| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner: tr/atraps.gen entdecktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.09.2012, 11:16
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojaner: tr/atraps.gen entdeckt Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.09.2012, 20:12
| #17 |
 | Trojaner: tr/atraps.gen entdeckt Ich habe das nun 3 Mal versucht, doch der Rechner stürzt ab dem Ende des Scan-Prozesses immer ab. Beim 2. und 3. Mal erschien auf blauem Hintergund die Meldung: "Es wurde ein Problem festgestellt. Windows wurde heruntergefahren, damit der Computer nicht beschädigt wird."
__________________ |
|
01.10.2012, 12:10
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen entdeckt Probier den TDSS-Killer nochmal im abgesicherten Modus mit Netzwerktreibern aus
__________________
__________________ |
|
04.10.2012, 19:40
| #19 |
| | Trojaner: tr/atraps.gen entdeckt Im abgesichterten Modus lief es schon etwas besser. Der Pc ist diesmal erst etwa eine halbe Minute nach dem Ende des Scans abgestürzt. (tds Killer war noch offen) Hier ist der Log: Code:
ATTFilter 20:30:54.0406 0904 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:30:54.0453 0904 ============================================================
20:30:54.0453 0904 Current date / time: 2012/10/04 20:30:54.0453
20:30:54.0453 0904 SystemInfo:
20:30:54.0453 0904
20:30:54.0453 0904 OS Version: 5.1.2600 ServicePack: 3.0
20:30:54.0453 0904 Product type: Workstation
20:30:54.0453 0904 ComputerName: ERIC-C2A5455035
20:30:54.0453 0904 UserName: Eric
20:30:54.0453 0904 Windows directory: C:\WINDOWS
20:30:54.0453 0904 System windows directory: C:\WINDOWS
20:30:54.0453 0904 Processor architecture: Intel x86
20:30:54.0453 0904 Number of processors: 1
20:30:54.0453 0904 Page size: 0x1000
20:30:54.0453 0904 Boot type: Safe boot
20:30:54.0453 0904 ============================================================
20:30:55.0781 0904 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06200 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
20:30:55.0796 0904 ============================================================
20:30:55.0796 0904 \Device\Harddisk0\DR0:
20:30:55.0796 0904 MBR partitions:
20:30:55.0796 0904 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
20:30:55.0796 0904 ============================================================
20:30:55.0828 0904 C: <-> \Device\Harddisk0\DR0\Partition1
20:30:55.0843 0904 ============================================================
20:30:55.0843 0904 Initialize success
20:30:55.0843 0904 ============================================================
20:31:01.0921 0924 ============================================================
20:31:01.0921 0924 Scan started
20:31:01.0921 0924 Mode: Manual; SigCheck; TDLFS;
20:31:01.0921 0924 ============================================================
20:31:02.0015 0924 ================ Scan system memory ========================
20:31:02.0015 0924 System memory - ok
20:31:02.0062 0924 ================ Scan services =============================
20:31:02.0500 0924 Abiosdsk - ok
20:31:02.0562 0924 abp480n5 - ok
20:31:02.0625 0924 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:31:04.0218 0924 ACPI - ok
20:31:04.0296 0924 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:31:04.0468 0924 ACPIEC - ok
20:31:04.0578 0924 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:31:04.0625 0924 AdobeFlashPlayerUpdateSvc - ok
20:31:04.0671 0924 adpu160m - ok
20:31:04.0734 0924 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:31:04.0906 0924 aec - ok
20:31:04.0984 0924 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:31:05.0031 0924 AFD - ok
20:31:05.0109 0924 Aha154x - ok
20:31:05.0203 0924 aic78u2 - ok
20:31:05.0328 0924 aic78xx - ok
20:31:05.0609 0924 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\programme\gemeinsame dateien\akamai/netsession_win_5891ae0.dll
20:31:05.0609 0924 Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
20:31:05.0625 0924 Akamai ( HiddenFile.Multi.Generic ) - warning
20:31:05.0625 0924 Akamai - detected HiddenFile.Multi.Generic (1)
20:31:05.0750 0924 [ BA88534A3CEB6161E7432438B9EA4F54 ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
20:31:05.0875 0924 ALCXSENS - ok
20:31:05.0953 0924 [ 4D4593C10F2C90D48DA9FD1B14ACE825 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:31:06.0109 0924 ALCXWDM - ok
20:31:06.0171 0924 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:31:06.0312 0924 Alerter - ok
20:31:06.0421 0924 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
20:31:06.0546 0924 ALG - ok
20:31:06.0625 0924 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
20:31:06.0796 0924 AliIde - ok
20:31:06.0875 0924 [ 769844EB65DF6A62AA51B886290FE51D ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:31:06.0968 0924 AmdK8 - ok
20:31:07.0015 0924 amsint - ok
20:31:07.0171 0924 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
20:31:07.0203 0924 AntiVirSchedulerService - ok
20:31:07.0296 0924 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:31:07.0312 0924 AntiVirService - ok
20:31:07.0437 0924 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:31:07.0453 0924 Apple Mobile Device - ok
20:31:07.0500 0924 AppMgmt - ok
20:31:07.0578 0924 asc - ok
20:31:07.0671 0924 asc3350p - ok
20:31:07.0718 0924 asc3550 - ok
20:31:07.0984 0924 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:31:08.0031 0924 aspnet_state - ok
20:31:08.0156 0924 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:31:08.0312 0924 AsyncMac - ok
20:31:08.0421 0924 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:31:08.0562 0924 atapi - ok
20:31:08.0656 0924 Atdisk - ok
20:31:08.0750 0924 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:31:08.0890 0924 Atmarpc - ok
20:31:08.0984 0924 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:31:09.0125 0924 AudioSrv - ok
20:31:09.0203 0924 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:31:09.0375 0924 audstub - ok
20:31:09.0437 0924 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:31:09.0828 0924 avgntflt - ok
20:31:09.0906 0924 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:31:09.0937 0924 avipbb - ok
20:31:10.0031 0924 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:31:10.0031 0924 avkmgr - ok
20:31:10.0203 0924 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:31:10.0375 0924 Beep - ok
20:31:10.0468 0924 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
20:31:10.0921 0924 BITS - ok
20:31:11.0046 0924 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
20:31:11.0078 0924 Bonjour Service - ok
20:31:11.0156 0924 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
20:31:11.0250 0924 Browser - ok
20:31:11.0343 0924 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:31:11.0500 0924 cbidf2k - ok
20:31:11.0593 0924 cd20xrnt - ok
20:31:11.0718 0924 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:31:11.0906 0924 Cdaudio - ok
20:31:12.0000 0924 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:31:12.0140 0924 Cdfs - ok
20:31:12.0187 0924 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:31:12.0359 0924 Cdrom - ok
20:31:12.0406 0924 Changer - ok
20:31:12.0531 0924 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:31:12.0671 0924 CiSvc - ok
20:31:12.0765 0924 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:31:12.0921 0924 ClipSrv - ok
20:31:13.0015 0924 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:13.0031 0924 clr_optimization_v2.0.50727_32 - ok
20:31:13.0156 0924 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:31:13.0281 0924 clr_optimization_v4.0.30319_32 - ok
20:31:13.0328 0924 CmdIde - ok
20:31:13.0406 0924 COMSysApp - ok
20:31:13.0531 0924 Cpqarray - ok
20:31:13.0640 0924 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:31:13.0812 0924 CryptSvc - ok
20:31:13.0843 0924 dac2w2k - ok
20:31:13.0937 0924 dac960nt - ok
20:31:14.0109 0924 [ 80861969541971176E005D2C09DAE851 ] DAUpdaterSvc C:\Programme\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
20:31:14.0109 0924 DAUpdaterSvc - ok
20:31:14.0203 0924 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:31:14.0328 0924 DcomLaunch - ok
20:31:14.0453 0924 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:31:14.0609 0924 Dhcp - ok
20:31:14.0687 0924 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:31:14.0843 0924 Disk - ok
20:31:14.0937 0924 dmadmin - ok
20:31:15.0078 0924 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:31:15.0234 0924 dmboot - ok
20:31:15.0328 0924 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:31:15.0468 0924 dmio - ok
20:31:15.0578 0924 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:31:15.0703 0924 dmload - ok
