| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Live Security Befall - Asus Notebook Formatierung?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.08.2012, 15:24
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Live Security Befall - Asus Notebook Formatierung? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.08.2012, 20:28
| #17 |
 | Live Security Befall - Asus Notebook Formatierung? TDSS-Killer Log
__________________Code:
ATTFilter 21:25:08.0392 5736 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:25:08.0719 5736 ============================================================
21:25:08.0719 5736 Current date / time: 2012/08/07 21:25:08.0719
21:25:08.0719 5736 SystemInfo:
21:25:08.0719 5736
21:25:08.0719 5736 OS Version: 6.1.7601 ServicePack: 1.0
21:25:08.0719 5736 Product type: Workstation
21:25:08.0719 5736 ComputerName: SMOKINGCATERPIL
21:25:08.0719 5736 UserName: smoking caterpillar
21:25:08.0719 5736 Windows directory: C:\Windows
21:25:08.0719 5736 System windows directory: C:\Windows
21:25:08.0719 5736 Running under WOW64
21:25:08.0719 5736 Processor architecture: Intel x64
21:25:08.0719 5736 Number of processors: 4
21:25:08.0719 5736 Page size: 0x1000
21:25:08.0719 5736 Boot type: Normal boot
21:25:08.0719 5736 ============================================================
21:25:09.0281 5736 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:25:09.0281 5736 ============================================================
21:25:09.0281 5736 \Device\Harddisk0\DR0:
21:25:09.0281 5736 MBR partitions:
21:25:09.0281 5736 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xEE79000
21:25:09.0281 5736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12079800, BlocksNum 0x133B4800
21:25:09.0281 5736 ============================================================
21:25:09.0312 5736 C: <-> \Device\Harddisk0\DR0\Partition0
21:25:09.0359 5736 D: <-> \Device\Harddisk0\DR0\Partition1
21:25:09.0359 5736 ============================================================
21:25:09.0359 5736 Initialize success
21:25:09.0359 5736 ============================================================
21:25:20.0856 6224 ============================================================
21:25:20.0856 6224 Scan started
21:25:20.0856 6224 Mode: Manual; SigCheck; TDLFS;
21:25:20.0856 6224 ============================================================
21:25:21.0652 6224 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:25:21.0792 6224 1394ohci - ok
21:25:21.0854 6224 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:25:21.0886 6224 ACPI - ok
21:25:21.0932 6224 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:25:22.0073 6224 AcpiPmi - ok
21:25:22.0166 6224 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:25:22.0182 6224 adp94xx - ok
21:25:22.0229 6224 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:25:22.0260 6224 adpahci - ok
21:25:22.0291 6224 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:25:22.0307 6224 adpu320 - ok
21:25:22.0338 6224 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:25:22.0478 6224 AeLookupSvc - ok
21:25:22.0541 6224 AFBAgent (6e79a119b0ce418fe44e0c824bf3f039) C:\Windows\system32\FBAgent.exe
21:25:22.0556 6224 AFBAgent - ok
21:25:22.0634 6224 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:25:22.0712 6224 AFD - ok
21:25:22.0759 6224 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:25:22.0790 6224 agp440 - ok
21:25:22.0837 6224 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:25:22.0915 6224 ALG - ok
21:25:22.0946 6224 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:25:22.0978 6224 aliide - ok
21:25:23.0009 6224 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:25:23.0009 6224 amdide - ok
21:25:23.0040 6224 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:25:23.0102 6224 AmdK8 - ok
21:25:23.0118 6224 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:25:23.0165 6224 AmdPPM - ok
21:25:23.0227 6224 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:25:23.0258 6224 amdsata - ok
21:25:23.0290 6224 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:25:23.0305 6224 amdsbs - ok
21:25:23.0321 6224 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:25:23.0336 6224 amdxata - ok
21:25:23.0446 6224 Amsp (18f64623e76ff58009d6f9cb9dea5d0a) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
21:25:23.0477 6224 Amsp - ok
21:25:23.0524 6224 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:25:23.0742 6224 AppID - ok
21:25:23.0789 6224 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:25:23.0867 6224 AppIDSvc - ok
21:25:23.0914 6224 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:25:23.0992 6224 Appinfo - ok
21:25:24.0023 6224 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:25:24.0038 6224 arc - ok
21:25:24.0070 6224 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:25:24.0085 6224 arcsas - ok
21:25:24.0194 6224 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
21:25:24.0210 6224 ASLDRService - ok
21:25:24.0241 6224 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
21:25:24.0272 6224 ASMMAP64 - ok
21:25:24.0319 6224 asmthub3 (0aa7a996792fb0287b33a57a8093ae44) C:\Windows\system32\DRIVERS\asmthub3.sys
21:25:24.0382 6224 asmthub3 - ok
21:25:24.0428 6224 asmtxhci (125dc3abf5bfccfe82ad17d078e0b9ec) C:\Windows\system32\DRIVERS\asmtxhci.sys
21:25:24.0475 6224 asmtxhci - ok
21:25:24.0569 6224 ASUS InstantOn (9836dda9a33dacc7f40a672c47ad70d0) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
21:25:24.0584 6224 ASUS InstantOn - ok
21:25:24.0616 6224 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:25:24.0709 6224 AsyncMac - ok
21:25:24.0740 6224 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:25:24.0772 6224 atapi - ok
21:25:24.0943 6224 athr (de9fb3dade8fd39ae2c587df22d36b8e) C:\Windows\system32\DRIVERS\athrx.sys
21:25:25.0068 6224 athr - ok
21:25:25.0162 6224 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
21:25:25.0177 6224 ATKGFNEXSrv - ok
21:25:25.0286 6224 ATKWMIACPIIO (41ceaffcf3550785e59e3ec9bee8d97a) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
21:25:25.0302 6224 ATKWMIACPIIO - ok
21:25:25.0458 6224 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:25:25.0567 6224 AudioEndpointBuilder - ok
21:25:25.0567 6224 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:25:25.0614 6224 AudioSrv - ok
21:25:25.0692 6224 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:25:25.0786 6224 AxInstSV - ok
21:25:25.0864 6224 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:25:25.0957 6224 b06bdrv - ok
21:25:25.0988 6224 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:25:26.0035 6224 b57nd60a - ok
21:25:26.0082 6224 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:25:26.0129 6224 BDESVC - ok
21:25:26.0176 6224 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:25:26.0254 6224 Beep - ok
21:25:26.0316 6224 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:25:26.0363 6224 blbdrive - ok
21:25:26.0410 6224 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:25:26.0488 6224 bowser - ok
21:25:26.0534 6224 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:25:26.0644 6224 BrFiltLo - ok
21:25:26.0659 6224 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:25:26.0706 6224 BrFiltUp - ok
21:25:26.0768 6224 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:25:26.0831 6224 Browser - ok
21:25:26.0862 6224 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:25:26.0940 6224 Brserid - ok
21:25:26.0971 6224 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:25:27.0002 6224 BrSerWdm - ok
21:25:27.0034 6224 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:25:27.0065 6224 BrUsbMdm - ok
21:25:27.0080 6224 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:25:27.0112 6224 BrUsbSer - ok
21:25:27.0143 6224 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
21:25:27.0205 6224 BthEnum - ok
21:25:27.0252 6224 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:25:27.0299 6224 BTHMODEM - ok
21:25:27.0346 6224 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:25:27.0377 6224 BthPan - ok
21:25:27.0439 6224 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
21:25:27.0502 6224 BTHPORT - ok
21:25:27.0548 6224 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:25:27.0642 6224 bthserv - ok
