132c8ab69ba621b6ce191714 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:14:55.0678 0748  hwdatacard - ok
12:14:55.0710 0748  [ 324c2152ff2c61abae92d09f3cca4d63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
12:14:55.0725 0748  i2omp - ok
12:14:55.0756 0748  [ 22d56c8184586b7a1f6fa60be5f5a2bd ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:14:55.0788 0748  i8042prt - ok
12:14:55.0850 0748  [ 5f43e40c46d98e5e1e7d8a77d7bbf738 ] ialm            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:14:55.0897 0748  ialm - ok
12:14:55.0944 0748  [ c957bf4b5d80b46c5017bf0101e6c906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
12:14:55.0959 0748  iaStorV - ok
12:14:56.0022 0748  [ 98477b08e61945f974ed9fdc4cb6bdab ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:14:56.0053 0748  idsvc - ok
12:14:56.0131 0748  [ 5f43e40c46d98e5e1e7d8a77d7bbf738 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
12:14:56.0178 0748  igfx - ok
12:14:56.0209 0748  [ 2d077bf86e843f901d8db709c95b49a5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:14:56.0224 0748  iirsp - ok
12:14:56.0271 0748  [ 9908d8a397b76cd8d31d0d383c5773c9 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:14:56.0302 0748  IKEEXT - ok
12:14:56.0334 0748  [ 83aa759f3189e6370c30de5dc5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:14:56.0349 0748  intelide - ok
12:14:56.0412 0748  [ 224191001e78c89dfa78924c3ea595ff ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:14:56.0443 0748  intelppm - ok
12:14:56.0505 0748  [ 9ac218c6e6105477484c6fdbe7d409a4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:14:56.0536 0748  IPBusEnum - ok
12:14:56.0583 0748  [ 62c265c38769b864cb25b4bcf62df6c3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:14:56.0614 0748  IpFilterDriver - ok
12:14:56.0661 0748  [ 1998bd97f950680bb55f55a7244679c2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:14:56.0677 0748  iphlpsvc - ok
12:14:56.0692 0748  IpInIp - ok
12:14:56.0739 0748  [ 40f34f8aba2a015d780e4b09138b6c17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
12:14:56.0802 0748  IPMIDRV - ok
12:14:56.0926 0748  [ 8793643a67b42cec66490b2a0cf92d68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
12:14:56.0973 0748  IPNAT - ok
12:14:57.0036 0748  [ 57edb35ea2feca88f8b17c0c095c9a56 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:14:57.0114 0748  iPod Service - ok
12:14:57.0160 0748  [ 109c0dfb82c3632fbd11949b73aeeac9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:14:57.0192 0748  IRENUM - ok
12:14:57.0223 0748  [ 350fca7e73cf65bcef43fae1e4e91293 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:14:57.0238 0748  isapnp - ok
12:14:57.0285 0748  [ 232fa340531d940aac623b121a595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:14:57.0301 0748  iScsiPrt - ok
12:14:57.0316 0748  [ bced60d16156e428f8df8cf27b0df150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
12:14:57.0332 0748  iteatapi - ok
12:14:57.0363 0748  [ 06fa654504a498c30adca8bec4e87e7e ] iteraid         C:\Windows\system32\drivers\iteraid.sys
12:14:57.0363 0748  iteraid - ok
12:14:57.0426 0748  [ 37605e0a8cf00cbba538e753e4344c6e ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:14:57.0441 0748  kbdclass - ok
12:14:57.0473 0748  [ d2600cb17b7408b4a83f231dc9a11ac3 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:14:57.0520 0748  kbdhid - ok
12:14:57.0551 0748  [ a3e186b4b935905b829219502557314e ] KeyIso          C:\Windows\system32\lsass.exe
12:14:57.0567 0748  KeyIso - ok
12:14:57.0614 0748  [ 4a1445efa932a3baf5bdb02d7131ee20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:14:57.0645 0748  KSecDD - ok
12:14:57.0707 0748  [ 8078f8f8f7a79e2e6b494523a828c585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:14:57.0770 0748  KtmRm - ok
12:14:57.0817 0748  [ 1bf5eebfd518dd7298434d8c862f825d ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:14:57.0848 0748  LanmanServer - ok
12:14:57.0863 0748  [ 1db69705b695b987082c8baec0c6b34f ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:14:57.0895 0748  LanmanWorkstation - ok
12:14:57.0926 0748  [ d1c5883087a0c3f1344d9d55a44901f6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:14:57.0957 0748  lltdio - ok
12:14:58.0004 0748  [ 2d5a428872f1442631d0959a34abff63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:14:58.0051 0748  lltdsvc - ok
12:14:58.0097 0748  [ 35d40113e4a5b961b6ce5c5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:14:58.0144 0748  lmhosts - ok
12:14:58.0191 0748  [ a2262fb9f28935e862b4db46438c80d2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:14:58.0207 0748  LSI_FC - ok
12:14:58.0238 0748  [ 30d73327d390f72a62f32c103daf1d6d ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:14:58.0253 0748  LSI_SAS - ok
12:14:58.0285 0748  [ e1e36fefd45849a95f1ab81de0159fe3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:14:58.0300 0748  LSI_SCSI - ok
12:14:58.0347 0748  [ 8f5c7426567798e62a3b3614965d62cc ] luafv           C:\Windows\system32\drivers\luafv.sys
12:14:58.0378 0748  luafv - ok
12:14:58.0425 0748  [ 6dfe7f2e8e8a337263aa5c92a215f161 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:14:58.0441 0748  MBAMProtector - ok
12:14:58.0565 0748  [ 43683e970f008c93c9429ef428147a54 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:14:58.0612 0748  MBAMService - ok
12:14:58.0659 0748  [ d153b14fc6598eae8422a2037553adce ] megasas         C:\Windows\system32\drivers\megasas.sys
12:14:58.0675 0748  megasas - ok
12:14:58.0721 0748  [ 1076ffcffaae8385fd62dfcb25ac4708 ] MMCSS           C:\Windows\system32\mmcss.dll
12:14:58.0753 0748  MMCSS - ok
12:14:58.0784 0748  [ e13b5ea0f51ba5b1512ec671393d09ba ] Modem           C:\Windows\system32\drivers\modem.sys
12:14:58.0815 0748  Modem - ok
12:14:58.0862 0748  [ 0a9bb33b56e294f686abb7c1e4e2d8a8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:14:58.0893 0748  monitor - ok
12:14:58.0924 0748  [ 5bf6a1326a335c5298477754a506d263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:14:58.0940 0748  mouclass - ok
12:14:58.0971 0748  [ a3a6dff7e9e757db3df51a833bc28885 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
12:14:59.0033 0748  mouhid - ok
12:14:59.0080 0748  [ bdafc88aa6b92f7842416ea6a48e1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
12:14:59.0111 0748  MountMgr - ok
12:14:59.0143 0748  [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:14:59.0158 0748  MozillaMaintenance - ok
12:14:59.0205 0748  [ 583a41f26278d9e0ea548163d6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:14:59.0221 0748  mpio - ok
12:14:59.0267 0748  [ 22241feba9b2defa669c8cb0a8dd7d2e ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:14:59.0299 0748  mpsdrv - ok
12:14:59.0345 0748  [ 5de62c6e9108f14f6794060a9bdecaec ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:14:59.0408 0748  MpsSvc - ok
12:14:59.0423 0748  [ 4fbbb70d30fd20ec51f80061703b001e ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
12:14:59.0455 0748  Mraid35x - ok
12:14:59.0486 0748  [ 82cea0395524aacfeb58ba1448e8325c ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:14:59.0517 0748  MRxDAV - ok
12:14:59.0564 0748  [ 1e94971c4b446ab2290deb71d01cf0c2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:14:59.0579 0748  mrxsmb - ok
12:14:59.0611 0748  [ 4fccb34d793b116423209c0f8b7a3b03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:14:59.0642 0748  mrxsmb10 - ok
12:14:59.0657 0748  [ c3cb1b40ad4a0124d617a1199b0b9d7c ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:14:59.0689 0748  mrxsmb20 - ok