20:31:15.0781 0924 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:31:15.0937 0924 dmserver - ok
20:31:16.0031 0924 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:31:16.0156 0924 DMusic - ok
20:31:16.0281 0924 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:31:16.0375 0924 Dnscache - ok
20:31:16.0453 0924 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:31:16.0562 0924 Dot3svc - ok
20:31:16.0593 0924 dpti2o - ok
20:31:16.0687 0924 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:31:16.0812 0924 drmkaud - ok
20:31:17.0015 0924 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
20:31:17.0031 0924 dtsoftbus01 - ok
20:31:17.0109 0924 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:31:17.0265 0924 EapHost - ok
20:31:17.0437 0924 [ FD9FC82F134B1C91004FFC76A5AE494B ] ENTECH C:\WINDOWS\system32\DRIVERS\ENTECH.sys
20:31:17.0468 0924 ENTECH ( UnsignedFile.Multi.Generic ) - warning
20:31:17.0468 0924 ENTECH - detected UnsignedFile.Multi.Generic (1)
20:31:17.0562 0924 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:31:17.0656 0924 ERSvc - ok
20:31:17.0750 0924 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
20:31:17.0828 0924 Eventlog - ok
20:31:17.0921 0924 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
20:31:18.0000 0924 EventSystem - ok
20:31:18.0156 0924 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:31:18.0265 0924 Fastfat - ok
20:31:18.0359 0924 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:31:18.0437 0924 FastUserSwitchingCompatibility - ok
20:31:18.0484 0924 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:31:18.0656 0924 Fdc - ok
20:31:18.0718 0924 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:31:18.0843 0924 Fips - ok
20:31:19.0000 0924 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:31:19.0125 0924 Flpydisk - ok
20:31:19.0203 0924 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:31:19.0328 0924 FltMgr - ok
20:31:19.0468 0924 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:31:19.0531 0924 FontCache3.0.0.0 - ok
20:31:19.0578 0924 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:31:19.0796 0924 Fs_Rec - ok
20:31:19.0875 0924 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:31:20.0062 0924 Ftdisk - ok
20:31:20.0171 0924 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
20:31:20.0281 0924 gameenum - ok
20:31:20.0406 0924 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:31:20.0406 0924 GEARAspiWDM - ok
20:31:20.0500 0924 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:31:20.0671 0924 Gpc - ok
20:31:20.0796 0924 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:31:20.0937 0924 helpsvc - ok
20:31:21.0015 0924 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
20:31:21.0203 0924 HidServ - ok
20:31:21.0250 0924 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:31:21.0390 0924 HidUsb - ok
20:31:21.0500 0924 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:31:21.0609 0924 hkmsvc - ok
20:31:21.0656 0924 hpn - ok
20:31:21.0781 0924 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:31:21.0906 0924 HTTP - ok
20:31:21.0984 0924 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:31:22.0156 0924 HTTPFilter - ok
20:31:22.0203 0924 i2omgmt - ok
20:31:22.0281 0924 i2omp - ok
20:31:22.0390 0924 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:31:22.0515 0924 i8042prt - ok
20:31:22.0687 0924 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:31:22.0750 0924 idsvc - ok
20:31:22.0796 0924 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:31:22.0968 0924 Imapi - ok
20:31:23.0062 0924 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
20:31:23.0171 0924 ImapiService - ok
20:31:23.0203 0924 ini910u - ok
20:31:23.0343 0924 IntelIde - ok
20:31:23.0453 0924 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:31:23.0593 0924 Ip6Fw - ok
20:31:23.0656 0924 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:31:23.0859 0924 IpFilterDriver - ok
20:31:23.0906 0924 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:31:24.0093 0924 IpInIp - ok
20:31:24.0156 0924 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:31:24.0281 0924 IpNat - ok
20:31:24.0375 0924 [ CA1972397B845B2F53F5DC63C22FD98A ] iPod Service C:\Programme\iPod\bin\iPodService.exe
20:31:24.0437 0924 iPod Service - ok
20:31:24.0500 0924 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:31:24.0656 0924 IPSec - ok
20:31:24.0765 0924 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:31:24.0890 0924 IRENUM - ok
20:31:24.0937 0924 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:31:25.0062 0924 isapnp - ok
20:31:25.0171 0924 [ 9938AD6E9192BF1EE76D8E8A9B61F5B4 ] JAHCI C:\WINDOWS\system32\DRIVERS\JAHCI.sys
20:31:25.0218 0924 JAHCI - ok
20:31:25.0453 0924 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
20:31:25.0515 0924 JavaQuickStarterService - ok
20:31:25.0546 0924 [ BA758E56576E0FC8FE96E22444E673EF ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
20:31:25.0609 0924 JGOGO - ok
20:31:25.0687 0924 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:31:25.0828 0924 Kbdclass - ok
20:31:25.0875 0924 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:31:26.0046 0924 kbdhid - ok
20:31:26.0125 0924 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:31:26.0250 0924 kmixer - ok
20:31:26.0343 0924 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:31:26.0421 0924 KSecDD - ok
20:31:26.0546 0924 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:31:26.0640 0924 lanmanserver - ok
20:31:26.0687 0924 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:31:26.0750 0924 lanmanworkstation - ok
20:31:26.0796 0924 lbrtfdc - ok
20:31:26.0953 0924 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:31:27.0109 0924 LmHosts - ok
20:31:27.0171 0924 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:31:27.0281 0924 Messenger - ok
20:31:27.0359 0924 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:31:27.0484 0924 mnmdd - ok
20:31:27.0562 0924 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:31:27.0718 0924 mnmsrvc - ok
20:31:27.0843 0924 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:31:27.0968 0924 Modem - ok
20:31:28.0015 0924 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:31:28.0187 0924 Mouclass - ok
20:31:28.0312 0924 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:31:28.0484 0924 mouhid - ok
20:31:28.0609 0924 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:31:28.0734 0924 MountMgr - ok
20:31:28.0781 0924 mraid35x - ok
20:31:28.0875 0924 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:31:29.0046 0924 MRxDAV - ok
20:31:29.0109 0924 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:31:29.0218 0924 MRxSmb - ok
20:31:29.0328 0924 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:31:29.0437 0924 MSDTC - ok
20:31:29.0562 0924 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:31:29.0703 0924 Msfs - ok
20:31:29.0750 0924 MSIServer - ok
20:31:29.0796 0924 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:31:29.0921 0924 MSKSSRV - ok
20:31:29.0984 0924 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:31:30.0156 0924 MSPCLOCK - ok
20:31:30.0203 0924 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:31:30.0375 0924 MSPQM - ok
20:31:30.0437 0924 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:31:30.0593 0924 mssmbios - ok
20:31:30.0687 0924 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
20:31:30.0796 0924 ms_mpu401 - ok
20:31:30.0875 0924 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:31:30.0921 0924 Mup - ok
20:31:31.0015 0924 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
20:31:31.0156 0924 napagent - ok
20:31:31.0203 0924 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:31:31.0359 0924 NDIS - ok
20:31:31.0437 0924 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:31:31.0484 0924 NdisTapi - ok
20:31:31.0546 0924 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:31:31.0703 0924 Ndisuio - ok
20:31:31.0875 0924 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:31:32.0015 0924 NdisWan - ok
20:31:32.0125 0924 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:31:32.0156 0924 NDProxy - ok
20:31:32.0218 0924 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:31:32.0375 0924 NetBIOS - ok
20:31:32.0468 0924 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:31:32.0609 0924 NetBT - ok
20:31:32.0656 0924 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
20:31:32.0781 0924 NetDDE - ok
20:31:32.0843 0924 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:31:32.0968 0924 NetDDEdsdm - ok