21:25:27.0658 6224 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
21:25:27.0673 6224 BTHUSB - ok
21:25:27.0704 6224 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:25:27.0782 6224 cdfs - ok
21:25:27.0814 6224 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:25:27.0860 6224 cdrom - ok
21:25:27.0907 6224 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:25:28.0001 6224 CertPropSvc - ok
21:25:28.0048 6224 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:25:28.0079 6224 circlass - ok
21:25:28.0141 6224 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:25:28.0188 6224 CLFS - ok
21:25:28.0250 6224 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:25:28.0282 6224 clr_optimization_v2.0.50727_32 - ok
21:25:28.0328 6224 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:25:28.0344 6224 clr_optimization_v2.0.50727_64 - ok
21:25:28.0453 6224 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:25:28.0484 6224 clr_optimization_v4.0.30319_32 - ok
21:25:28.0547 6224 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:25:28.0562 6224 clr_optimization_v4.0.30319_64 - ok
21:25:28.0640 6224 CLVirtualDrive (1cce5f4dd276b4b877650437bc5cb31b) C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
21:25:28.0656 6224 CLVirtualDrive - ok
21:25:28.0687 6224 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:25:28.0734 6224 CmBatt - ok
21:25:28.0765 6224 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:25:28.0781 6224 cmdide - ok
21:25:28.0843 6224 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
21:25:28.0890 6224 CNG - ok
21:25:28.0937 6224 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:25:28.0968 6224 Compbatt - ok
21:25:29.0015 6224 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:25:29.0077 6224 CompositeBus - ok
21:25:29.0093 6224 COMSysApp - ok
21:25:29.0108 6224 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:25:29.0124 6224 crcdisk - ok
21:25:29.0171 6224 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
21:25:29.0218 6224 CryptSvc - ok
21:25:29.0311 6224 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:25:29.0389 6224 DcomLaunch - ok
21:25:29.0467 6224 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:25:29.0561 6224 defragsvc - ok
21:25:29.0623 6224 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:25:29.0686 6224 DfsC - ok
21:25:29.0748 6224 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:25:29.0810 6224 Dhcp - ok
21:25:29.0857 6224 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:25:29.0935 6224 discache - ok
21:25:29.0982 6224 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:25:30.0013 6224 Disk - ok
21:25:30.0060 6224 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:25:30.0122 6224 Dnscache - ok
21:25:30.0169 6224 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:25:30.0247 6224 dot3svc - ok
21:25:30.0278 6224 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:25:30.0356 6224 DPS - ok
21:25:30.0388 6224 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:25:30.0450 6224 drmkaud - ok
21:25:30.0528 6224 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:25:30.0575 6224 DXGKrnl - ok
21:25:30.0622 6224 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:25:30.0684 6224 EapHost - ok
21:25:30.0856 6224 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:25:30.0996 6224 ebdrv - ok
21:25:31.0090 6224 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:25:31.0168 6224 EFS - ok
21:25:31.0261 6224 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:25:31.0370 6224 ehRecvr - ok
21:25:31.0386 6224 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:25:31.0464 6224 ehSched - ok
21:25:31.0558 6224 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:25:31.0620 6224 elxstor - ok
21:25:31.0620 6224 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:25:31.0667 6224 ErrDev - ok
21:25:31.0714 6224 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:25:31.0776 6224 EventSystem - ok
21:25:31.0838 6224 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:25:31.0885 6224 exfat - ok
21:25:31.0901 6224 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:25:31.0963 6224 fastfat - ok
21:25:32.0026 6224 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:25:32.0119 6224 Fax - ok
21:25:32.0135 6224 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:25:32.0182 6224 fdc - ok
21:25:32.0213 6224 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:25:32.0306 6224 fdPHost - ok
21:25:32.0322 6224 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:25:32.0369 6224 FDResPub - ok
21:25:32.0416 6224 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:25:32.0431 6224 FileInfo - ok
21:25:32.0447 6224 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:25:32.0509 6224 Filetrace - ok
21:25:32.0525 6224 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:25:32.0556 6224 flpydisk - ok
21:25:32.0603 6224 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:25:32.0618 6224 FltMgr - ok
21:25:32.0712 6224 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:25:32.0790 6224 FontCache - ok
21:25:32.0884 6224 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:25:32.0899 6224 FontCache3.0.0.0 - ok
21:25:32.0977 6224 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:25:32.0993 6224 FsDepends - ok
21:25:33.0024 6224 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
21:25:33.0040 6224 fssfltr - ok
21:25:33.0180 6224 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:25:33.0227 6224 fsssvc - ok
21:25:33.0336 6224 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:25:33.0352 6224 Fs_Rec - ok
21:25:33.0414 6224 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:25:33.0445 6224 fvevol - ok
21:25:33.0461 6224 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:25:33.0476 6224 gagp30kx - ok
21:25:33.0539 6224 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:25:33.0664 6224 gpsvc - ok
21:25:33.0679 6224 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:25:33.0695 6224 hcw85cir - ok
21:25:33.0742 6224 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:25:33.0788 6224 HdAudAddService - ok
21:25:33.0835 6224 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:25:33.0866 6224 HDAudBus - ok
21:25:33.0882 6224 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:25:33.0913 6224 HidBatt - ok
21:25:33.0944 6224 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:25:33.0976 6224 HidBth - ok
21:25:34.0007 6224 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:25:34.0022 6224 HidIr - ok
21:25:34.0038 6224 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:25:34.0100 6224 hidserv - ok
21:25:34.0116 6224 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:25:34.0147 6224 HidUsb - ok
21:25:34.0178 6224 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:25:34.0225 6224 hkmsvc - ok
21:25:34.0256 6224 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:25:34.0319 6224 HomeGroupListener - ok
21:25:34.0366 6224 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:25:34.0412 6224 HomeGroupProvider - ok
21:25:34.0444 6224 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:25:34.0459 6224 HpSAMD - ok
21:25:34.0506 6224 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:25:34.0615 6224 HTTP - ok
21:25:34.0646 6224 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:25:34.0662 6224 hwpolicy - ok
21:25:34.0693 6224 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:25:34.0709 6224 i8042prt - ok
21:25:34.0771 6224 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
21:25:34.0787 6224 iaStor - ok
21:25:34.0849 6224 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:25:34.0865 6224 iaStorV - ok
21:25:34.0880 6224 ICQ Service - ok
21:25:35.0021 6224 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:25:35.0052 6224 idsvc - ok
21:25:35.0660 6224 igfx (10bb0dc3361c9420cc1b0b2128bb89db) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:25:36.0097 6224 igfx - ok
21:25:36.0206 6224 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:25:36.0222 6224 iirsp - ok
21:25:36.0284 6224 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:25:36.0362 6224 IKEEXT - ok
21:25:36.0581 6224 IntcAzAudAddService (cb7dadef3d83fe2c12655a0bdcba99f2) C:\Windows\system32\drivers\RTKVHD64.sys
21:25:36.0628 6224 IntcAzAudAddService - ok