12:14:59.0767 0748  [ 742aed7939e734c36b7e8d6228ce26b7 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:14:59.0782 0748  msahci - ok
12:14:59.0813 0748  [ 3fc82a2ae4cc149165a94699183d3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:14:59.0845 0748  msdsm - ok
12:14:59.0876 0748  [ fd7520cc3a80c5fc8c48852bb24c6ded ] MSDTC           C:\Windows\System32\msdtc.exe
12:14:59.0907 0748  MSDTC - ok
12:14:59.0954 0748  [ a9927f4a46b816c92f461acb90cf8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:14:59.0985 0748  Msfs - ok
12:15:00.0016 0748  [ 0f400e306f385c56317357d6dea56f62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:15:00.0032 0748  msisadrv - ok
12:15:00.0079 0748  [ 85466c0757a23d9a9aecdc0755203cb2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:15:00.0110 0748  MSiSCSI - ok
12:15:00.0110 0748  msiserver - ok
12:15:00.0141 0748  [ d8c63d34d9c9e56c059e24ec7185cc07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:15:00.0172 0748  MSKSSRV - ok
12:15:00.0203 0748  [ 1d373c90d62ddb641d50e55b9e78d65e ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:15:00.0235 0748  MSPCLOCK - ok
12:15:00.0235 0748  [ b572da05bf4e098d4bba3a4734fb505b ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:15:00.0266 0748  MSPQM - ok
12:15:00.0297 0748  [ b49456d70555de905c311bcda6ec6adb ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:15:00.0313 0748  MsRPC - ok
12:15:00.0344 0748  [ e384487cb84be41d09711c30ca79646c ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:15:00.0359 0748  mssmbios - ok
12:15:00.0406 0748  [ 7199c1eec1e4993caf96b8c0a26bd58a ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:15:00.0437 0748  MSTEE - ok
12:15:00.0469 0748  [ 6a57b5733d4cb702c8ea4542e836b96c ] Mup             C:\Windows\system32\Drivers\mup.sys
12:15:00.0484 0748  Mup - ok
12:15:00.0531 0748  [ e4eaf0c5c1b41b5c83386cf212ca9584 ] napagent        C:\Windows\system32\qagentRT.dll
12:15:00.0562 0748  napagent - ok
12:15:00.0656 0748  [ 85c44fdff9cf7e72a40dcb7ec06a4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:15:00.0671 0748  NativeWifiP - ok
12:15:00.0734 0748  [ 1357274d1883f68300aeadd15d7bbb42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:15:00.0765 0748  NDIS - ok
12:15:00.0812 0748  [ 0e186e90404980569fb449ba7519ae61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:15:00.0827 0748  NdisTapi - ok
12:15:00.0890 0748  [ d6973aa34c4d5d76c0430b181c3cd389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:15:00.0921 0748  Ndisuio - ok
12:15:00.0968 0748  [ 818f648618ae34f729fdb47ec68345c3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:15:00.0999 0748  NdisWan - ok
12:15:01.0030 0748  [ 71dab552b41936358f3b541ae5997fb3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:15:01.0061 0748  NDProxy - ok
12:15:01.0093 0748  [ bcd093a5a6777cf626434568dc7dba78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:15:01.0124 0748  NetBIOS - ok
12:15:01.0171 0748  [ ecd64230a59cbd93c85f1cd1cab9f3f6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
12:15:01.0186 0748  netbt - ok
12:15:01.0217 0748  [ a3e186b4b935905b829219502557314e ] Netlogon        C:\Windows\system32\lsass.exe
12:15:01.0233 0748  Netlogon - ok
12:15:01.0311 0748  [ c8052711daecc48b982434c5116ca401 ] Netman          C:\Windows\System32\netman.dll
12:15:01.0342 0748  Netman - ok
12:15:01.0389 0748  [ 2ef3bbe22e5a5acd1428ee387a0d0172 ] netprofm        C:\Windows\System32\netprofm.dll
12:15:01.0420 0748  netprofm - ok
12:15:01.0467 0748  [ d6c4e4a39a36029ac0813d476fbd0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:15:01.0483 0748  NetTcpPortSharing - ok
12:15:01.0529 0748  [ 2e7fb731d4790a1bc6270accefacb36e ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:15:01.0545 0748  nfrd960 - ok
12:15:01.0592 0748  [ 2997b15415f9bbe05b5a4c1c85e0c6a2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:15:01.0623 0748  NlaSvc - ok
12:15:01.0685 0748  [ d36f239d7cce1931598e8fb90a0dbc26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:15:01.0795 0748  Npfs - ok
12:15:01.0826 0748  [ 8bb86f0c7eea2bded6fe095d0b4ca9bd ] nsi             C:\Windows\system32\nsisvc.dll
12:15:01.0857 0748  nsi - ok
12:15:01.0904 0748  [ 609773e344a97410ce4ebf74a8914fcf ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:15:01.0935 0748  nsiproxy - ok
12:15:02.0247 0748  [ 6a4a98cee84cf9e99564510dda4baa47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:15:02.0403 0748  Ntfs - ok
12:15:02.0465 0748  [ e875c093aec0c978a90f30c9e0dfbb72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
12:15:02.0528 0748  ntrigdigi - ok
12:15:02.0575 0748  [ c5dbbcda07d780bda9b685df333bb41e ] Null            C:\Windows\system32\drivers\Null.sys
12:15:02.0621 0748  Null - ok
12:15:02.0637 0748  [ e69e946f80c1c31c53003bfbf50cbb7c ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:15:02.0653 0748  nvraid - ok
12:15:02.0684 0748  [ 9e0ba19a28c498a6d323d065db76dffc ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:15:02.0699 0748  nvstor - ok
12:15:02.0793 0748  [ 07c186427eb8fcc3d8d7927187f260f7 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:15:02.0809 0748  nv_agp - ok
12:15:02.0809 0748  NwlnkFlt - ok
12:15:02.0824 0748  NwlnkFwd - ok
12:15:02.0887 0748  [ 6f310e890d46e246e0e261a63d9b36b4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
12:15:02.0933 0748  ohci1394 - ok
12:15:02.0996 0748  [ 7a56cf3e3f12e8af599963b16f50fb6a ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:15:03.0011 0748  ose - ok
12:15:03.0105 0748  [ 0c8e8e61ad1eb0b250b846712c917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
12:15:03.0152 0748  p2pimsvc - ok
12:15:03.0167 0748  [ 0c8e8e61ad1eb0b250b846712c917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:15:03.0214 0748  p2psvc - ok
12:15:03.0245 0748  [ 0fa9b5055484649d63c303fe404e5f4d ] Parport         C:\Windows\system32\drivers\parport.sys
12:15:03.0308 0748  Parport - ok
12:15:03.0355 0748  [ b9c2b89f08670e159f7181891e449cd9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:15:03.0370 0748  partmgr - ok
12:15:03.0401 0748  [ 4f9a6a8a31413180d0fcb279ad5d8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
12:15:03.0495 0748  Parvdm - ok
12:15:03.0526 0748  [ c6276ad11f4bb49b58aa1ed88537f14a ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:15:03.0557 0748  PcaSvc - ok
12:15:03.0604 0748  [ 941dc1d19e7e8620f40bbc206981efdb ] pci             C:\Windows\system32\drivers\pci.sys
12:15:03.0635 0748  pci - ok
12:15:03.0698 0748  [ 3b1901e401473e03eb8c874271e50c26 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:15:03.0713 0748  pciide - ok
12:15:03.0760 0748  [ e6f3fb1b86aa519e7698ad05e58b04e5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:15:03.0776 0748  pcmcia - ok
12:15:03.0854 0748  [ 6349f6ed9c623b44b52ea3c63c831a92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:15:03.0963 0748  PEAUTH - ok
12:15:04.0103 0748  [ b1689df169143f57053f795390c99db3 ] pla             C:\Windows\system32\pla.dll
12:15:04.0166 0748  pla - ok
12:15:04.0213 0748  [ c5e7f8a996ec0a82d508fd9064a5569e ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:15:04.0228 0748  PlugPlay - ok
12:15:04.0259 0748  [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
12:15:04.0306 0748  PNRPAutoReg - ok
12:15:04.0322 0748  [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
12:15:04.0353 0748  PNRPsvc - ok
12:15:04.0415 0748  [ d0494460421a03cd5225cca0059aa146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:15:04.0447 0748  PolicyAgent - ok