20:31:33.0062 0924 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:31:33.0203 0924 Netlogon - ok
20:31:33.0250 0924 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
20:31:33.0437 0924 Netman - ok
20:31:33.0562 0924 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:31:33.0578 0924 NetTcpPortSharing - ok
20:31:33.0640 0924 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
20:31:33.0718 0924 Nla - ok
20:31:33.0796 0924 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:31:33.0890 0924 Npfs - ok
20:31:33.0984 0924 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:31:34.0125 0924 Ntfs - ok
20:31:34.0171 0924 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:31:34.0343 0924 NtLmSsp - ok
20:31:34.0437 0924 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:31:34.0593 0924 NtmsSvc - ok
20:31:34.0656 0924 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:31:34.0828 0924 Null - ok
20:31:35.0218 0924 [ 6733E80A193FC36F41C24142B0C45C0E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:31:35.0843 0924 nv - ok
20:31:35.0984 0924 [ 2E6ED9FE65A9B3EC606603ED0F33DD7D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
20:31:36.0000 0924 NVSvc - ok
20:31:36.0171 0924 [ 3C09CC7992A8ADECD1FDDFD5D8E69BAE ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:31:36.0328 0924 nvUpdatusService - ok
20:31:36.0406 0924 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:31:36.0593 0924 NwlnkFlt - ok
20:31:36.0640 0924 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:31:36.0859 0924 NwlnkFwd - ok
20:31:36.0984 0924 [ BF090C227F677DD67A5C96EB633B120A ] OverwolfUpdaterService C:\Programme\Overwolf\\OverwolfUpdater.exe
20:31:37.0000 0924 OverwolfUpdaterService - ok
20:31:37.0125 0924 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:31:37.0234 0924 Parport - ok
20:31:37.0281 0924 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:31:37.0453 0924 PartMgr - ok
20:31:37.0578 0924 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:31:37.0750 0924 ParVdm - ok
20:31:37.0843 0924 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:31:37.0953 0924 PCI - ok
20:31:38.0000 0924 PCIDump - ok
20:31:38.0046 0924 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:31:38.0203 0924 PCIIde - ok
20:31:38.0296 0924 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:31:38.0437 0924 Pcmcia - ok
20:31:38.0484 0924 PDCOMP - ok
20:31:38.0531 0924 PDFRAME - ok
20:31:38.0609 0924 PDRELI - ok
20:31:38.0703 0924 PDRFRAME - ok
20:31:38.0781 0924 perc2 - ok
20:31:38.0828 0924 perc2hib - ok
20:31:39.0062 0924 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
20:31:39.0093 0924 PlugPlay - ok
20:31:39.0140 0924 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:31:39.0265 0924 PolicyAgent - ok
20:31:39.0359 0924 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:31:39.0453 0924 PptpMiniport - ok
20:31:39.0500 0924 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
20:31:39.0671 0924 Processor - ok
20:31:39.0765 0924 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:31:39.0890 0924 ProtectedStorage - ok
20:31:39.0937 0924 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:31:40.0078 0924 PSched - ok
20:31:40.0187 0924 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:31:40.0328 0924 Ptilink - ok
20:31:40.0375 0924 ql1080 - ok
20:31:40.0421 0924 Ql10wnt - ok
20:31:40.0500 0924 ql12160 - ok
20:31:40.0578 0924 ql1240 - ok
20:31:40.0625 0924 ql1280 - ok
20:31:40.0765 0924 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:31:40.0921 0924 RasAcd - ok
20:31:41.0000 0924 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:31:41.0109 0924 RasAuto - ok
20:31:41.0171 0924 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:31:41.0296 0924 Rasl2tp - ok
20:31:41.0406 0924 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:31:41.0546 0924 RasMan - ok
20:31:41.0593 0924 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:31:41.0765 0924 RasPppoe - ok
20:31:41.0828 0924 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:31:41.0968 0924 Raspti - ok
20:31:42.0109 0924 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:31:42.0203 0924 Rdbss - ok
20:31:42.0250 0924 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:31:42.0453 0924 RDPCDD - ok
20:31:42.0609 0924 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:31:42.0671 0924 RDPWD - ok
20:31:42.0765 0924 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:31:42.0906 0924 RDSessMgr - ok
20:31:42.0984 0924 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:31:43.0078 0924 redbook - ok
20:31:43.0203 0924 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:31:43.0312 0924 RemoteAccess - ok
20:31:43.0359 0924 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:31:43.0546 0924 RpcLocator - ok
20:31:43.0609 0924 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:31:43.0687 0924 RpcSs - ok
20:31:43.0765 0924 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCap C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
20:31:43.0796 0924 RRNetCap - ok
20:31:43.0828 0924 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCapMP C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
20:31:43.0859 0924 RRNetCapMP - ok
20:31:44.0015 0924 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:31:44.0140 0924 RSVP - ok
20:31:44.0187 0924 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
20:31:44.0343 0924 SamSs - ok
20:31:44.0390 0924 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:31:44.0578 0924 SCardSvr - ok
20:31:44.0671 0924 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:31:44.0812 0924 Schedule - ok
20:31:44.0921 0924 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:31:45.0031 0924 Secdrv - ok
20:31:45.0140 0924 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
20:31:45.0250 0924 seclogon - ok
20:31:45.0328 0924 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
20:31:45.0468 0924 SENS - ok
20:31:45.0515 0924 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:31:45.0640 0924 serenum - ok
20:31:45.0703 0924 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:31:45.0828 0924 Serial - ok
20:31:46.0093 0924 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:31:46.0265 0924 Sfloppy - ok
20:31:46.0390 0924 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:31:46.0406 0924 ShellHWDetection - ok
20:31:46.0453 0924 Simbad - ok
20:31:46.0578 0924 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
20:31:46.0593 0924 SkypeUpdate - ok
20:31:46.0734 0924 Sparrow - ok
20:31:46.0812 0924 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:31:46.0906 0924 splitter - ok
20:31:47.0000 0924 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:31:47.0062 0924 Spooler - ok
20:31:47.0125 0924 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:31:47.0234 0924 sr - ok
20:31:47.0359 0924 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
20:31:47.0468 0924 srservice - ok
20:31:47.0531 0924 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:31:47.0640 0924 Srv - ok
20:31:47.0718 0924 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:31:47.0875 0924 SSDPSRV - ok
20:31:47.0953 0924 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:31:47.0968 0924 ssmdrv - ok
20:31:48.0078 0924 Steam Client Service - ok
20:31:48.0187 0924 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:31:48.0328 0924 stisvc - ok
20:31:48.0421 0924 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:31:48.0515 0924 swenum - ok
20:31:48.0562 0924 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:31:48.0734 0924 swmidi - ok
20:31:48.0781 0924 SwPrv - ok
20:31:48.0906 0924 symc810 - ok
20:31:48.0953 0924 symc8xx - ok
20:31:49.0046 0924 sym_hi - ok
20:31:49.0125 0924 sym_u3 - ok
20:31:49.0234 0924 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:31:49.0343 0924 sysaudio - ok
20:31:49.0468 0924 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:31:49.0625 0924 SysmonLog - ok
20:31:49.0687 0924 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:31:49.0859 0924 TapiSrv - ok
20:31:49.0937 0924 [ 74D4299CDC4CF748EFEF725C2206E135 ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
20:31:49.0953 0924 tbhsd - ok
20:31:50.0046 0924 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:31:50.0109 0924 Tcpip - ok
20:31:50.0171 0924 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:31:50.0296 0924 TDPIPE - ok
20:31:50.0390 0924 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:31:50.0515 0924 TDTCP - ok
20:31:50.0578 0924 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:31:50.0734 0924 TermDD - ok
20:31:50.0843 0924 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
20:31:50.0968 0924 TermService - ok