21:25:36.0768 6224 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:25:36.0815 6224 IntcDAud - ok
21:25:36.0846 6224 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:25:36.0877 6224 intelide - ok
21:25:36.0893 6224 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:25:36.0940 6224 intelppm - ok
21:25:36.0986 6224 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:25:37.0064 6224 IPBusEnum - ok
21:25:37.0111 6224 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:25:37.0158 6224 IpFilterDriver - ok
21:25:37.0174 6224 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:25:37.0205 6224 IPMIDRV - ok
21:25:37.0252 6224 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:25:37.0314 6224 IPNAT - ok
21:25:37.0361 6224 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:25:37.0470 6224 IRENUM - ok
21:25:37.0486 6224 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:25:37.0501 6224 isapnp - ok
21:25:37.0532 6224 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:25:37.0564 6224 iScsiPrt - ok
21:25:37.0673 6224 ISODrive (9c6f3f69163133fb8e56ac4a6e163452) C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
21:25:37.0688 6224 ISODrive - ok
21:25:37.0735 6224 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:25:37.0751 6224 kbdclass - ok
21:25:37.0782 6224 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:25:37.0829 6224 kbdhid - ok
21:25:37.0876 6224 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
21:25:37.0907 6224 kbfiltr - ok
21:25:37.0938 6224 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:25:37.0954 6224 KeyIso - ok
21:25:38.0000 6224 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
21:25:38.0032 6224 KSecDD - ok
21:25:38.0047 6224 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
21:25:38.0063 6224 KSecPkg - ok
21:25:38.0094 6224 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:25:38.0141 6224 ksthunk - ok
21:25:38.0203 6224 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:25:38.0266 6224 KtmRm - ok
21:25:38.0328 6224 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
21:25:38.0359 6224 L1C - ok
21:25:38.0406 6224 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:25:38.0453 6224 LanmanServer - ok
21:25:38.0484 6224 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:25:38.0531 6224 LanmanWorkstation - ok
21:25:38.0578 6224 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:25:38.0640 6224 lltdio - ok
21:25:38.0702 6224 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:25:38.0780 6224 lltdsvc - ok
21:25:38.0812 6224 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:25:38.0843 6224 lmhosts - ok
21:25:38.0983 6224 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:25:38.0999 6224 LMS - ok
21:25:39.0061 6224 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:25:39.0092 6224 LSI_FC - ok
21:25:39.0108 6224 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:25:39.0124 6224 LSI_SAS - ok
21:25:39.0139 6224 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:25:39.0155 6224 LSI_SAS2 - ok
21:25:39.0170 6224 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:25:39.0186 6224 LSI_SCSI - ok
21:25:39.0217 6224 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:25:39.0295 6224 luafv - ok
21:25:39.0342 6224 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:25:39.0373 6224 Mcx2Svc - ok
21:25:39.0389 6224 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:25:39.0404 6224 megasas - ok
21:25:39.0451 6224 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:25:39.0467 6224 MegaSR - ok
21:25:39.0498 6224 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
21:25:39.0498 6224 MEIx64 - ok
21:25:39.0529 6224 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:25:39.0607 6224 MMCSS - ok
21:25:39.0623 6224 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:25:39.0670 6224 Modem - ok
21:25:39.0716 6224 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:25:39.0748 6224 monitor - ok
21:25:39.0779 6224 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:25:39.0779 6224 mouclass - ok
21:25:39.0810 6224 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:25:39.0857 6224 mouhid - ok
21:25:39.0888 6224 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:25:39.0919 6224 mountmgr - ok
21:25:40.0013 6224 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:25:40.0028 6224 MozillaMaintenance - ok
21:25:40.0060 6224 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:25:40.0060 6224 mpio - ok
21:25:40.0091 6224 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:25:40.0138 6224 mpsdrv - ok
21:25:40.0169 6224 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:25:40.0216 6224 MRxDAV - ok
21:25:40.0247 6224 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:25:40.0309 6224 mrxsmb - ok
21:25:40.0340 6224 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:25:40.0372 6224 mrxsmb10 - ok
21:25:40.0403 6224 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:25:40.0434 6224 mrxsmb20 - ok
21:25:40.0465 6224 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:25:40.0481 6224 msahci - ok
21:25:40.0512 6224 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:25:40.0528 6224 msdsm - ok
21:25:40.0574 6224 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:25:40.0621 6224 MSDTC - ok
21:25:40.0652 6224 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:25:40.0699 6224 Msfs - ok
21:25:40.0730 6224 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:25:40.0793 6224 mshidkmdf - ok
21:25:40.0808 6224 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:25:40.0808 6224 msisadrv - ok
21:25:40.0855 6224 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:25:40.0902 6224 MSiSCSI - ok
21:25:40.0918 6224 msiserver - ok
21:25:40.0949 6224 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:25:41.0011 6224 MSKSSRV - ok
21:25:41.0027 6224 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:25:41.0074 6224 MSPCLOCK - ok
21:25:41.0105 6224 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:25:41.0167 6224 MSPQM - ok
21:25:41.0198 6224 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:25:41.0245 6224 MsRPC - ok
21:25:41.0276 6224 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:25:41.0276 6224 mssmbios - ok
21:25:41.0308 6224 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:25:41.0354 6224 MSTEE - ok
21:25:41.0370 6224 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:25:41.0417 6224 MTConfig - ok
21:25:41.0432 6224 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:25:41.0432 6224 Mup - ok
21:25:41.0495 6224 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:25:41.0573 6224 napagent - ok
21:25:41.0620 6224 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:25:41.0682 6224 NativeWifiP - ok
21:25:41.0776 6224 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
21:25:41.0838 6224 NDIS - ok
21:25:41.0869 6224 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:25:41.0900 6224 NdisCap - ok
21:25:41.0916 6224 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:25:41.0963 6224 NdisTapi - ok
21:25:41.0994 6224 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:25:42.0072 6224 Ndisuio - ok
21:25:42.0088 6224 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:25:42.0150 6224 NdisWan - ok
21:25:42.0197 6224 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:25:42.0275 6224 NDProxy - ok
21:25:42.0306 6224 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:25:42.0353 6224 NetBIOS - ok
21:25:42.0384 6224 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:25:42.0431 6224 NetBT - ok
21:25:42.0478 6224 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:25:42.0478 6224 Netlogon - ok
21:25:42.0540 6224 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:25:42.0634 6224 Netman - ok
21:25:42.0680 6224 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:25:42.0758 6224 netprofm - ok
21:25:42.0868 6224 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:25:42.0883 6224 NetTcpPortSharing - ok
21:25:42.0914 6224 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:25:42.0930 6224 nfrd960 - ok
21:25:42.0977 6224 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:25:43.0039 6224 NlaSvc - ok
21:25:43.0086 6224 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
21:25:43.0102 6224 NPF - ok