12:15:04.0478 0748  [ ecfffaec0c1ecd8dbc77f39070ea1db1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:15:04.0509 0748  PptpMiniport - ok
12:15:04.0556 0748  [ 0e3cef5d28b40cf273281d620c50700a ] Processor       C:\Windows\system32\drivers\processr.sys
12:15:04.0603 0748  Processor - ok
12:15:04.0649 0748  [ 0508faa222d28835310b7bfca7a77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:15:04.0665 0748  ProfSvc - ok
12:15:04.0696 0748  [ a3e186b4b935905b829219502557314e ] ProtectedStorage C:\Windows\system32\lsass.exe
12:15:04.0712 0748  ProtectedStorage - ok
12:15:04.0774 0748  [ 99514faa8df93d34b5589187db3aa0ba ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
12:15:04.0790 0748  PSched - ok
12:15:04.0805 0748  [ 49452bfcec22f36a7a9b9c2181bc3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
12:15:04.0821 0748  PxHelp20 - ok
12:15:04.0868 0748  [ ccdac889326317792480c0a67156a1ec ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:15:04.0930 0748  ql2300 - ok
12:15:04.0977 0748  [ 81a7e5c076e59995d54bc1ed3a16e60b ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:15:04.0993 0748  ql40xx - ok
12:15:05.0039 0748  [ e9ecae663f47e6cb43962d18ab18890f ] QWAVE           C:\Windows\system32\qwave.dll
12:15:05.0055 0748  QWAVE - ok
12:15:05.0086 0748  [ 9f5e0e1926014d17486901c88eca2db7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:15:05.0117 0748  QWAVEdrv - ok
12:15:05.0164 0748  [ 147d7f9c556d259924351feb0de606c3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:15:05.0195 0748  RasAcd - ok
12:15:05.0227 0748  [ f6a452eb4ceadbb51c9e0ee6b3ecef0f ] RasAuto         C:\Windows\System32\rasauto.dll
12:15:05.0258 0748  RasAuto - ok
12:15:05.0305 0748  [ a214adbaf4cb47dd2728859ef31f26b0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:15:05.0336 0748  Rasl2tp - ok
12:15:05.0383 0748  [ 75d47445d70ca6f9f894b032fbc64fcf ] RasMan          C:\Windows\System32\rasmans.dll
12:15:05.0414 0748  RasMan - ok
12:15:05.0461 0748  [ 509a98dd18af4375e1fc40bc175f1def ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:15:05.0492 0748  RasPppoe - ok
12:15:05.0523 0748  [ 2005f4a1e05fa09389ac85840f0a9e4d ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:15:05.0554 0748  RasSstp - ok
12:15:05.0585 0748  [ b14c9d5b9add2f84f70570bbbfaa7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:15:05.0617 0748  rdbss - ok
12:15:05.0679 0748  [ 89e59be9a564262a3fb6c4f4f1cd9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:15:05.0710 0748  RDPCDD - ok
12:15:05.0757 0748  [ 943b18305eae3935598a9b4a3d560b4c ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
12:15:05.0788 0748  rdpdr - ok
12:15:05.0788 0748  [ 9d91fe5286f748862ecffa05f8a0710c ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:15:05.0819 0748  RDPENCDD - ok
12:15:05.0866 0748  [ c127ebd5afab31524662c48dfceb773a ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:15:05.0882 0748  RDPWD - ok
12:15:05.0929 0748  [ bcdd6b4804d06b1f7ebf29e53a57ece9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:15:05.0944 0748  RemoteAccess - ok
12:15:05.0991 0748  [ 9e6894ea18daff37b63e1005f83ae4ab ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:15:06.0007 0748  RemoteRegistry - ok
12:15:06.0038 0748  [ 6482707f9f4da0ecbab43b2e0398a101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:15:06.0069 0748  RFCOMM - ok
12:15:06.0116 0748  [ ea885e7a56f1be1f14c372337c42fe48 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
12:15:06.0116 0748  rimmptsk - ok
12:15:06.0178 0748  [ d7e09bc852684a7b1fc0f74fe090d45a ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
12:15:06.0194 0748  rimsptsk - ok
12:15:06.0256 0748  [ b0a7494a9ba7909efac64e05d3f160db ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
12:15:06.0272 0748  rismxdp - ok
12:15:06.0303 0748  [ 5123f83cbc4349d065534eeb6bbdc42b ] RpcLocator      C:\Windows\system32\locator.exe
12:15:06.0319 0748  RpcLocator - ok
12:15:06.0365 0748  [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] RpcSs           C:\Windows\system32\rpcss.dll
12:15:06.0412 0748  RpcSs - ok
12:15:06.0459 0748  [ 9c508f4074a39e8b4b31d27198146fad ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:15:06.0490 0748  rspndr - ok
12:15:06.0490 0748  [ a3e186b4b935905b829219502557314e ] SamSs           C:\Windows\system32\lsass.exe
12:15:06.0521 0748  SamSs - ok
12:15:06.0568 0748  [ 3ce8f073a557e172b330109436984e30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:15:06.0584 0748  sbp2port - ok
12:15:06.0677 0748  [ 794d4b48dfb6e999537c7c3947863463 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
12:15:06.0740 0748  SBSDWSCService - ok
12:15:06.0865 0748  [ 77b7a11a0c3d78d3386398fbbea1b632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:15:06.0896 0748  SCardSvr - ok
12:15:07.0005 0748  [ 1a58069db21d05eb2ab58ee5753ebe8d ] Schedule        C:\Windows\system32\schedsvc.dll
12:15:07.0052 0748  Schedule - ok
12:15:07.0067 0748  [ 312ec3e37a0a1f2006534913e37b4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:15:07.0099 0748  SCPolicySvc - ok
12:15:07.0177 0748  [ 8f36b54688c31eed4580129040c6a3d3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
12:15:07.0208 0748  sdbus - ok
12:15:07.0223 0748  [ 716313d9f6b0529d03f726d5aaf6f191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:15:07.0239 0748  SDRSVC - ok
12:15:07.0270 0748  [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:15:07.0317 0748  secdrv - ok
12:15:07.0348 0748  [ fd5199d4d8a521005e4b5ee7fe00fa9b ] seclogon        C:\Windows\system32\seclogon.dll
12:15:07.0379 0748  seclogon - ok
12:15:07.0411 0748  [ a9bbab5759771e523f55563d6cbe140f ] SENS            C:\Windows\System32\sens.dll
12:15:07.0442 0748  SENS - ok
12:15:07.0473 0748  [ 68e44e331d46f0fb38f0863a84cd1a31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:15:07.0520 0748  Serenum - ok
12:15:07.0551 0748  [ c70d69a918b178d3c3b06339b40c2e1b ] Serial          C:\Windows\system32\drivers\serial.sys
12:15:07.0598 0748  Serial - ok
12:15:07.0676 0748  [ 8af3d28a879bf75db53a0ee7a4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:15:07.0707 0748  sermouse - ok
12:15:07.0769 0748  [ d2193326f729b163125610dbf3e17d57 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:15:07.0801 0748  SessionEnv - ok
12:15:07.0832 0748  [ 3efa810bdca87f6ecc24f9832243fe86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:15:07.0863 0748  sffdisk - ok
12:15:07.0879 0748  [ 8fd08a310645fe872eeec6e08c6bf3ee ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:15:07.0941 0748  sffp_mmc - ok
12:15:07.0957 0748  [ 9f66a46c55d6f1ccabc79bb7afccc545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:15:07.0988 0748  sffp_sd - ok
12:15:08.0019 0748  [ 46ed8e91793b2e6f848015445a0ac188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:15:08.0081 0748  sfloppy - ok
12:15:08.0175 0748  [ e1499bd0ff76b1b2fbbf1af339d91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:15:08.0222 0748  SharedAccess - ok
12:15:08.0269 0748  [ c7230fbee14437716701c15be02c27b8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:15:08.0284 0748  ShellHWDetection - ok
12:15:08.0331 0748  [ d2a595d6eebeeaf4334f8e50efbc9931 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:15:08.0347 0748  sisagp - ok
12:15:08.0378 0748  [ cedd6f4e7d84e9f98b34b3fe988373aa ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
12:15:08.0393 0748  SiSRaid2 - ok
12:15:08.0440 0748  [ df843c528c4f69d12ce41ce462e973a7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:15:08.0456 0748  SiSRaid4 - ok
12:15:08.0737 0748  [ 862bb4cbc05d80c5b45be430e5ef872f ] slsvc           C:\Windows\system32\SLsvc.exe