20:31:51.0046 0924 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:31:51.0078 0924 Themes - ok
20:31:51.0125 0924 TosIde - ok
20:31:51.0218 0924 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:31:51.0390 0924 TrkWks - ok
20:31:51.0468 0924 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:31:51.0656 0924 Udfs - ok
20:31:51.0750 0924 [ CE2DD5EFB0F773382376FAAF9F506542 ] ULI5261XP C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS
20:31:51.0812 0924 ULI5261XP - ok
20:31:51.0906 0924 [ 67AB641CC203081780E8483FAA959549 ] uliagpkx C:\WINDOWS\system32\DRIVERS\agpkx.sys
20:31:51.0953 0924 uliagpkx - ok
20:31:52.0000 0924 ultra - ok
20:31:52.0125 0924 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:31:52.0234 0924 Update - ok
20:31:52.0312 0924 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:31:52.0453 0924 upnphost - ok
20:31:52.0515 0924 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
20:31:52.0671 0924 UPS - ok
20:31:52.0750 0924 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
20:31:52.0859 0924 USBAAPL - ok
20:31:52.0953 0924 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:31:53.0046 0924 usbaudio - ok
20:31:53.0125 0924 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:31:53.0281 0924 usbccgp - ok
20:31:53.0359 0924 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:31:53.0500 0924 usbehci - ok
20:31:53.0546 0924 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:31:53.0671 0924 usbhub - ok
20:31:53.0718 0924 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:31:53.0859 0924 usbohci - ok
20:31:53.0953 0924 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:31:54.0093 0924 usbscan - ok
20:31:54.0156 0924 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:31:54.0296 0924 USBSTOR - ok
20:31:54.0390 0924 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:31:54.0531 0924 VgaSave - ok
20:31:54.0578 0924 ViaIde - ok
20:31:54.0625 0924 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:31:54.0750 0924 VolSnap - ok
20:31:54.0843 0924 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
20:31:54.0984 0924 VSS - ok
20:31:55.0062 0924 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
20:31:55.0156 0924 W32Time - ok
20:31:55.0203 0924 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:31:55.0343 0924 Wanarp - ok
20:31:55.0375 0924 WDICA - ok
20:31:55.0484 0924 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:31:55.0593 0924 wdmaud - ok
20:31:55.0687 0924 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:31:55.0828 0924 WebClient - ok
20:31:56.0046 0924 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:31:56.0203 0924 winmgmt - ok
20:31:56.0359 0924 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:31:56.0453 0924 WmdmPmSN - ok
20:31:56.0593 0924 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:31:56.0718 0924 WmiApSrv - ok
20:31:56.0906 0924 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
20:31:56.0968 0924 WMPNetworkSvc - ok
20:31:57.0156 0924 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:31:57.0234 0924 WPFFontCache_v0400 - ok
20:31:57.0390 0924 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:31:57.0531 0924 wuauserv - ok
20:31:57.0593 0924 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:31:57.0703 0924 WudfPf - ok
20:31:57.0812 0924 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:31:57.0828 0924 WudfRd - ok
20:31:57.0890 0924 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:31:57.0937 0924 WudfSvc - ok
20:31:58.0031 0924 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:31:58.0187 0924 WZCSVC - ok
20:31:58.0250 0924 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:31:58.0531 0924 xmlprov - ok
20:31:58.0656 0924 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:31:58.0687 0924 YahooAUService - ok
20:31:58.0765 0924 [ 478B4415DFB3A45B6FE61EC781E07D7B ] ZD1211BU(ZyDAS) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
20:31:58.0875 0924 ZD1211BU(ZyDAS) - ok
Code:
ATTFilter 20:24:08.0234 1288 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:24:08.0406 1288 ============================================================
20:24:08.0406 1288 Current date / time: 2012/10/04 20:24:08.0406
20:24:08.0406 1288 SystemInfo:
20:24:08.0406 1288
20:24:08.0406 1288 OS Version: 5.1.2600 ServicePack: 3.0
20:24:08.0406 1288 Product type: Workstation
20:24:08.0406 1288 ComputerName: ERIC-C2A5455035
20:24:08.0406 1288 UserName: Eric
20:24:08.0406 1288 Windows directory: C:\WINDOWS
20:24:08.0406 1288 System windows directory: C:\WINDOWS
20:24:08.0406 1288 Processor architecture: Intel x86
20:24:08.0406 1288 Number of processors: 1
20:24:08.0406 1288 Page size: 0x1000
20:24:08.0406 1288 Boot type: Normal boot
20:24:08.0406 1288 ============================================================
20:24:08.0921 1288 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06200 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
20:24:08.0921 1288 ============================================================
20:24:08.0921 1288 \Device\Harddisk0\DR0:
20:24:08.0921 1288 MBR partitions:
20:24:08.0921 1288 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
20:24:08.0921 1288 ============================================================
20:24:08.0953 1288 C: <-> \Device\Harddisk0\DR0\Partition1
20:24:08.0953 1288 ============================================================
20:24:08.0953 1288 Initialize success
20:24:08.0953 1288 ============================================================
20:24:14.0781 1356 ============================================================
20:24:14.0781 1356 Scan started
20:24:14.0781 1356 Mode: Manual; SigCheck; TDLFS;
20:24:14.0781 1356 ============================================================
20:24:14.0859 1356 ================ Scan system memory ========================
20:24:14.0859 1356 System memory - ok
20:24:14.0875 1356 ================ Scan services =============================
20:24:14.0968 1356 Abiosdsk - ok
20:24:14.0984 1356 abp480n5 - ok
20:24:15.0046 1356 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:24:16.0234 1356 ACPI - ok
20:24:16.0265 1356 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:24:16.0406 1356 ACPIEC - ok
20:24:16.0500 1356 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:16.0515 1356 AdobeFlashPlayerUpdateSvc - ok
20:24:16.0515 1356 adpu160m - ok
20:24:16.0531 1356 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:24:16.0656 1356 aec - ok
20:24:16.0703 1356 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:24:16.0734 1356 AFD - ok
20:24:16.0734 1356 Aha154x - ok
20:24:16.0750 1356 aic78u2 - ok
20:24:16.0750 1356 aic78xx - ok
20:24:16.0921 1356 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\programme\gemeinsame dateien\akamai/netsession_win_5891ae0.dll
20:24:16.0921 1356 Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
20:24:16.0937 1356 Akamai ( HiddenFile.Multi.Generic ) - warning
20:24:16.0937 1356 Akamai - detected HiddenFile.Multi.Generic (1)
20:24:17.0000 1356 [ BA88534A3CEB6161E7432438B9EA4F54 ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
20:24:17.0093 1356 ALCXSENS - ok
20:24:17.0140 1356 [ 4D4593C10F2C90D48DA9FD1B14ACE825 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
20:24:17.0234 1356 ALCXWDM - ok
20:24:17.0250 1356 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:24:17.0375 1356 Alerter - ok
20:24:17.0406 1356 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
20:24:17.0515 1356 ALG - ok
20:24:17.0562 1356 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
20:24:17.0687 1356 AliIde - ok
20:24:17.0750 1356 [ 769844EB65DF6A62AA51B886290FE51D ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
20:24:17.0796 1356 AmdK8 - ok
20:24:17.0796 1356 amsint - ok
20:24:17.0890 1356 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
20:24:17.0906 1356 AntiVirSchedulerService - ok
20:24:17.0906 1356 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
20:24:17.0921 1356 AntiVirService - ok
20:24:17.0984 1356 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:24:18.0000 1356 Apple Mobile Device - ok
20:24:18.0000 1356 AppMgmt - ok
20:24:18.0015 1356 asc - ok
20:24:18.0015 1356 asc3350p - ok
20:24:18.0031 1356 asc3550 - ok
20:24:18.0187 1356 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:24:18.0218 1356 aspnet_state - ok
20:24:18.0265 1356 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:24:18.0390 1356 AsyncMac - ok
20:24:18.0406 1356 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:24:18.0531 1356 atapi - ok
20:24:18.0531 1356 Atdisk - ok
20:24:18.0562 1356 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:24:18.0671 1356 Atmarpc - ok