21:25:43.0117 6224 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:25:43.0164 6224 Npfs - ok
21:25:43.0180 6224 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:25:43.0258 6224 nsi - ok
21:25:43.0304 6224 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:25:43.0382 6224 nsiproxy - ok
21:25:43.0492 6224 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:25:43.0585 6224 Ntfs - ok
21:25:43.0694 6224 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:25:43.0772 6224 Null - ok
21:25:43.0819 6224 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:25:43.0850 6224 nvraid - ok
21:25:43.0866 6224 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:25:43.0882 6224 nvstor - ok
21:25:43.0913 6224 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:25:43.0928 6224 nv_agp - ok
21:25:43.0944 6224 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:25:43.0975 6224 ohci1394 - ok
21:25:44.0022 6224 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:25:44.0069 6224 p2pimsvc - ok
21:25:44.0084 6224 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:25:44.0116 6224 p2psvc - ok
21:25:44.0147 6224 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:25:44.0178 6224 Parport - ok
21:25:44.0209 6224 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:25:44.0225 6224 partmgr - ok
21:25:44.0256 6224 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:25:44.0287 6224 PcaSvc - ok
21:25:44.0334 6224 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:25:44.0350 6224 pci - ok
21:25:44.0365 6224 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:25:44.0381 6224 pciide - ok
21:25:44.0396 6224 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:25:44.0412 6224 pcmcia - ok
21:25:44.0428 6224 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:25:44.0443 6224 pcw - ok
21:25:44.0490 6224 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:25:44.0568 6224 PEAUTH - ok
21:25:44.0662 6224 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:25:44.0693 6224 PerfHost - ok
21:25:44.0802 6224 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:25:44.0896 6224 pla - ok
21:25:44.0974 6224 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:25:45.0052 6224 PlugPlay - ok
21:25:45.0083 6224 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:25:45.0114 6224 PNRPAutoReg - ok
21:25:45.0145 6224 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:25:45.0161 6224 PNRPsvc - ok
21:25:45.0223 6224 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:25:45.0286 6224 PolicyAgent - ok
21:25:45.0348 6224 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:25:45.0410 6224 Power - ok
21:25:45.0488 6224 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:25:45.0582 6224 PptpMiniport - ok
21:25:45.0598 6224 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:25:45.0629 6224 Processor - ok
21:25:45.0660 6224 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
21:25:45.0707 6224 ProfSvc - ok
21:25:45.0722 6224 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:25:45.0754 6224 ProtectedStorage - ok
21:25:45.0800 6224 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:25:45.0863 6224 Psched - ok
21:25:45.0956 6224 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:25:46.0019 6224 ql2300 - ok
21:25:46.0112 6224 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:25:46.0144 6224 ql40xx - ok
21:25:46.0190 6224 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:25:46.0222 6224 QWAVE - ok
21:25:46.0237 6224 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:25:46.0284 6224 QWAVEdrv - ok
21:25:46.0300 6224 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:25:46.0362 6224 RasAcd - ok
21:25:46.0409 6224 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:25:46.0456 6224 RasAgileVpn - ok
21:25:46.0487 6224 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:25:46.0549 6224 RasAuto - ok
21:25:46.0580 6224 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:25:46.0658 6224 Rasl2tp - ok
21:25:46.0721 6224 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:25:46.0783 6224 RasMan - ok
21:25:46.0814 6224 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:25:46.0861 6224 RasPppoe - ok
21:25:46.0908 6224 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:25:46.0986 6224 RasSstp - ok
21:25:47.0017 6224 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:25:47.0095 6224 rdbss - ok
21:25:47.0111 6224 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:25:47.0158 6224 rdpbus - ok
21:25:47.0173 6224 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:25:47.0220 6224 RDPCDD - ok
21:25:47.0267 6224 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:25:47.0314 6224 RDPENCDD - ok
21:25:47.0345 6224 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:25:47.0407 6224 RDPREFMP - ok
21:25:47.0438 6224 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
21:25:47.0516 6224 RDPWD - ok
21:25:47.0548 6224 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:25:47.0579 6224 rdyboost - ok
21:25:47.0626 6224 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:25:47.0704 6224 RemoteAccess - ok
21:25:47.0719 6224 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:25:47.0782 6224 RemoteRegistry - ok
21:25:47.0828 6224 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:25:47.0875 6224 RFCOMM - ok
21:25:47.0953 6224 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
21:25:47.0984 6224 rpcapd - ok
21:25:48.0016 6224 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:25:48.0094 6224 RpcEptMapper - ok
21:25:48.0109 6224 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:25:48.0140 6224 RpcLocator - ok
21:25:48.0187 6224 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:25:48.0234 6224 RpcSs - ok
21:25:48.0265 6224 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:25:48.0296 6224 rspndr - ok
21:25:48.0328 6224 s117bus (6c90231046fb9fc4123c42179832817f) C:\Windows\system32\DRIVERS\s117bus.sys
21:25:48.0328 6224 s117bus - ok
21:25:48.0374 6224 s117mdfl (3279341c90ef8f226af77623039f4495) C:\Windows\system32\DRIVERS\s117mdfl.sys
21:25:48.0390 6224 s117mdfl - ok
21:25:48.0406 6224 s117mdm (73e331f555279e753b312675ddaf4516) C:\Windows\system32\DRIVERS\s117mdm.sys
21:25:48.0421 6224 s117mdm - ok
21:25:48.0437 6224 s117mgmt (d420731fd2880f0f40f20771efaad671) C:\Windows\system32\DRIVERS\s117mgmt.sys
21:25:48.0452 6224 s117mgmt - ok
21:25:48.0468 6224 s117nd5 (98236ca5a9a77d0983ac3f6d6527c796) C:\Windows\system32\DRIVERS\s117nd5.sys
21:25:48.0468 6224 s117nd5 - ok
21:25:48.0515 6224 s117obex (1dd613909477ae298c98e86617ec356b) C:\Windows\system32\DRIVERS\s117obex.sys
21:25:48.0515 6224 s117obex - ok
21:25:48.0530 6224 s117unic (9a22df5fe9b6be279d820776a6adb56f) C:\Windows\system32\DRIVERS\s117unic.sys
21:25:48.0546 6224 s117unic - ok
21:25:48.0562 6224 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:25:48.0577 6224 SamSs - ok
21:25:48.0608 6224 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:25:48.0640 6224 sbp2port - ok
21:25:48.0686 6224 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:25:48.0733 6224 SCardSvr - ok
21:25:48.0749 6224 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:25:48.0796 6224 scfilter - ok
21:25:48.0874 6224 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:25:48.0952 6224 Schedule - ok
21:25:48.0983 6224 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:25:49.0014 6224 SCPolicySvc - ok
21:25:49.0045 6224 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:25:49.0092 6224 SDRSVC - ok
21:25:49.0217 6224 SearchAnonymizer (0f4a80438e7286a0e623582f5f2395bd) C:\Users\smoking caterpillar\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
21:25:49.0217 6224 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
21:25:49.0217 6224 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
21:25:49.0295 6224 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:25:49.0373 6224 secdrv - ok
21:25:49.0404 6224 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:25:49.0451 6224 seclogon - ok
21:25:49.0482 6224 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:25:49.0529 6224 SENS - ok
21:25:49.0560 6224 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:25:49.0607 6224 SensrSvc - ok
21:25:49.0622 6224 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:25:49.0654 6224 Serenum - ok