12:15:08.0877 0748  slsvc - ok
12:15:08.0924 0748  [ 6edc422215cd78aa8a9cde6b30abbd35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
12:15:08.0955 0748  SLUINotify - ok
12:15:09.0002 0748  [ 7b75299a4d201d6a6533603d6914ab04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:15:09.0033 0748  Smb - ok
12:15:09.0064 0748  [ 2a146a055b4401c16ee62d18b8e2a032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:15:09.0080 0748  SNMPTRAP - ok
12:15:09.0127 0748  [ 7aebdeef071fe28b0eef2cdd69102bff ] spldr           C:\Windows\system32\drivers\spldr.sys
12:15:09.0142 0748  spldr - ok
12:15:09.0189 0748  [ 8554097e5136c3bf9f69fe578a1b35f4 ] Spooler         C:\Windows\System32\spoolsv.exe
12:15:09.0205 0748  Spooler - ok
12:15:09.0298 0748  [ 41987f9fc0e61adf54f581e15029ad91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:15:09.0329 0748  srv - ok
12:15:09.0361 0748  [ ff33aff99564b1aa534f58868cbe41ef ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:15:09.0392 0748  srv2 - ok
12:15:09.0423 0748  [ 7605c0e1d01a08f3ecd743f38b834a44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:15:09.0439 0748  srvnet - ok
12:15:09.0501 0748  [ 03d50b37234967433a5ea5ba72bc0b62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:15:09.0532 0748  SSDPSRV - ok
12:15:09.0595 0748  [ a36ee93698802cd899f98bfd553d8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
12:15:09.0610 0748  ssmdrv - ok
12:15:09.0657 0748  [ 6f1a32e7b7b30f004d9a20afadb14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:15:09.0688 0748  SstpSvc - ok
12:15:09.0735 0748  [ 5de7d67e49b88f5f07f3e53c4b92a352 ] stisvc          C:\Windows\System32\wiaservc.dll
12:15:09.0766 0748  stisvc - ok
12:15:09.0813 0748  [ 7ba58ecf0c0a9a69d44b3dca62becf56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:15:09.0829 0748  swenum - ok
12:15:09.0875 0748  [ f21fd248040681cca1fb6c9a03aaa93d ] swprv           C:\Windows\System32\swprv.dll
12:15:09.0922 0748  swprv - ok
12:15:09.0969 0748  [ 192aa3ac01df071b541094f251deed10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
12:15:09.0985 0748  Symc8xx - ok
12:15:10.0000 0748  [ 8c8eb8c76736ebaf3b13b633b2e64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
12:15:10.0016 0748  Sym_hi - ok
12:15:10.0063 0748  [ 8072af52b5fd103bbba387a1e49f62cb ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
12:15:10.0078 0748  Sym_u3 - ok
12:15:10.0125 0748  [ 9a51b04e9886aa4ee90093586b0ba88d ] SysMain         C:\Windows\system32\sysmain.dll
12:15:10.0187 0748  SysMain - ok
12:15:10.0234 0748  [ 2dca225eae15f42c0933e998ee0231c3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:15:10.0265 0748  TabletInputService - ok
12:15:10.0312 0748  [ d7673e4b38ce21ee54c59eeeb65e2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:15:10.0343 0748  TapiSrv - ok
12:15:10.0390 0748  [ cb05822cd9cc6c688168e113c603dbe7 ] TBS             C:\Windows\System32\tbssvc.dll
12:15:10.0437 0748  TBS - ok
12:15:10.0546 0748  [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:15:10.0593 0748  Tcpip - ok
12:15:10.0624 0748  [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
12:15:10.0655 0748  Tcpip6 - ok
12:15:10.0687 0748  [ 608c345a255d82a6289c2d468eb41fd7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:15:10.0702 0748  tcpipreg - ok
12:15:10.0733 0748  [ 5dcf5e267be67a1ae926f2df77fbcc56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:15:10.0765 0748  TDPIPE - ok
12:15:10.0796 0748  [ 389c63e32b3cefed425b61ed92d3f021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:15:10.0827 0748  TDTCP - ok
12:15:10.0905 0748  [ 76b06eb8a01fc8624d699e7045303e54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:15:10.0921 0748  tdx - ok
12:15:10.0952 0748  [ 3cad38910468eab9a6479e2f01db43c7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:15:10.0967 0748  TermDD - ok
12:15:11.0014 0748  [ bb95da09bef6e7a131bff3ba5032090d ] TermService     C:\Windows\System32\termsrv.dll
12:15:11.0061 0748  TermService - ok
12:15:11.0092 0748  [ c7230fbee14437716701c15be02c27b8 ] Themes          C:\Windows\system32\shsvcs.dll
12:15:11.0108 0748  Themes - ok
12:15:11.0155 0748  [ 1076ffcffaae8385fd62dfcb25ac4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:15:11.0186 0748  THREADORDER - ok
12:15:11.0217 0748  [ ec74e77d0eb004bd3a809b5f8fb8c2ce ] TrkWks          C:\Windows\System32\trkwks.dll
12:15:11.0248 0748  TrkWks - ok
12:15:11.0326 0748  [ 97d9d6a04e3ad9b6c626b9931db78dba ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:15:11.0357 0748  TrustedInstaller - ok
12:15:11.0404 0748  [ dcf0f056a2e4f52287264f5ab29cf206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:15:11.0435 0748  tssecsrv - ok
12:15:11.0482 0748  [ caecc0120ac49e3d2f758b9169872d38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
12:15:11.0498 0748  tunmp - ok
12:15:11.0513 0748  [ 300db877ac094feab0be7688c3454a9c ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:15:11.0529 0748  tunnel - ok
12:15:11.0576 0748  [ c3ade15414120033a36c0f293d4a4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:15:11.0591 0748  uagp35 - ok
12:15:11.0638 0748  [ d9728af68c4c7693cb100b8441cbdec6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:15:11.0669 0748  udfs - ok
12:15:11.0732 0748  [ ecef404f62863755951e09c802c94ad5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:15:11.0872 0748  UI0Detect - ok
12:15:11.0903 0748  [ 75e6890ebfce0841d3291b02e7a8bdb0 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:15:11.0919 0748  uliagpkx - ok
12:15:11.0966 0748  [ 3cd4ea35a6221b85dcc25daa46313f8d ] uliahci         C:\Windows\system32\drivers\uliahci.sys
12:15:11.0997 0748  uliahci - ok
12:15:12.0028 0748  [ 8514d0e5cd0534467c5fc61be94a569f ] UlSata          C:\Windows\system32\drivers\ulsata.sys
12:15:12.0044 0748  UlSata - ok
12:15:12.0075 0748  [ 38c3c6e62b157a6bc46594fada45c62b ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
12:15:12.0091 0748  ulsata2 - ok
12:15:12.0153 0748  [ 32cff9f809ae9aed85464492bf3e32d2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:15:12.0184 0748  umbus - ok
12:15:12.0231 0748  [ 8a66360f38f81e960e2367b428cbd5d9 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:15:12.0247 0748  UmRdpService - ok
12:15:12.0309 0748  [ 68308183f4ae0be7bf8ecd07cb297999 ] upnphost        C:\Windows\System32\upnphost.dll
12:15:12.0340 0748  upnphost - ok
12:15:12.0387 0748  [ eafe1e00739afe6c51487a050e772e17 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
12:15:12.0387 0748  USBAAPL - ok
12:15:12.0434 0748  [ caf811ae4c147ffcd5b51750c7f09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:15:12.0465 0748  usbccgp - ok
12:15:12.0496 0748  [ e9476e6c486e76bc4898074768fb7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:15:12.0543 0748  usbcir - ok
12:15:12.0590 0748  [ 79e96c23a97ce7b8f14d310da2db0c9b ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:15:12.0621 0748  usbehci - ok
12:15:12.0637 0748  [ 4673bbcb006af60e7abddbe7a130ba42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:15:12.0668 0748  usbhub - ok
12:15:12.0683 0748  [ 38dbc7dd6cc5a72011f187425384388b ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:15:12.0730 0748  usbohci - ok
12:15:12.0777 0748  [ e75c4b5269091d15a2e7dc0b6d35f2f5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:15:12.0793 0748  usbprint - ok
12:15:12.0824 0748  [ be3da31c191bc222d9ad503c5224f2ad ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:15:12.0855 0748  USBSTOR - ok