20:24:18.0718 1356 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:24:18.0843 1356 AudioSrv - ok
20:24:18.0890 1356 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:24:19.0000 1356 audstub - ok
20:24:19.0031 1356 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:24:19.0171 1356 avgntflt - ok
20:24:19.0218 1356 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:24:19.0234 1356 avipbb - ok
20:24:19.0250 1356 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:24:19.0265 1356 avkmgr - ok
20:24:19.0328 1356 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:24:19.0468 1356 Beep - ok
20:24:19.0515 1356 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
20:24:19.0781 1356 BITS - ok
20:24:19.0890 1356 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
20:24:19.0921 1356 Bonjour Service - ok
20:24:19.0968 1356 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
20:24:20.0031 1356 Browser - ok
20:24:20.0078 1356 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:24:20.0203 1356 cbidf2k - ok
20:24:20.0218 1356 cd20xrnt - ok
20:24:20.0265 1356 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:24:20.0406 1356 Cdaudio - ok
20:24:20.0453 1356 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:24:20.0562 1356 Cdfs - ok
20:24:20.0593 1356 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:24:20.0687 1356 Cdrom - ok
20:24:20.0703 1356 Changer - ok
20:24:20.0750 1356 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:24:20.0843 1356 CiSvc - ok
20:24:20.0890 1356 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:24:21.0015 1356 ClipSrv - ok
20:24:21.0078 1356 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:21.0093 1356 clr_optimization_v2.0.50727_32 - ok
20:24:21.0140 1356 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:21.0218 1356 clr_optimization_v4.0.30319_32 - ok
20:24:21.0234 1356 CmdIde - ok
20:24:21.0234 1356 COMSysApp - ok
20:24:21.0250 1356 Cpqarray - ok
20:24:21.0296 1356 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:24:21.0406 1356 CryptSvc - ok
20:24:21.0421 1356 dac2w2k - ok
20:24:21.0421 1356 dac960nt - ok
20:24:21.0515 1356 [ 80861969541971176E005D2C09DAE851 ] DAUpdaterSvc C:\Programme\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
20:24:21.0531 1356 DAUpdaterSvc - ok
20:24:21.0578 1356 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:24:21.0656 1356 DcomLaunch - ok
20:24:21.0703 1356 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:24:21.0828 1356 Dhcp - ok
20:24:21.0875 1356 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:24:22.0000 1356 Disk - ok
20:24:22.0000 1356 dmadmin - ok
20:24:22.0046 1356 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:24:22.0187 1356 dmboot - ok
20:24:22.0203 1356 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:24:22.0328 1356 dmio - ok
20:24:22.0359 1356 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:24:22.0468 1356 dmload - ok
20:24:22.0515 1356 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:24:22.0609 1356 dmserver - ok
20:24:22.0671 1356 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:24:22.0781 1356 DMusic - ok
20:24:22.0812 1356 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:24:22.0921 1356 Dnscache - ok
20:24:22.0968 1356 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:24:23.0078 1356 Dot3svc - ok
20:24:23.0093 1356 dpti2o - ok
20:24:23.0109 1356 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:24:23.0203 1356 drmkaud - ok
20:24:23.0250 1356 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
20:24:23.0265 1356 dtsoftbus01 - ok
20:24:23.0296 1356 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:24:23.0421 1356 EapHost - ok
20:24:23.0468 1356 [ FD9FC82F134B1C91004FFC76A5AE494B ] ENTECH C:\WINDOWS\system32\DRIVERS\ENTECH.sys
20:24:23.0484 1356 ENTECH ( UnsignedFile.Multi.Generic ) - warning
20:24:23.0484 1356 ENTECH - detected UnsignedFile.Multi.Generic (1)
20:24:23.0546 1356 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:24:23.0656 1356 ERSvc - ok
20:24:23.0703 1356 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
20:24:23.0734 1356 Eventlog - ok
20:24:23.0812 1356 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
20:24:23.0859 1356 EventSystem - ok
20:24:23.0921 1356 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:24:24.0031 1356 Fastfat - ok
20:24:24.0078 1356 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:24:24.0156 1356 FastUserSwitchingCompatibility - ok
20:24:24.0156 1356 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:24:24.0265 1356 Fdc - ok
20:24:24.0281 1356 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:24:24.0390 1356 Fips - ok
20:24:24.0406 1356 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:24:24.0515 1356 Flpydisk - ok
20:24:24.0562 1356 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:24:24.0671 1356 FltMgr - ok
20:24:24.0718 1356 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:24:24.0734 1356 FontCache3.0.0.0 - ok
20:24:24.0750 1356 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:24:24.0859 1356 Fs_Rec - ok
20:24:24.0859 1356 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:24:25.0000 1356 Ftdisk - ok
20:24:25.0031 1356 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
20:24:25.0125 1356 gameenum - ok
20:24:25.0171 1356 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:24:25.0187 1356 GEARAspiWDM - ok
20:24:25.0218 1356 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:24:25.0328 1356 Gpc - ok
20:24:25.0421 1356 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:24:25.0515 1356 helpsvc - ok
20:24:25.0562 1356 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
20:24:25.0671 1356 HidServ - ok
20:24:25.0703 1356 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:24:25.0796 1356 HidUsb - ok
20:24:25.0859 1356 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:24:25.0953 1356 hkmsvc - ok
20:24:25.0968 1356 hpn - ok
20:24:26.0015 1356 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:24:26.0078 1356 HTTP - ok
20:24:26.0109 1356 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:24:26.0218 1356 HTTPFilter - ok
20:24:26.0218 1356 i2omgmt - ok
20:24:26.0234 1356 i2omp - ok
20:24:26.0281 1356 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:24:26.0390 1356 i8042prt - ok
20:24:26.0515 1356 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:24:26.0578 1356 idsvc - ok
20:24:26.0593 1356 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:24:26.0703 1356 Imapi - ok
20:24:26.0750 1356 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
20:24:26.0843 1356 ImapiService - ok
20:24:26.0859 1356 ini910u - ok
20:24:26.0875 1356 IntelIde - ok
20:24:26.0906 1356 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:24:27.0015 1356 Ip6Fw - ok
20:24:27.0046 1356 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:24:27.0187 1356 IpFilterDriver - ok
20:24:27.0218 1356 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:24:27.0312 1356 IpInIp - ok
20:24:27.0375 1356 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:24:27.0468 1356 IpNat - ok
20:24:27.0546 1356 [ CA1972397B845B2F53F5DC63C22FD98A ] iPod Service C:\Programme\iPod\bin\iPodService.exe
20:24:27.0593 1356 iPod Service - ok
20:24:27.0609 1356 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:24:27.0718 1356 IPSec - ok
20:24:27.0734 1356 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:24:27.0859 1356 IRENUM - ok
20:24:27.0890 1356 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:24:27.0984 1356 isapnp - ok
20:24:28.0015 1356 [ 9938AD6E9192BF1EE76D8E8A9B61F5B4 ] JAHCI C:\WINDOWS\system32\DRIVERS\JAHCI.sys
20:24:28.0031 1356 JAHCI - ok
20:24:28.0171 1356 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
20:24:28.0171 1356 JavaQuickStarterService - ok
20:24:28.0203 1356 [ BA758E56576E0FC8FE96E22444E673EF ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
20:24:28.0203 1356 JGOGO - ok
20:24:28.0234 1356 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:24:28.0343 1356 Kbdclass - ok
20:24:28.0375 1356 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:24:28.0468 1356 kbdhid - ok
20:24:28.0500 1356 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:24:28.0609 1356 kmixer - ok
20:24:28.0640 1356 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:24:28.0703 1356 KSecDD - ok
20:24:28.0750 1356 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:24:28.0812 1356 lanmanserver - ok
20:24:28.0828 1356 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:24:28.0859 1356 lanmanworkstation - ok
20:24:28.0875 1356 lbrtfdc - ok
20:24:28.0921 1356 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:24:29.0031 1356 LmHosts - ok