21:25:49.0700 6224 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:25:49.0732 6224 Serial - ok
21:25:49.0778 6224 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:25:49.0810 6224 sermouse - ok
21:25:49.0856 6224 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:25:49.0919 6224 SessionEnv - ok
21:25:49.0934 6224 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:25:49.0997 6224 sffdisk - ok
21:25:50.0028 6224 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:25:50.0059 6224 sffp_mmc - ok
21:25:50.0075 6224 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:25:50.0106 6224 sffp_sd - ok
21:25:50.0122 6224 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:25:50.0153 6224 sfloppy - ok
21:25:50.0200 6224 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:25:50.0262 6224 ShellHWDetection - ok
21:25:50.0309 6224 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
21:25:50.0340 6224 SiSGbeLH - ok
21:25:50.0387 6224 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:25:50.0418 6224 SiSRaid2 - ok
21:25:50.0434 6224 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:25:50.0434 6224 SiSRaid4 - ok
21:25:50.0543 6224 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:25:50.0558 6224 SkypeUpdate - ok
21:25:50.0605 6224 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:25:50.0652 6224 Smb - ok
21:25:50.0699 6224 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:25:50.0730 6224 SNMPTRAP - ok
21:25:50.0746 6224 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:25:50.0761 6224 spldr - ok
21:25:50.0808 6224 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:25:50.0870 6224 Spooler - ok
21:25:51.0042 6224 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:25:51.0151 6224 sppsvc - ok
21:25:51.0276 6224 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:25:51.0338 6224 sppuinotify - ok
21:25:51.0416 6224 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:25:51.0479 6224 srv - ok
21:25:51.0526 6224 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:25:51.0557 6224 srv2 - ok
21:25:51.0572 6224 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:25:51.0604 6224 srvnet - ok
21:25:51.0650 6224 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:25:51.0728 6224 SSDPSRV - ok
21:25:51.0744 6224 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:25:51.0806 6224 SstpSvc - ok
21:25:51.0822 6224 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:25:51.0838 6224 stexstor - ok
21:25:51.0884 6224 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:25:51.0931 6224 stisvc - ok
21:25:51.0947 6224 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:25:51.0962 6224 swenum - ok
21:25:52.0009 6224 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:25:52.0087 6224 swprv - ok
21:25:52.0212 6224 SynTP (7e8902f9929a5d9ffd0f545332ce0f10) C:\Windows\system32\DRIVERS\SynTP.sys
21:25:52.0274 6224 SynTP - ok
21:25:52.0462 6224 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:25:52.0540 6224 SysMain - ok
21:25:52.0618 6224 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:25:52.0664 6224 TabletInputService - ok
21:25:52.0711 6224 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:25:52.0789 6224 TapiSrv - ok
21:25:52.0805 6224 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:25:52.0867 6224 TBS - ok
21:25:53.0039 6224 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:25:53.0132 6224 Tcpip - ok
21:25:53.0304 6224 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:25:53.0351 6224 TCPIP6 - ok
21:25:53.0444 6224 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:25:53.0522 6224 tcpipreg - ok
21:25:53.0554 6224 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:25:53.0569 6224 TDPIPE - ok
21:25:53.0600 6224 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:25:53.0616 6224 TDTCP - ok
21:25:53.0647 6224 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:25:53.0694 6224 tdx - ok
21:25:53.0741 6224 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:25:53.0756 6224 TermDD - ok
21:25:53.0819 6224 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:25:53.0881 6224 TermService - ok
21:25:53.0897 6224 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:25:53.0959 6224 Themes - ok
21:25:53.0990 6224 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:25:54.0022 6224 THREADORDER - ok
21:25:54.0068 6224 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
21:25:54.0084 6224 tmactmon - ok
21:25:54.0115 6224 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
21:25:54.0115 6224 tmcomm - ok
21:25:54.0146 6224 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
21:25:54.0146 6224 tmevtmgr - ok
21:25:54.0193 6224 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
21:25:54.0209 6224 tmtdi - ok
21:25:54.0256 6224 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:25:54.0334 6224 TrkWks - ok
21:25:54.0396 6224 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:25:54.0458 6224 TrustedInstaller - ok
21:25:54.0505 6224 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:25:54.0536 6224 tssecsrv - ok
21:25:54.0568 6224 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:25:54.0614 6224 TsUsbFlt - ok
21:25:54.0630 6224 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:25:54.0661 6224 TsUsbGD - ok
21:25:54.0708 6224 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:25:54.0786 6224 tunnel - ok
21:25:54.0802 6224 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:25:54.0817 6224 uagp35 - ok
21:25:54.0833 6224 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:25:54.0911 6224 udfs - ok
21:25:54.0942 6224 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:25:54.0989 6224 UI0Detect - ok
21:25:55.0036 6224 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:25:55.0051 6224 uliagpkx - ok
21:25:55.0082 6224 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:25:55.0129 6224 umbus - ok
21:25:55.0145 6224 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:25:55.0176 6224 UmPass - ok
21:25:55.0394 6224 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:25:55.0457 6224 UNS - ok
21:25:55.0582 6224 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:25:55.0644 6224 upnphost - ok
21:25:55.0706 6224 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:25:55.0769 6224 usbccgp - ok
21:25:55.0816 6224 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:25:55.0862 6224 usbcir - ok
21:25:55.0909 6224 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:25:55.0925 6224 usbehci - ok
21:25:55.0987 6224 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:25:56.0034 6224 usbhub - ok
21:25:56.0065 6224 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:25:56.0081 6224 usbohci - ok
21:25:56.0112 6224 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:25:56.0128 6224 usbprint - ok
21:25:56.0159 6224 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:25:56.0174 6224 USBSTOR - ok
21:25:56.0221 6224 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:25:56.0252 6224 usbuhci - ok
21:25:56.0299 6224 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
21:25:56.0362 6224 usbvideo - ok
21:25:56.0393 6224 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:25:56.0440 6224 UxSms - ok
21:25:56.0471 6224 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:25:56.0486 6224 VaultSvc - ok
21:25:56.0502 6224 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:25:56.0518 6224 vdrvroot - ok
21:25:56.0564 6224 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:25:56.0611 6224 vds - ok
21:25:56.0674 6224 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:25:56.0689 6224 vga - ok
21:25:56.0720 6224 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:25:56.0752 6224 VgaSave - ok
21:25:56.0783 6224 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:25:56.0798 6224 vhdmp - ok
21:25:56.0798 6224 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:25:56.0814 6224 viaide - ok
21:25:56.0845 6224 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:25:56.0861 6224 volmgr - ok
21:25:56.0892 6224 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:25:56.0908 6224 volmgrx - ok
21:25:56.0939 6224 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:25:56.0954 6224 volsnap - ok
21:25:56.0986 6224 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:25:57.0001 6224 vsmraid - ok