12:15:12.0886 0748  [ 814d653efc4d48be3b04a307eceff56f ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:15:12.0917 0748  usbuhci - ok
12:15:12.0949 0748  [ 35c9095fa7076466afbfc5b9ec4b779e ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
12:15:12.0964 0748  usb_rndisx - ok
12:15:12.0995 0748  [ 1509e705f3ac1d474c92454a5c2dd81f ] UxSms           C:\Windows\System32\uxsms.dll
12:15:13.0027 0748  UxSms - ok
12:15:13.0073 0748  [ cd88d1b7776dc17a119049742ec07eb4 ] vds             C:\Windows\System32\vds.exe
12:15:13.0120 0748  vds - ok
12:15:13.0151 0748  [ 7d92be0028ecdedec74617009084b5ef ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:15:13.0198 0748  vga - ok
12:15:13.0214 0748  [ 2e93ac0a1d8c79d019db6c51f036636c ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:15:13.0229 0748  VgaSave - ok
12:15:13.0261 0748  [ 045d9961e591cf0674a920b6ba3ba5cb ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:15:13.0276 0748  viaagp - ok
12:15:13.0323 0748  [ 56a4de5f02f2e88182b0981119b4dd98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:15:13.0354 0748  ViaC7 - ok
12:15:13.0385 0748  [ fd2e3175fcada350c7ab4521dca187ec ] viaide          C:\Windows\system32\drivers\viaide.sys
12:15:13.0401 0748  viaide - ok
12:15:13.0463 0748  [ 69503668ac66c77c6cd7af86fbdf8c43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:15:13.0463 0748  volmgr - ok
12:15:13.0526 0748  [ 23e41b834759917bfd6b9a0d625d0c28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:15:13.0541 0748  volmgrx - ok
12:15:13.0588 0748  [ 147281c01fcb1df9252de2a10d5e7093 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:15:13.0604 0748  volsnap - ok
12:15:13.0682 0748  [ d984439746d42b30fc65a4c3546c6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:15:13.0697 0748  vsmraid - ok
12:15:13.0760 0748  [ db3d19f850c6eb32bdcb9bc0836acddb ] VSS             C:\Windows\system32\vssvc.exe
12:15:13.0822 0748  VSS - ok
12:15:13.0885 0748  [ 96ea68b9eb310a69c25ebb0282b2b9de ] W32Time         C:\Windows\system32\w32time.dll
12:15:13.0916 0748  W32Time - ok
12:15:13.0963 0748  [ 48dfee8f1af7c8235d4e626f0c4fe031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:15:14.0009 0748  WacomPen - ok
12:15:14.0056 0748  [ 55201897378cca7af8b5efd874374a26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
12:15:14.0087 0748  Wanarp - ok
12:15:14.0087 0748  [ 55201897378cca7af8b5efd874374a26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:15:14.0119 0748  Wanarpv6 - ok
12:15:14.0181 0748  [ 20b23332885dfb93fe0185362ee811e9 ] wbengine        C:\Windows\system32\wbengine.exe
12:15:14.0212 0748  wbengine - ok
12:15:14.0275 0748  [ a3cd60fd826381b49f03832590e069af ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:15:14.0321 0748  wcncsvc - ok
12:15:14.0368 0748  [ 11bcb7afcdd7aadacb5746f544d3a9c7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:15:14.0399 0748  WcsPlugInService - ok
12:15:14.0446 0748  [ afc5ad65b991c1e205cf25cfdbf7a6f4 ] Wd              C:\Windows\system32\drivers\wd.sys
12:15:14.0446 0748  Wd - ok
12:15:14.0509 0748  [ b6f0a7ad6d4bd325fbcd8bac96cd8d96 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:15:14.0524 0748  Wdf01000 - ok
12:15:14.0571 0748  [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:15:14.0587 0748  WdiServiceHost - ok
12:15:14.0633 0748  [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:15:14.0665 0748  WdiSystemHost - ok
12:15:14.0711 0748  [ 04c37d8107320312fbae09926103d5e2 ] WebClient       C:\Windows\System32\webclnt.dll
12:15:14.0727 0748  WebClient - ok
12:15:14.0789 0748  [ ae3736e7e8892241c23e4ebbb7453b60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:15:14.0805 0748  Wecsvc - ok
12:15:14.0836 0748  [ 670ff720071ed741206d69bd995ea453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:15:14.0867 0748  wercplsupport - ok
12:15:14.0914 0748  [ 32b88481d3b326da6deb07b1d03481e7 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:15:14.0930 0748  WerSvc - ok
12:15:14.0977 0748  [ 5c7bdcf5864db00323fe2d90fa26a8a2 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
12:15:15.0086 0748  winachsf - ok
12:15:15.0179 0748  [ 4575aa12561c5648483403541d0d7f2b ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:15:15.0195 0748  WinDefend - ok
12:15:15.0211 0748  WinHttpAutoProxySvc - ok
12:15:15.0289 0748  [ 6b2a1d0e80110e3d04e6863c6e62fd8a ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:15:15.0320 0748  Winmgmt - ok
12:15:15.0429 0748  [ 7cfe68bdc065e55aa5e8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:15:15.0491 0748  WinRM - ok
12:15:15.0585 0748  [ c008405e4feeb069e30da1d823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:15:15.0647 0748  Wlansvc - ok
12:15:15.0663 0748  [ 2e7255d172df0b8283cdfb7b433b864e ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:15:15.0694 0748  WmiAcpi - ok
12:15:15.0741 0748  [ 43be3875207dcb62a85c8c49970b66cc ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:15:15.0757 0748  wmiApSrv - ok
12:15:15.0866 0748  [ 3978704576a121a9204f8cc49a301a9b ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:15:15.0897 0748  WMPNetworkSvc - ok
12:15:15.0944 0748  [ 801fbdb89d472b3c467eb112a0fc9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:15:15.0959 0748  WPDBusEnum - ok
12:15:15.0991 0748  [ de9d36f91a4df3d911626643debf11ea ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
12:15:16.0006 0748  WpdUsb - ok
12:15:16.0193 0748  [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:15:16.0271 0748  WPFFontCache_v0400 - ok
12:15:16.0303 0748  [ e3a3cb253c0ec2494d4a61f5e43a389c ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:15:16.0334 0748  ws2ifsl - ok
12:15:16.0365 0748  [ 1ca6c40261ddc0425987980d0cd2aaab ] wscsvc          C:\Windows\System32\wscsvc.dll
12:15:16.0381 0748  wscsvc - ok
12:15:16.0396 0748  WSearch - ok
12:15:16.0474 0748  [ a583f4bf607ebc5709578433207a76a8 ] WTGService      C:\Program Files\Verbindungsassistent\WTGService.exe
12:15:16.0505 0748  WTGService - ok
12:15:16.0599 0748  [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv        C:\Windows\system32\wuaueng.dll
12:15:16.0708 0748  wuauserv - ok
12:15:16.0771 0748  [ ac13cb789d93412106b0fb6c7eb2bcb6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:15:16.0802 0748  WUDFRd - ok
12:15:16.0895 0748  [ 575a4190d989f64732119e4114045a4f ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:15:16.0927 0748  wudfsvc - ok
12:15:16.0927 0748  ================ Scan global ===============================
12:15:17.0036 0748  (f31eebc1a1c81fd04005489cc3dcdfe7) C:\Windows\system32\basesrv.dll
12:15:17.0083 0748  (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
12:15:17.0098 0748  (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
12:15:17.0161 0748  (d4e6d91c1349b7bfb3599a6ada56851b) C:\Windows\system32\services.exe
12:15:17.0161 0748  [Global] - ok
12:15:17.0161 0748  ================ Scan MBR ==================================
12:15:17.0192 0748  MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:15:18.0221 0748  \Device\Harddisk0\DR0 - ok
12:15:18.0221 0748  ================ Scan VBR ==================================
12:15:18.0253 0748  Boot (0x1200)   (122a44dccb2363f7a2069a84552be001) \Device\Harddisk0\DR0\Partition1
12:15:18.0268 0748  \Device\Harddisk0\DR0\Partition1 - ok
12:15:18.0268 0748  ============================================================
12:15:18.0268 0748  Scan finished
12:15:18.0268 0748  ============================================================
12:15:18.0284 2472  Detected object count: 0
12:15:18.0284 2472  Actual detected object count: 0