20:24:29.0062 1356 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:24:29.0171 1356 Messenger - ok
20:24:29.0203 1356 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:24:29.0343 1356 mnmdd - ok
20:24:29.0375 1356 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:24:29.0484 1356 mnmsrvc - ok
20:24:29.0531 1356 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:24:29.0640 1356 Modem - ok
20:24:29.0671 1356 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:24:29.0765 1356 Mouclass - ok
20:24:29.0812 1356 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:24:29.0937 1356 mouhid - ok
20:24:29.0984 1356 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:24:30.0078 1356 MountMgr - ok
20:24:30.0078 1356 mraid35x - ok
20:24:30.0093 1356 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:24:30.0203 1356 MRxDAV - ok
20:24:30.0218 1356 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:24:30.0265 1356 MRxSmb - ok
20:24:30.0312 1356 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:24:30.0421 1356 MSDTC - ok
20:24:30.0453 1356 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:24:30.0562 1356 Msfs - ok
20:24:30.0562 1356 MSIServer - ok
20:24:30.0593 1356 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:24:30.0687 1356 MSKSSRV - ok
20:24:30.0703 1356 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:24:30.0796 1356 MSPCLOCK - ok
20:24:30.0812 1356 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:24:30.0906 1356 MSPQM - ok
20:24:30.0921 1356 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:24:31.0031 1356 mssmbios - ok
20:24:31.0093 1356 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
20:24:31.0250 1356 ms_mpu401 - ok
20:24:31.0296 1356 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:24:31.0406 1356 Mup - ok
20:24:31.0500 1356 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
20:24:31.0609 1356 napagent - ok
20:24:31.0640 1356 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:24:31.0750 1356 NDIS - ok
20:24:31.0796 1356 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:24:31.0906 1356 NdisTapi - ok
20:24:31.0921 1356 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:24:32.0031 1356 Ndisuio - ok
20:24:32.0140 1356 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:24:32.0281 1356 NdisWan - ok
20:24:32.0312 1356 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:24:32.0406 1356 NDProxy - ok
20:24:32.0437 1356 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:24:32.0578 1356 NetBIOS - ok
20:24:32.0703 1356 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:24:32.0843 1356 NetBT - ok
20:24:32.0875 1356 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
20:24:33.0000 1356 NetDDE - ok
20:24:33.0015 1356 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:24:33.0109 1356 NetDDEdsdm - ok
20:24:33.0140 1356 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:24:33.0250 1356 Netlogon - ok
20:24:33.0312 1356 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
20:24:33.0468 1356 Netman - ok
20:24:33.0500 1356 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:24:33.0515 1356 NetTcpPortSharing - ok
20:24:33.0546 1356 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
20:24:33.0578 1356 Nla - ok
20:24:33.0625 1356 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:24:33.0750 1356 Npfs - ok
20:24:33.0828 1356 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:24:33.0984 1356 Ntfs - ok
20:24:34.0000 1356 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:24:34.0109 1356 NtLmSsp - ok
20:24:34.0171 1356 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:24:34.0328 1356 NtmsSvc - ok
20:24:34.0359 1356 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:24:34.0531 1356 Null - ok
20:24:35.0718 1356 [ 6733E80A193FC36F41C24142B0C45C0E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:24:36.0359 1356 nv - ok
20:24:36.0421 1356 [ 2E6ED9FE65A9B3EC606603ED0F33DD7D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
20:24:36.0437 1356 NVSvc - ok
20:24:36.0578 1356 [ 3C09CC7992A8ADECD1FDDFD5D8E69BAE ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:24:36.0703 1356 nvUpdatusService - ok
20:24:36.0734 1356 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:24:36.0890 1356 NwlnkFlt - ok
20:24:36.0890 1356 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:24:37.0046 1356 NwlnkFwd - ok
20:24:37.0171 1356 [ BF090C227F677DD67A5C96EB633B120A ] OverwolfUpdaterService C:\Programme\Overwolf\\OverwolfUpdater.exe
20:24:37.0234 1356 OverwolfUpdaterService - ok
20:24:37.0281 1356 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:24:37.0390 1356 Parport - ok
20:24:37.0406 1356 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:24:37.0531 1356 PartMgr - ok
20:24:37.0578 1356 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:24:37.0718 1356 ParVdm - ok
20:24:37.0750 1356 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:24:37.0859 1356 PCI - ok
20:24:37.0875 1356 PCIDump - ok
20:24:37.0875 1356 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:24:38.0046 1356 PCIIde - ok
20:24:38.0062 1356 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:24:38.0187 1356 Pcmcia - ok
20:24:38.0187 1356 PDCOMP - ok
20:24:38.0187 1356 PDFRAME - ok
20:24:38.0203 1356 PDRELI - ok
20:24:38.0218 1356 PDRFRAME - ok
20:24:38.0218 1356 perc2 - ok
20:24:38.0234 1356 perc2hib - ok
20:24:38.0265 1356 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
20:24:38.0281 1356 PlugPlay - ok
20:24:38.0281 1356 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:24:38.0421 1356 PolicyAgent - ok
20:24:38.0453 1356 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:24:38.0765 1356 PptpMiniport - ok
20:24:38.0781 1356 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
20:24:38.0906 1356 Processor - ok
20:24:38.0921 1356 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:24:39.0031 1356 ProtectedStorage - ok
20:24:39.0046 1356 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:24:39.0156 1356 PSched - ok
20:24:39.0187 1356 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:24:39.0359 1356 Ptilink - ok
20:24:39.0375 1356 ql1080 - ok
20:24:39.0375 1356 Ql10wnt - ok
20:24:39.0390 1356 ql12160 - ok
20:24:39.0406 1356 ql1240 - ok
20:24:39.0406 1356 ql1280 - ok
20:24:39.0453 1356 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:24:39.0593 1356 RasAcd - ok
20:24:39.0671 1356 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:24:39.0796 1356 RasAuto - ok
20:24:39.0812 1356 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:24:39.0953 1356 Rasl2tp - ok
20:24:40.0078 1356 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:24:40.0281 1356 RasMan - ok
20:24:40.0312 1356 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:24:40.0406 1356 RasPppoe - ok
20:24:40.0421 1356 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:24:40.0578 1356 Raspti - ok
20:24:40.0609 1356 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:24:40.0703 1356 Rdbss - ok
20:24:40.0718 1356 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:24:40.0859 1356 RDPCDD - ok
20:24:40.0906 1356 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:24:40.0953 1356 RDPWD - ok
20:24:41.0000 1356 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:24:41.0109 1356 RDSessMgr - ok
20:24:41.0156 1356 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:24:41.0250 1356 redbook - ok
20:24:41.0328 1356 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:24:41.0437 1356 RemoteAccess - ok
20:24:41.0468 1356 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:24:41.0578 1356 RpcLocator - ok
20:24:41.0625 1356 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:24:41.0640 1356 RpcSs - ok
20:24:41.0687 1356 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCap C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
20:24:41.0703 1356 RRNetCap - ok
20:24:41.0703 1356 [ 43110C2A2C5ED32EAD96C440718E4452 ] RRNetCapMP C:\WINDOWS\system32\DRIVERS\rrnetcap.sys
20:24:41.0718 1356 RRNetCapMP - ok
20:24:41.0765 1356 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:24:41.0906 1356 RSVP - ok
20:24:41.0937 1356 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
20:24:42.0046 1356 SamSs - ok
20:24:42.0062 1356 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:24:42.0187 1356 SCardSvr - ok
20:24:42.0234 1356 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:24:42.0343 1356 Schedule - ok
20:24:42.0375 1356 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:24:42.0468 1356 Secdrv - ok
20:24:42.0515 1356 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
20:24:42.0609 1356 seclogon - ok