21:25:57.0110 6224 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:25:57.0188 6224 VSS - ok
21:25:57.0282 6224 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:25:57.0329 6224 vwifibus - ok
21:25:57.0360 6224 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:25:57.0391 6224 vwififlt - ok
21:25:57.0422 6224 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
21:25:57.0454 6224 vwifimp - ok
21:25:57.0516 6224 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:25:57.0578 6224 W32Time - ok
21:25:57.0594 6224 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:25:57.0625 6224 WacomPen - ok
21:25:57.0672 6224 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:25:57.0734 6224 WANARP - ok
21:25:57.0734 6224 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:25:57.0766 6224 Wanarpv6 - ok
21:25:57.0859 6224 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:25:57.0937 6224 wbengine - ok
21:25:58.0031 6224 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:25:58.0078 6224 WbioSrvc - ok
21:25:58.0124 6224 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:25:58.0187 6224 wcncsvc - ok
21:25:58.0202 6224 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:25:58.0249 6224 WcsPlugInService - ok
21:25:58.0312 6224 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:25:58.0327 6224 Wd - ok
21:25:58.0374 6224 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:25:58.0421 6224 Wdf01000 - ok
21:25:58.0436 6224 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:25:58.0546 6224 WdiServiceHost - ok
21:25:58.0561 6224 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:25:58.0592 6224 WdiSystemHost - ok
21:25:58.0608 6224 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:25:58.0639 6224 WebClient - ok
21:25:58.0686 6224 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:25:58.0733 6224 Wecsvc - ok
21:25:58.0764 6224 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:25:58.0811 6224 wercplsupport - ok
21:25:58.0858 6224 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:25:58.0936 6224 WerSvc - ok
21:25:58.0998 6224 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:25:59.0045 6224 WfpLwf - ok
21:25:59.0123 6224 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
21:25:59.0138 6224 WimFltr - ok
21:25:59.0170 6224 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:25:59.0185 6224 WIMMount - ok
21:25:59.0185 6224 WinHttpAutoProxySvc - ok
21:25:59.0248 6224 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:25:59.0341 6224 Winmgmt - ok
21:25:59.0466 6224 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:25:59.0560 6224 WinRM - ok
21:25:59.0700 6224 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:25:59.0731 6224 WinUsb - ok
21:25:59.0809 6224 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:25:59.0872 6224 Wlansvc - ok
21:25:59.0965 6224 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:25:59.0981 6224 wlcrasvc - ok
21:26:00.0199 6224 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:26:00.0262 6224 wlidsvc - ok
21:26:00.0371 6224 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:26:00.0418 6224 WmiAcpi - ok
21:26:00.0480 6224 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:26:00.0527 6224 wmiApSrv - ok
21:26:00.0605 6224 WMPNetworkSvc - ok
21:26:00.0636 6224 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:26:00.0652 6224 WPCSvc - ok
21:26:00.0683 6224 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:26:00.0698 6224 WPDBusEnum - ok
21:26:00.0714 6224 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:26:00.0776 6224 ws2ifsl - ok
21:26:00.0776 6224 WSearch - ok
21:26:00.0808 6224 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:26:00.0901 6224 WudfPf - ok
21:26:00.0948 6224 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:26:00.0995 6224 WUDFRd - ok
21:26:01.0026 6224 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:26:01.0057 6224 wudfsvc - ok
21:26:01.0088 6224 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:26:01.0120 6224 WwanSvc - ok
21:26:01.0151 6224 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:26:01.0541 6224 \Device\Harddisk0\DR0 - ok
21:26:01.0556 6224 Boot (0x1200) (beb34928e75ada2c2548ece6c5638061) \Device\Harddisk0\DR0\Partition0
21:26:01.0556 6224 \Device\Harddisk0\DR0\Partition0 - ok
21:26:01.0588 6224 Boot (0x1200) (70968fe7fd8f3e5f6dd865b445461b25) \Device\Harddisk0\DR0\Partition1
21:26:01.0588 6224 \Device\Harddisk0\DR0\Partition1 - ok
21:26:01.0588 6224 ============================================================
21:26:01.0588 6224 Scan finished
21:26:01.0588 6224 ============================================================
21:26:01.0603 6188 Detected object count: 1
21:26:01.0603 6188 Actual detected object count: 1
21:26:14.0848 6188 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
21:26:14.0848 6188 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
08.08.2012, 19:54
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Befall - Asus Notebook Formatierung? Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
08.08.2012, 20:41
| #19 |
| | Live Security Befall - Asus Notebook Formatierung? CF-Log Code:
ATTFilter ComboFix 12-08-08.01 - smoking caterpillar 08.08.2012 21:08:03.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4000.2655 [GMT 2:00]
ausgeführt von:: c:\users\smoking caterpillar\Desktop\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\smoking caterpillar\4.0
c:\users\smoking caterpillar\AppData\Roaming\Help\coredb\storage
c:\windows\msvcr71.dll
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-08 bis 2012-08-08 ))))))))))))))))))))))))))))))
.
.
2012-08-08 19:16 . 2012-08-08 19:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-06 19:27 . 2012-08-06 19:27 -------- d-----w- C:\_OTL
2012-08-05 16:00 . 2012-08-05 16:00 -------- d-----w- c:\program files (x86)\ESET
2012-07-31 20:05 . 2012-07-31 23:48 -------- d-----w- c:\users\smoking caterpillar\dwhelper
2012-07-31 14:39 . 2012-07-31 14:39 -------- d-----w- c:\users\smoking caterpillar\AppData\Local\Apps
2012-07-31 14:39 . 2012-07-31 23:52 -------- d-----w- c:\users\smoking caterpillar\AppData\Local\Deployment
2012-07-31 14:39 . 2012-07-31 14:39 -------- d-----w- C:\Archivos de programa
2012-07-24 14:42 . 2012-07-24 14:42 -------- d-----w- c:\users\smoking caterpillar\AppData\Roaming\Malwarebytes
2012-07-24 14:42 . 2012-08-05 14:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-24 14:42 . 2012-07-24 14:42 -------- d-----w- c:\programdata\Malwarebytes
2012-07-24 14:42 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-23 21:37 . 2002-03-05 22:00 75264 ----a-w- c:\windows\SysWow64\unacev2.dll
2012-07-23 21:37 . 2003-02-02 17:06 153088 ----a-w- c:\windows\SysWow64\UNRAR3.dll
2012-07-23 21:37 . 2012-07-23 21:38 -------- d-----w- c:\program files (x86)\Trojan Remover
2012-07-23 21:37 . 2012-07-23 21:37 -------- d-----w- c:\users\smoking caterpillar\AppData\Roaming\Simply Super Software
2012-07-23 21:37 . 2012-07-23 21:37 -------- d-----w- c:\programdata\Simply Super Software
2012-07-23 21:05 . 2012-07-23 21:05 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-07-23 01:04 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-23 01:00 . 2012-06-02 12:07 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-07-23 01:00 . 2012-06-02 12:06 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-07-23 01:00 . 2012-06-02 12:00 818688 ----a-w- c:\windows\system32\jscript.dll
2012-07-23 01:00 . 2012-06-02 08:27 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-07-23 01:00 . 2012-06-02 08:26 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-07-23 01:00 . 2012-06-02 12:49 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-07-23 01:00 . 2012-06-02 12:17 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-07-22 16:53 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B7F756C-CFE0-4F5E-9413-1ACEF41E77BD}\mpengine.dll
2012-07-22 16:10 . 2012-07-22 16:10 -------- d-----w- c:\users\smoking caterpillar\AppData\Local\ElevatedDiagnostics
2012-07-11 01:00 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-10 16:09 . 2012-07-10 16:09 -------- d-----w- c:\users\smoking caterpillar\AppData\Roaming\Apple