Alt 16.08.2012, 12:36   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.08.2012, 15:23   #23
SkylightMuc
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Hallo,

es ist mir nicht so ganz klar, warum er avira immer noch als laufend meldet obwohl ich es beendet hatte ...

[code]
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-08-16.01 - *** 16.08.2012  16:02:11.1.2 - x86
Microsoft® Windows Vista™ Business   6.0.6002.2.1252.49.1031.18.2038.1315 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\a
.
Infizierte Kopie von c:\windows\system32\userinit.exe wurde gefunden und desinfiziert 
Kopie von - c:\combofix\HarddiskVolumeShadowCopy3_!Windows!System32!userinit.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-16 bis 2012-08-16  ))))))))))))))))))))))))))))))
.
.
2012-08-16 09:55 . 2012-08-16 10:03	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-08-16 05:05 . 2012-07-04 14:02	2047488	----a-w-	c:\windows\system32\win32k.sys
2012-08-15 18:42 . 2012-05-11 15:57	623616	----a-w-	c:\windows\system32\localspl.dll
2012-08-14 13:52 . 2012-06-29 08:44	6891424	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C83F4CC6-FCBA-4C8D-A8F9-B591F654FE73}\mpengine.dll
2012-08-14 13:22 . 2012-08-14 13:22	--------	d-----w-	C:\_OTL
2012-07-31 20:07 . 2012-08-09 05:32	9827016	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
2012-07-29 09:28 . 2012-07-29 09:28	--------	d-----w-	c:\program files\ESET
2012-07-24 20:12 . 2012-06-05 16:47	708608	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2012-07-24 20:12 . 2012-06-05 16:47	1401856	----a-w-	c:\windows\system32\msxml6.dll
2012-07-24 20:12 . 2012-06-05 16:47	1248768	----a-w-	c:\windows\system32\msxml3.dll
2012-07-24 20:11 . 2012-06-04 15:26	440704	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-07-24 20:11 . 2012-06-02 00:04	278528	----a-w-	c:\windows\system32\schannel.dll
2012-07-24 20:11 . 2012-06-02 00:03	204288	----a-w-	c:\windows\system32\ncrypt.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-09 05:32 . 2012-05-10 08:47	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-09 05:32 . 2011-08-21 19:20	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-18 16:04 . 2012-01-18 12:56	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-07-03 11:46 . 2012-07-09 16:41	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-02 22:19 . 2012-06-21 08:07	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 08:07	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 08:07	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 08:07	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 08:07	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-21 08:07	2422272	----a-w-	c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-21 08:07	88576	----a-w-	c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 08:06	171904	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-21 08:06	33792	----a-w-	c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2010-08-28 08:36	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-05-03 12:07 . 2012-05-03 12:07	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-12-12 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-12-12 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-12-12 81920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jaureg.exe" [2011-04-08 239336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53	843712	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28	59240	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08	1259376	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-27 03:09	421736	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2011-07-31 12:07	189808	----a-w-	c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
2008-02-26 01:23	443968	----a-w-	c:\program files\Picasa2\PicasaMediaDetector.exe
.
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 09:01]
.
2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 19:02]
.
2012-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 19:02]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.spiegel.de/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Save Flash - c:\program files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
Trusted Zone: antenne.de\webradio
Trusted Zone: archiv.to
Trusted Zone: colbertnation.com\www
Trusted Zone: duckload.com\www
Trusted Zone: ing.be
Trusted Zone: klassikradio.de\www
Trusted Zone: starwoodhotels.com\one
TCP: DhcpNameServer = 192.168.2.1
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\n6w7b2n8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.spiegel.de/
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-65945854.sys
SafeBoot-66016581.sys
MSConfigStartUp-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-16 16:15
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4080)
c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-16  16:20:32 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-08-16 14:20
.
Vor Suchlauf: 3.644.223.488 Bytes frei
Nach Suchlauf: 4.215.742.464 Bytes frei
.
- - End Of File - - 2C52C5A94ADA7F5272E64EF9BC2E3805
--- --- ---
Alt 17.08.2012, 18:11   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.08.2012, 15:13   #25
SkylightMuc
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Hallo