20:24:42.0656 1356 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
20:24:42.0750 1356 SENS - ok
20:24:42.0781 1356 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:24:42.0875 1356 serenum - ok
20:24:42.0921 1356 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:24:43.0015 1356 Serial - ok
20:24:43.0078 1356 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:24:43.0171 1356 Sfloppy - ok
20:24:43.0218 1356 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:24:43.0234 1356 ShellHWDetection - ok
20:24:43.0250 1356 Simbad - ok
20:24:43.0296 1356 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
20:24:43.0312 1356 SkypeUpdate - ok
20:24:43.0343 1356 Sparrow - ok
20:24:43.0390 1356 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:24:43.0484 1356 splitter - ok
20:24:43.0531 1356 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:24:43.0593 1356 Spooler - ok
20:24:43.0609 1356 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:24:43.0703 1356 sr - ok
20:24:43.0750 1356 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
20:24:43.0859 1356 srservice - ok
20:24:43.0890 1356 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:24:43.0921 1356 Srv - ok
20:24:43.0968 1356 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:24:44.0078 1356 SSDPSRV - ok
20:24:44.0109 1356 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:24:44.0125 1356 ssmdrv - ok
20:24:44.0140 1356 Steam Client Service - ok
20:24:44.0203 1356 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:24:44.0312 1356 stisvc - ok
20:24:44.0359 1356 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:24:44.0453 1356 swenum - ok
20:24:44.0484 1356 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:24:44.0593 1356 swmidi - ok
20:24:44.0609 1356 SwPrv - ok
20:24:44.0609 1356 symc810 - ok
20:24:44.0625 1356 symc8xx - ok
20:24:44.0625 1356 sym_hi - ok
20:24:44.0640 1356 sym_u3 - ok
20:24:44.0671 1356 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:24:44.0765 1356 sysaudio - ok
20:24:44.0812 1356 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:24:44.0921 1356 SysmonLog - ok
20:24:44.0953 1356 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:24:45.0078 1356 TapiSrv - ok
20:24:45.0109 1356 [ 74D4299CDC4CF748EFEF725C2206E135 ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
20:24:45.0125 1356 tbhsd - ok
20:24:45.0171 1356 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:24:45.0203 1356 Tcpip - ok
20:24:45.0250 1356 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:24:45.0359 1356 TDPIPE - ok
20:24:45.0390 1356 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:24:45.0484 1356 TDTCP - ok
20:24:45.0500 1356 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:24:45.0609 1356 TermDD - ok
20:24:45.0640 1356 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
20:24:45.0750 1356 TermService - ok
20:24:45.0765 1356 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:24:45.0781 1356 Themes - ok
20:24:45.0781 1356 TosIde - ok
20:24:45.0796 1356 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:24:45.0906 1356 TrkWks - ok
20:24:45.0921 1356 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:24:46.0031 1356 Udfs - ok
20:24:46.0078 1356 [ CE2DD5EFB0F773382376FAAF9F506542 ] ULI5261XP C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS
20:24:46.0125 1356 ULI5261XP - ok
|
|
04.10.2012, 20:06
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen entdeckt Ist der da auch abgestürzt? Weil das Log ist unvollständig 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.10.2012, 21:29
| #21 |
| | Trojaner: tr/atraps.gen entdeckt Ja, wie gesagt eine halbe Minute nach Ende des Scans. :/ Ich versuche es morgen nochmal ... |
|
05.10.2012, 21:53
| #22 |
| | Trojaner: tr/atraps.gen entdeckt Nein, er ist wieder abgestürzt. |
|
07.10.2012, 04:56
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen entdeckt Überspringen wir den TDSS-Killer Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2012, 16:26
| #24 |
| | Trojaner: tr/atraps.gen entdeckt Auch hier stürzt der Rechner, wärend des Scans ab. Wieder mit der Meldung, dass ein Problem festgestellt wurde und der Rechner herunter gefahren werden musste. |
|
10.10.2012, 16:53
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen entdeckt Probier auch Combofix bitte im abgesicherten Modus mit Netzwerktreibern aus
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2012, 21:01
| #26 |
| | Trojaner: tr/atraps.gen entdeckt Das lief nun schon viel besser. Erst ganz am Ende als er dabei war die Log-Datei vorzubreiten kam wieder die Meldung und er ist ausgegangen. |
|
11.10.2012, 13:22
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen entdeckt Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es bitte nochmal.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2012, 14:54
| #28 |
| | Trojaner: tr/atraps.gen entdeckt Nun ging es endlich: Code:
ATTFilter ComboFix 12-10-12.01 - Eric 12.10.2012 15:43:31.1.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.2047.1789 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Eric\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-12 bis 2012-10-12 ))))))))))))))))))))))))))))))
.
.
2012-10-05 12:50 . 2012-10-05 12:50 -------- d-----w- c:\programme\iPod
2012-10-05 12:50 . 2012-10-05 12:51 -------- d-----w- c:\programme\iTunes
2012-10-05 12:50 . 2012-10-05 12:51 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-10-04 18:29 . 2012-10-04 18:29 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Opera
2012-09-26 17:17 . 2012-10-05 12:13 -------- d-----w- c:\dokumente und einstellungen\Eric\Anwendungsdaten\Yahoo!
2012-09-26 17:15 . 2012-10-05 12:14 -------- d-----w- c:\programme\Yahoo!
2012-09-26 15:42 . 2012-09-26 15:42 -------- d-----w- C:\_OTL
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 14:20 . 2012-08-09 17:08 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 14:20 . 2012-08-09 17:08 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-10 13:37 . 2012-09-10 13:37 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-10 13:37 . 2012-07-21 22:45 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-10 13:37 . 2012-07-21 22:45 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-10 13:37 . 2011-10-12 19:47 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-28 15:05 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:05 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:05 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-25 15:58 . 2012-08-25 18:05 258352 ----a-w- c:\windows\system32\unicows.dll
2012-08-24 13:53 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:26 . 2004-08-04 12:00 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-23 06:26 . 2004-08-04 00:50 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-21 11:01 . 2011-10-27 18:18 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2011-10-27 18:18 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-09-06 01:26 . 2012-10-05 21:22 266720 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"phonostar-PlayerTimer"="c:\programme\phonostar-Player\phonostarTimer.exe" [2012-04-03 41472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-07-27 68096]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-08-03 111208]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^McAfee Security Scan Plus.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-09-09 21:30 421776 ----a-w- c:\programme\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeChat]
2009-09-28 11:48 264040 ----a-w- c:\programme\Microsoft LifeChat\LifeChat.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
2012-02-07 19:02 41400 ----a-w- c:\programme\Overwolf\Overwolf.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\phonostar-PlayerTimer]
2012-04-03 15:14 41472 ----a-w- c:\programme\phonostar-Player\phonostarTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\phonostarTimer]
2012-04-03 15:14 41472 ----a-w- c:\programme\phonostar-Player\phonostarTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33 17418928 ----a-r- c:\programme\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-08-06 21:41 1353080 ----a-w- c:\programme\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TapiSrv"=3 (0x3)
"RDSessMgr"=3 (0x3)
"OverwolfUpdaterService"=3 (0x3)
"nvUpdatusService"=2 (0x2)
"NVSvc"=2 (0x2)
"McComponentHostService"=3 (0x3)
"idsvc"=3 (0x3)
"dmadmin"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"SkypeUpdate"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
"ERSvc"=2 (0x2)
"DAUpdaterSvc"=3 (0x3)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Programme\\Steam\\SteamApps\\common\\Portal 2\\portal2.exe"=
.