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-08 11:51 . 2011-12-10 14:25 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-07-23 01:01 . 2012-07-07 12:20 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-20 13:04 . 2012-06-20 13:04 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-02 22:19 . 2012-06-22 06:12 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 06:12 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 06:12 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 06:12 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 06:12 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 06:12 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 06:12 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 06:12 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-22 06:12 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2011-12-12 02:04 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E32FBEA2-F52F-4812-A88F-21FE54FD0AF0}]
2012-03-26 23:41 141312 ----a-w- c:\programdata\CodecC\bhoclass.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-09 2317312]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-12-02 74752]
"WorksFUD"="c:\program files (x86)\Microsoft Works\wkfud.exe" [2001-10-09 24576]
"Microsoft Works Portfolio"="c:\program files (x86)\Microsoft Works\WksSb.exe" [2001-10-04 331830]
"Microsoft Works Update Detection"="c:\program files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2001-10-04 28738]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2011-10-28 107816]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2011-10-31 485672]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-05-22 160872]
"TrojanScanner"="c:\program files (x86)\Trojan Remover\Trjscan.exe" [2012-07-23 1240848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 548528]
Erinnerungen in Microsoft Works-Kalender.lnk - c:\program files (x86)\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2001-10-4 24633]
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2011-11-2 12862]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-29 113120]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys [2011-09-08 90096]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-08-24 92800]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\smoking caterpillar\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2012-07-08 40960]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 1111568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-28 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152]
"Ocs_SM"="c:\users\smoking caterpillar\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2012-07-08 106496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.2
FF - ProfilePath -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - c:\program files\WEB.DE Toolbar\IE\uitb.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-ICQToolbar - c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-loadtbs-2.1 - c:\users\smoking caterpillar\AppData\Roaming\loadtbs\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1377819090-1488837102-2095713333-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*v*i*—ä=t\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1377819090-1488837102-2095713333-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*v*i*õä=t\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1377819090-1488837102-2095713333-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w±_]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1377819090-1488837102-2095713333-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w±_\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1377819090-1488837102-2095713333-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*êùÉ[]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1377819090-1488837102-2095713333-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*êùÉ[\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\InstantOn\InsOnWMI.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\windows\SysWOW64\ACEngSvr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\powercfg.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-08 21:22:28 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-08-08 19:22
.
Vor Suchlauf: 18 Verzeichnis(se), 68.033.392.640 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 67.689.840.640 Bytes frei
.
- - End Of File - - 6FAF54BEA1E5F27ECE7E89FE471E8A21
|
|
09.08.2012, 15:42
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Befall - Asus Notebook Formatierung? Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.08.2012, 19:19
| #21 |
| | Live Security Befall - Asus Notebook Formatierung? GMER-Log Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-09 19:53:49
Windows 6.1.7601 Service Pack 1
Running: vss6w69j.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 19:59:59 on 09.08.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "ASMMAP64" (ASMMAP64) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys "ATKWMIACPI Driver" (ATKWMIACPIIO) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "ISO DVD/CD-ROM Device Driver" (ISODrive) - "EZB Systems, Inc." - C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys "NetGroup Packet Filter Driver" (NPF) - "CACE Technologies, Inc." - C:\Windows\System32\drivers\npf.sys "Trend Micro TDI Driver" (tmtdi) - "Trend Micro Inc." - C:\Windows\System32\DRIVERS\tmtdi.sys "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} "TmIEPlugInAPP Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll {0E526CB5-7446-41D1-A403-19BFE95E8C23} "TmIEPlugInAPP Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {79BC0345-1015-11D2-A299-006008312725} "///FAST project settings" - ? - C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\BlueShellExt.dll (File found, but it contains no detailed information) {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office\OLKFSTUB.DLL {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files (x86)\WinRAR\rarext.dll {B41DB860-64E4-11D2-9906-E49FADC173CA} "WinRAR shell extension" - ? - (File not found | COM-object registry key not found) {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll "ICQ7.2" - "ICQ, LLC." - C:\Program Files (x86)\ICQ7.2\ICQ.exe "Sothink SWF Catcher" - ? - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {E32FBEA2-F52F-4812-A88F-21FE54FD0AF0} "CodecC Class" - "Injector" - C:\ProgramData\CodecC\bhoclass.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} "TmBpIeBHO Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll {1CA1377B-DC1D-4A52-9585-6E06050FAC53} "TmIEPlugInBHO Class" - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\smoking caterpillar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "AsusVibeLauncher.lnk" - ? - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "FancyStart daemon.lnk" - "ASUSTeK Computer Inc." - C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe (Shortcut exists | File exists) "Microsoft Office.lnk" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Shortcut exists | File exists) "Erinnerungen in Microsoft Works-Kalender.lnk" - "Microsoft® Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe (Shortcut exists | File exists) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "ASUSPRP" - "ASUSTek Computer Inc." - "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "ASUSWebStorage" - "ecareme" - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S "ATKMEDIA" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe "ATKOSD2" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe "CLMLServer_For_P2G8" - "CyberLink" - "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R "DivXUpdate" - ? - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "HControlUser" - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe "Microsoft Works Portfolio" - "Microsoft® Corporation" - C:\Program Files (x86)\Microsoft Works\WksSb.exe /AllUsers "Microsoft Works Update Detection" - "Microsoft® Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe "Nuance PDF Reader-reminder" - "Nuance Communications, Inc." - "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" "PDFPrint" - "Geek Software GmbH" - C:\Program Files (x86)\PDF24\pdf24.exe "SonicMasterTray" - "Virage Logic Corporation / Sonic Focus" - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "TrojanScanner" - "Simply