GMER

[code]
GMER Logfile:
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-18 16:09:55
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS721010G9SA00 rev.MCZOC10H
Running: cllm174t.exe; Driver: C:\Users\***\AppData\Local\Temp\pxliifow.sys


---- Kernel code sections - GMER 1.0.15 ----

?               C:\Users\***\AppData\Local\Temp\aswMBR.sys                                                       Das System kann die angegebene Datei nicht finden. !

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] kernel32.dll!CreateThread                      77C6CB2E 5 Bytes  JMP 6EB575E3 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!SetWindowsHookExW                   762A87AD 5 Bytes  JMP 6EB925B4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!CallNextHookEx                      762A8E3B 5 Bytes  JMP 6EBB7FDF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!UnhookWindowsHookEx                 762A98DB 5 Bytes  JMP 6EBDECE0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!EnableWindow                        762ACD8B 5 Bytes  JMP 6EB99EB4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!DefWindowProcA                      762ADB88 7 Bytes  JMP 6EB5980D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!CreateWindowExA                     762ADC2A 3 Bytes  JMP 6EB63643 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!CreateWindowExA + 4                 762ADC2E 1 Byte  [F8]
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!CreateWindowExW                     762B1305 5 Bytes  JMP 6EBC03B7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!DefWindowProcW                      762C03B4 7 Bytes  JMP 6EBB8042 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!DialogBoxParamW                     762D10B0 5 Bytes  JMP 6EAF1893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!DialogBoxIndirectParamW             762D2EF5 5 Bytes  JMP 6ECE8EE6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!DialogBoxParamA                     762E8152 5 Bytes  JMP 6ECE8E81 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!DialogBoxIndirectParamA             762E847D 5 Bytes  JMP 6ECE8F4B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!MessageBoxIndirectA                 762FD4D9 5 Bytes  JMP 6ECE8E08 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!MessageBoxIndirectW                 762FD5D3 5 Bytes  JMP 6ECE8D8F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!MessageBoxExA                       762FD639 5 Bytes  JMP 6ECE8D2B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] USER32.dll!MessageBoxExW                       762FD65D 5 Bytes  JMP 6ECE8CC7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3184] ole32.dll!OleLoadFromStream                    776A1E80 5 Bytes  JMP 6ECE96B4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!EnableWindow                        762ACD8B 5 Bytes  JMP 6EB99EB4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!DialogBoxParamW                     762D10B0 5 Bytes  JMP 6EAF1893 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!DialogBoxIndirectParamW             762D2EF5 5 Bytes  JMP 6ECE8EE6 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!DialogBoxParamA                     762E8152 5 Bytes  JMP 6ECE8E81 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!DialogBoxIndirectParamA             762E847D 5 Bytes  JMP 6ECE8F4B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!MessageBoxIndirectA                 762FD4D9 5 Bytes  JMP 6ECE8E08 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!MessageBoxIndirectW                 762FD5D3 5 Bytes  JMP 6ECE8D8F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!MessageBoxExA                       762FD639 5 Bytes  JMP 6ECE8D2B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3252] USER32.dll!MessageBoxExW                       762FD65D 5 Bytes  JMP 6ECE8CC7 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                [74A37817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                 [74A7B4E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]             [74A3BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]       [74A2F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                 [74A375E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]              [74A2E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]  [74A673F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]     [74A3DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]             [74A2FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]              [74A2FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]               [74A271CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]       [74ABCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]          [74A5C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]             [74A2D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                       [74A26853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                      [74A2687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[2920] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]         [74A32AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device          \Driver\BTHUSB \Device\00000062                                                                      bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)
Device          \Driver\BTHUSB \Device\00000064                                                                      bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)