R0 JAHCI;JAHCI;c:\windows\system32\drivers\JAHCI.sys [26.09.2006 01:38 33280]
R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [26.09.2006 01:29 45056]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [25.05.2012 15:57 242240]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [03.01.2012 17:28 31848]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [26.09.2006 01:32 28672]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [13.07.2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09.08.2012 19:08 250808]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [05.10.2012 23:22 114144]
S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [03.01.2012 17:28 31848]
S4 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\programme\Dragon Age\bin_ship\daupdatersvc.service.exe [16.06.2012 21:02 25832]
S4 nvUpdatusService;NVIDIA Update Service Daemon;c:\programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [26.09.2006 02:06 2255464]
S4 OverwolfUpdaterService;Overwolf Updater Service;c:\programme\Overwolf\OverwolfUpdater.exe [27.01.2012 18:10 17848]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - DISK
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 14:20]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://hxxp://de.yahoo.com/?fr=mkg029.yahoo.com
mStart Page = hxxp://hxxp://de.yahoo.com/?fr=mkg029.yahoo.com
uInternet Settings,ProxyOverride = local;<local>
IE: Free YouTube to MP3 Converter - c:\dokumente und einstellungen\Eric\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\dokumente und einstellungen\Eric\Anwendungsdaten\Mozilla\Firefox\Profiles\kln511w8.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Akamai NetSession Interface - c:\dokumente und einstellungen\Eric\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
HKCU-Run-Search Protection - c:\programme\Yahoo!\Search Protection\SearchProtection.exe
MSConfigStartUp-Google Update - c:\dokumente und einstellungen\Eric\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
MSConfigStartUp-IMBooster - c:\programme\Iminent\IMBooster\imbooster.exe
AddRemove-Octava SD4 - c:\windows\unin0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-10-12 15:50
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zeit der Fertigstellung: 2012-10-12 15:51:22
ComboFix-quarantined-files.txt 2012-10-12 13:51
.
Vor Suchlauf: 16 Verzeichnis(se), 371.838.976.000 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 371.788.050.432 Bytes frei
.
- - End Of File - - 9C57C399E2BE8F5E8CBF614BF571F0F5
|
|
12.10.2012, 16:59
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen entdeckt Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2012, 18:25
| #30 |
| | Trojaner: tr/atraps.gen entdeckt Bei GMER ist er abgestürzt, deshalb nur Logs von Osam und aswMBR: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:39:49 on 12.10.2012 OS: Windows XP Home Edition Service Pack 3 (Build 2600) Default Browser: Opera Software Opera Internet Browser 12.02 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Oracle Corporation" - C:\WINDOWS\system32\javacpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Pando" - "Pando Networks" - C:\Programme\Pando Networks\Media Booster\PMB.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Audials Sound Capturing" (tbhsd) - "RapidSolution Software AG" - C:\WINDOWS\System32\drivers\tbhsd.sys "avgntflt" (avgntflt) - "Avira Operations GmbH & Co. KG" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira Operations GmbH & Co. KG" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira Operations GmbH & Co. KG" - C:\WINDOWS\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\DOKUME~1\Eric\LOKALE~1\Temp\catchme.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "DAEMON Tools Virtual Bus Driver" (dtsoftbus01) - "DT Soft Ltd" - C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys "ENTECH" (ENTECH) - "EnTech Taiwan" - C:\WINDOWS\system32\DRIVERS\ENTECH.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "RRNetCap Service" (RRNetCap) - "RapidSolution Software AG" - C:\WINDOWS\System32\DRIVERS\rrnetcap.sys "RRNetCapMP" (RRNetCapMP) - "RapidSolution Software AG" - C:\WINDOWS\System32\DRIVERS\rrnetcap.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - (File not found | COM-object registry key not found) {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_33.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_33.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab {1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Programme\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Programme\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Programme\Java\jre7\bin\ssv.dll {02478D38-C3F9-4efb-9B51-7695ECA05670} "{02478D38-C3F9-4efb-9B51-7695ECA05670}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Eric\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "phonostar-PlayerTimer" - ? - "C:\Programme\phonostar-Player\phonostarTimer.exe" (File found, but it contains no detailed information) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "APSDaemon" - "Apple Inc." - "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe" "NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup "NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe "Avira Echtzeit-Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\sched.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe "Java Quick Starter" (JavaQuickStarterService) - "Oracle Corporation" - C:\Programme\Java\jre7\bin\jqs.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Programme\Skype\Updater\Updater.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe "Windows Presentation Foundation Font Cache 4.0.0.0" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )----- {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found) ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-12 19:09:08
-----------------------------
19:09:08.046 OS Version: Windows 5.1.2600 Service Pack 3
19:09:08.046 Number of processors: 1 586 0x2F02
19:09:08.046 ComputerName: ERIC-C2A5455035 UserName: Eric
19:09:08.562 Initialize success
19:09:25.843 AVAST engine defs: 12101200
19:09:30.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\JAHCI1Port2Path0Target0Lun0
19:09:30.171 Disk 0 Vendor: WDC_WD50 15.0 Size: 476940MB BusType: 1
19:09:30.187 Disk 0 MBR read successfully
19:09:30.187 Disk 0 MBR scan
19:09:30.234 Disk 0 Windows XP default MBR code
19:09:30.234 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
19:09:30.234 Disk 0 scanning sectors +976752000
19:09:30.343 Disk 0 scanning C:\WINDOWS\system32\drivers
19:09:37.250 Service scanning
19:09:52.140 Modules scanning
19:09:56.343 Disk 0 trace - called modules:
19:09:56.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys JGOGO.sys ACPI.sys hal.dll SCSIPORT.SYS JAHCI.sys
19:09:56.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89e0bab8]
19:09:56.843 3 CLASSPNP.SYS[b80f8fd7] -> nt!IofCallDriver -> [0x89e049c0]
19:09:56.843 5 JGOGO.sys[b8339026] -> nt!IofCallDriver -> \Device\0000006f[0x89da0920]
19:09:56.843 7 ACPI.sys[b7f7e620] -> nt!IofCallDriver -> \Device\Scsi\JAHCI1Port2Path0Target0Lun0[0x89e0b030]
19:09:57.421 AVAST engine scan C:\WINDOWS
19:10:03.234 AVAST engine scan C:\WINDOWS\system32
19:12:55.234 AVAST engine scan C:\WINDOWS\system32\drivers
19:13:15.812 AVAST engine scan C:\Dokumente und Einstellungen\Eric
19:22:44.062 AVAST engine scan C:\Dokumente und Einstellungen\All Users
19:23:05.109 Scan finished successfully
19:23:15.078 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Eric\Desktop\MBR.dat"
19:23:15.078 The log file has been saved successfully to "C:\Dokumente und Einstellungen\Eric\Desktop\aswMBR.txt"
|
|
| Themen zu Trojaner: tr/atraps.gen entdeckt |
| 5 minuten, akamai, aufrufe, avira, bho, computer, computern, conduit, converter, desktop, error, fehler, firefox, flash player, fontcache, google, helper, home, homepage, jdownloader, logfile, mozilla, mp3, nvidia update, plug-in, realtek, registry, schannel.dll, search the web, security, software, teamspeak, texturepack, tr/atraps.gen, trojan.agent.vgenx, trojan.siredef, trojaner, unerwarteter fehler, virus, windows internet |
Linear-Darstellung