Super Software" - C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot "UpdateLBPShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" "UpdateP2GoShortCut" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" "WinampAgent" - "Nullsoft, Inc." - "C:\Program Files (x86)\Winamp\winampa.exe" "Wireless Console 3" - "ASUS" - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe "WorksFUD" - "Microsoft® Corporation" - C:\Program Files (x86)\Microsoft Works\wkfud.exe [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "AFBAgent" (AFBAgent) - "ASUSTeK Computer Inc." - C:\Windows\system32\FBAgent.exe "ASLDR Service" (ASLDRService) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe "ASUS InstantOn Service" (ASUS InstantOn) - "ASUS" - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe "ATKGFNEX Service" (ATKGFNEXSrv) - "ASUS" - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe "ICQ Service" (ICQ Service) - ? - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe (File not found) "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Remote Packet Capture Protocol v.0 (experimental)" (rpcapd) - "CACE Technologies, Inc." - C:\Program Files (x86)\WinPcap\rpcapd.exe "SearchAnonymizer" (SearchAnonymizer) - ? - C:\Users\smoking caterpillar\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "Trend Micro Solution Platform" (Amsp) - "Trend Micro Inc." - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-09 20:01:37
-----------------------------
20:01:37.026 OS Version: Windows x64 6.1.7601 Service Pack 1
20:01:37.027 Number of processors: 4 586 0x2A07
20:01:37.028 ComputerName: SMOKINGCATERPIL UserName:
20:01:37.565 Initialize success
20:10:13.348 AVAST engine defs: 12080900
20:10:34.516 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:10:34.522 Disk 0 Vendor: ST932032 0003 Size: 305245MB BusType: 3
20:10:34.543 Disk 0 MBR read successfully
20:10:34.548 Disk 0 MBR scan
20:10:34.574 Disk 0 Windows 7 default MBR code
20:10:34.589 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
20:10:34.609 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 122098 MB offset 52430848
20:10:34.639 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 157545 MB offset 302487552
20:10:34.678 Disk 0 scanning C:\Windows\system32\drivers
20:10:46.844 Service scanning
20:11:08.546 Modules scanning
20:11:08.566 Disk 0 trace - called modules:
20:11:08.637 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
20:11:08.983 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004dbd060]
20:11:08.993 3 CLASSPNP.SYS[fffff88001ba943f] -> nt!IofCallDriver -> [0xfffffa8004b65b20]
20:11:09.003 5 ACPI.sys[fffff88000f897a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b69050]
20:11:09.955 AVAST engine scan C:\Windows
20:11:12.944 AVAST engine scan C:\Windows\system32
20:13:57.886 AVAST engine scan C:\Windows\system32\drivers
20:14:11.521 AVAST engine scan C:\Users\smoking caterpillar
20:15:18.997 File: C:\Users\smoking caterpillar\AppData\Roaming\vlc\{96FD72B9-3877-4F4A-9591-A6E08D4D18B2}\Upgrade.exe **INFECTED** Win32:Malware-gen
20:16:00.411 AVAST engine scan C:\ProgramData
20:16:01.250 File: C:\ProgramData\CodecC\bhoclass.dll **INFECTED** Win32:MultiPlug-B [Adw]
20:17:06.378 Scan finished successfully
20:17:26.673 Disk 0 MBR has been saved successfully to "C:\Users\smoking caterpillar\Desktop\MBR.dat"
20:17:26.678 The log file has been saved successfully to "C:\Users\smoking caterpillar\Desktop\aswMBR.txt"
|
|
10.08.2012, 21:13
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Befall - Asus Notebook Formatierung?Code:
ATTFilter C:\Users\smoking caterpillar\AppData\Roaming\vlc\{96FD72B9-3877-4F4A-9591-A6E08D4D18B2}\Upgrade.exe
C:\ProgramData\CodecC\bhoclass.dll
Wenn eine Datei schon ausgewerte sein sollte, bitte eine weitere Auswertung starten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.08.2012, 21:38
| #23 |
| | Live Security Befall - Asus Notebook Formatierung? 1. Datei: https://www.virustotal.com/file/1ea0d8e86c77f2ccd089d99273ae2bb58ca0a41b3c6376bdfb7e25d5958e9c8a/analysis/ 2. Datei: https://www.virustotal.com/file/1d683fd80f1c0fafd9df83e944c8a33d8bd98a84455a815de003eadecdebf4b5/analysis/ Hey, mein Virenscanner hat gerade etwas gefunden.  Soll ich auf "exclude" klicken, oder wie soll ich das behandeln? lg |
|
11.08.2012, 16:50
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Befall - Asus Notebook Formatierung? Na kasse, appconf32 ist idR ein BankingTrojaner  Machst du OnlineBanking mit diesem Rechner? Willst du wirklich noch weiter bereinigen? Der muss während der Bereinigung ins System gekommen sein, wahrscheinlich durch Lücken in deiner alten Software wie Java, vorher hab ich keine appconf32 in deinem System gesehen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.08.2012, 17:13
| #25 |
| | Live Security Befall - Asus Notebook Formatierung? Ja ich mach mit dem Rechner OnlineBanking, aber seitdem wir den Laptop bereinigen hab ichs noch nicht gemacht. Wieso fragst du, ob ob ich den Laptop weiter bereinigen möchte? Ist der Erfolg nicht gegeben bzw der Aufwand zu groß? Soll ich den Rechner besser ganz neu aufsetzen? Ansich würd ich ihn gerne weiter bereinigen. Aber ich lasse mich da von dir beraten, ob das Sinn macht. Und er ha noch einen gefunden.   Geändert von brainInfect (11.08.2012 um 17:38 Uhr) |
|
11.08.2012, 19:31
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Befall - Asus Notebook Formatierung? Man kann ihn bereinigen aber ich würde danach nicht mehr OnlineBanking unter dieser Windows-Installation empfehlen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.08.2012, 19:34
| #27 |
| | Live Security Befall - Asus Notebook Formatierung? Hmm, also am besten neu aufsetzen. So ein Mist, trotzdem Danke für deine Mühen!! Bin mir gerade schon eine Win7-Iso am runterladen. Ich bin mir allerdings unsicher mit den Treibern. Muss ich da was besonders beachten oder reicht es, wenn ich das System mithilfe dieser Iso neu aufsetze? |
|
11.08.2012, 21:05
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Befall - Asus Notebook Formatierung? Das kommt ganz auf die Hardware an. Wenn dein Rechner nicht allzu neu ist, wird Windows alles erkennen. Aber idR muss man Treiber wir für den Chipsatz und Grafikkarte immer aktuelle einspielen. Falls deine Netzwerkkarte nicht erkennt werden sollte, könntest du eine böse Überraschung erleben, gut, dass du nochmal fragst, denn dann hast du keine Möglichkeit übers Internet mal eben was runterzuladen (sofern deine Internetverbindung über deine Netzwerkkarte bzw. WLAN-Adapter geht) Welchen Rechner genau hast du denn?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.08.2012, 21:17
| #29 |
| | Live Security Befall - Asus Notebook Formatierung? Also meinen Rechner habe ich mir letztes Jahr im November/Dezember gekauft. Mein Internet läuft über W-Lan. Ich tippe dir einfach mal alle Daten aus der Systemsteuerung ab: Win7 Home Premium ASUSTek Computer Inc. 4,7 Windows-Leistungsindex Intel Core i3-2310 CPU @ 2.10 GHz Arbeitsspeicher 4,00 GB 64 Bit Kann ich nicht einfach eine ISO von meinem aktuellen System erstellen? Bin mir, wie gesagt, zwar gerade eine am runterladen (aus dem Forum), aber wenn ich ne eigene ISO erstelle hätte ich das eventuelle Problem mit den Treibern nicht, oder? |
|
11.08.2012, 21:28
| #30 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Live Security Befall - Asus Notebook Formatierung? Ist leider nicht ganz so hilfreich Installier mal http://www.chip.de/downloads/HWiNFO64_49799644.html Da siehst du genau welche Hardware da drin steckt Zitat:
Wenn du Windows neu drauf hast und du zwecks Treibermangel nicht ins Internet kommt, solltest du einen Plan B haben - ist eh empfehlenswert weil du bestimmt noch Daten sichern möchtest oder? Dazu kann ich das posten, denn mit dem Live-Linux-System kommst du mit ziemlicher Sicherheits ins Internet (auch über WLAN) und kannst dir da die Treiber für Windows runterladen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Live Security Befall - Asus Notebook Formatierung? |
| administrator, arten, asus, befall, bereits, dankbar, einfach, entferne, entfernen, formatiere, formatieren, formatieren?, formatierung, live, lohnt, nichts, notebook, problem, security, sofort, starte, starten, virus, wenig |
Linear-Darstellung