AttachedDevice  \FileSystem\fastfat \Fat                                                                             fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0016cfd96530                          
Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0016cfd96530 (not active ControlSet)      

---- EOF - GMER 1.0.15 ----
--- --- ---


OSAM

Code:
ATTFilter
OSAM Logfile:


	
Code: 

 
ATTFilter


  

	
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 13:10:04 on 18.08.2012

OS: Windows Vista Business Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 12.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"pxliifow" (pxliifow) - ? - C:\Users\***\AppData\Local\Temp\pxliifow.sys  (Hidden registry entry, rootkit activity | File not found)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{0a4286ea-e355-44fb-8086-af3df7645bd9} "&Windows Media Player" - ? - C:\PROGRA~1\WI4EB4~1\wmpband.dll  (File not found)
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\OFFICE11\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\OFFICE11\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{F81D52BF-F2F1-4F49-BF5F-05664E803039} "Flash" - "UnH Solutions" - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{1ABA5FAC-1417-422B-BA82-45C35E2C908B} "20-20 3D Viewer for IKEA" - "20-20 Technologies" - C:\Windows\system32\20-20 Technologies\3D Viewer\v5.0.93.0\2020Player_IKEA_5_0_93_0.dll / hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} "DivXBrowserPlugin Object" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll / hxxp://download.divx.com/player/DivXBrowserPlugin.cab
{7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~2\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\Windows\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_3_300_270.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jaureg.exe" -u auto-update

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll
"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Updater Service" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
         
 
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
ASWMBR

Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-18 14:13:56
-----------------------------
14:13:56.461    OS Version: Windows 6.0.6002 Service Pack 2
14:13:56.461    Number of processors: 2 586 0xF06
14:13:56.461    ComputerName: ***-PC  UserName: ***
14:14:12.685    Initialize success
14:14:22.919    AVAST engine defs: 12081800
14:14:24.916    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:14:24.916    Disk 0 Vendor: Hitachi_HTS721010G9SA00 MCZOC10H Size: 95396MB BusType: 3
14:14:24.931    Disk 0 MBR read successfully
14:14:24.947    Disk 0 MBR scan
14:14:24.978    Disk 0 Windows VISTA default MBR code
14:14:24.994    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       78 MB offset 63
14:14:25.009    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        90193 MB offset 160650
14:14:25.025    Disk 0 Partition - 00     0F Extended LBA              2047 MB offset 184876020
14:14:25.056    Disk 0 Partition 3 00     DB  CP/M / CTOS Dell 8.0     3074 MB offset 189068985
14:14:25.134    Disk 0 Partition 4 00     DD              MSDOS5.0     2047 MB offset 184876083
14:14:25.197    Disk 0 scanning sectors +195366465
14:14:25.321    Disk 0 scanning C:\Windows\system32\drivers
14:14:42.403    Service scanning
14:15:22.761    Modules scanning
14:15:31.294    Disk 0 trace - called modules:
14:15:31.325    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 
14:15:31.341    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84edeac8]
14:15:31.356    3 CLASSPNP.SYS[87fa18b3] -> nt!IofCallDriver -> [0x83e63188]
14:15:31.356    5 acpi.sys[8789a6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x847fa528]
14:15:32.277    AVAST engine scan C:\Windows
14:15:36.208    AVAST engine scan C:\Windows\system32
14:20:26.621    AVAST engine scan C:\Windows\system32\drivers
14:20:43.750    AVAST engine scan C:\Users\***
14:27:27.307    AVAST engine scan C:\ProgramData
14:29:40.360    Scan finished successfully
14:48:41.721    Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
14:48:41.737    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBRlog.txt"

Alt 19.08.2012, 17:49   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spyware Z.Bot124.Gen eingefangen - Standard

Spyware Z.Bot124.Gen eingefangen


Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu Spyware Z.Bot124.Gen eingefangen
adobe, antivir, avira, avira searchfree toolbar, bho, bonjour, defender, error, excel, explorer, fehler, firefox, flash player, format, geld, google earth, helper, logfile, malware, mozilla, national, object, plug-in, registry, safer networking, saving, scan, searchscopes, software, spyware, virus, vista


« Virenscanner findet: EXP/CVE-2010-0840.HF, EXP/2012-1723.CY und EXP/Pidief.aew | Kritischerfehler in MS security Essential beim entferen von Win64/Sirefef.Y »


Ähnliche Themen: Spyware Z.Bot124.Gen eingefangen


  1. Spyware eingefangen .... !
    Plagegeister aller Art und deren Bekämpfung - 25.07.2014 (35)
  2. Verschlüsselungstrojaner eingefangen: (Spyware.Zbot)(Trojan.FakeAlert)
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (17)
  3. spyware hunter eingefangen
    Plagegeister aller Art und deren Bekämpfung - 23.06.2010 (15)
  4. Spyware eingefangen
    Plagegeister aller Art und deren Bekämpfung - 06.01.2010 (1)
  5. Warning! Spyware detected on your computer install an antivirus or spyware remover to
    Plagegeister aller Art und deren Bekämpfung - 11.09.2008 (30)
  6. Warning. Spyware detected on your computer. Install an Antivirus or spyware ...
    Plagegeister aller Art und deren Bekämpfung - 25.08.2008 (4)
  7. Spyware.BHO
    Plagegeister aller Art und deren Bekämpfung - 25.07.2008 (2)
  8. MSN Virus/Spyware o.ä. eingefangen
    Plagegeister aller Art und deren Bekämpfung - 28.11.2007 (3)
  9. Hab mir eine Spyware und einen Trojaner eingefangen - Brauche Hilfe
    Plagegeister aller Art und deren Bekämpfung - 11.03.2007 (15)
  10. cydoor spyware eingefangen
    Log-Analyse und Auswertung - 24.08.2006 (10)
  11. 180Solutions Spyware/, VX2 Spyware/Adware, VB and VBA Program Settings Spyware/Adware
    Log-Analyse und Auswertung - 12.07.2006 (10)
  12. Trojaner/Spyware eingefangen
    Plagegeister aller Art und deren Bekämpfung - 07.07.2006 (17)
  13. Habe mir Virus oder Spyware eingefangen
    Log-Analyse und Auswertung - 31.12.2005 (5)
  14. Spyware eingefangen?
    Log-Analyse und Auswertung - 29.12.2005 (11)
  15. Spyware
    Log-Analyse und Auswertung - 20.12.2005 (8)
  16. Spyware, keine ahnung wo sie sein soll, pc hat keine anzeichen von spyware
    Plagegeister aller Art und deren Bekämpfung - 07.12.2005 (6)
  17. Trojaner/Spyware eingefangen! Wie weiter?
    Plagegeister aller Art und deren Bekämpfung - 01.12.2005 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Spyware Z.Bot124.Gen eingefangen - Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert - Spyware Z.Bot124.Gen eingefangen...
Archiv
Du betrachtest: Spyware Z.Bot124.Gen eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131