| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Dieses Programm kann die Website nicht anzeigen.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.09.2012, 19:57
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Dieses Programm kann die Website nicht anzeigen. Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.09.2012, 20:14
| #17 |
 | Dieses Programm kann die Website nicht anzeigen.Code:
ATTFilter 21:10:46.0998 3532 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:10:47.0188 3532 ============================================================
21:10:47.0188 3532 Current date / time: 2012/09/04 21:10:47.0188
21:10:47.0188 3532 SystemInfo:
21:10:47.0188 3532
21:10:47.0188 3532 OS Version: 6.1.7601 ServicePack: 1.0
21:10:47.0188 3532 Product type: Workstation
21:10:47.0188 3532 ComputerName: HENGSTERMANN-PC
21:10:47.0188 3532 UserName: Hengstermann
21:10:47.0188 3532 Windows directory: C:\Windows
21:10:47.0188 3532 System windows directory: C:\Windows
21:10:47.0188 3532 Running under WOW64
21:10:47.0188 3532 Processor architecture: Intel x64
21:10:47.0188 3532 Number of processors: 2
21:10:47.0188 3532 Page size: 0x1000
21:10:47.0188 3532 Boot type: Normal boot
21:10:47.0188 3532 ============================================================
21:10:47.0852 3532 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:10:47.0862 3532 ============================================================
21:10:47.0862 3532 \Device\Harddisk0\DR0:
21:10:47.0862 3532 MBR partitions:
21:10:47.0862 3532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:10:47.0862 3532 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A825000
21:10:47.0862 3532 ============================================================
21:10:47.0892 3532 C: <-> \Device\Harddisk0\DR0\Partition2
21:10:47.0892 3532 ============================================================
21:10:47.0892 3532 Initialize success
21:10:47.0892 3532 ============================================================
21:11:05.0538 3868 ============================================================
21:11:05.0538 3868 Scan started
21:11:05.0538 3868 Mode: Manual; SigCheck; TDLFS;
21:11:05.0538 3868 ============================================================
21:11:05.0640 3868 ================ Scan services =============================
21:11:05.0900 3868 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:11:06.0072 3868 1394ohci - ok
21:11:06.0162 3868 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:11:06.0202 3868 ACPI - ok
21:11:06.0222 3868 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:11:06.0262 3868 AcpiPmi - ok
21:11:06.0412 3868 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:11:06.0442 3868 AdobeARMservice - ok
21:11:06.0582 3868 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:11:06.0622 3868 AdobeFlashPlayerUpdateSvc - ok
21:11:06.0674 3868 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:11:06.0724 3868 adp94xx - ok
21:11:06.0774 3868 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:11:06.0824 3868 adpahci - ok
21:11:06.0844 3868 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:11:06.0884 3868 adpu320 - ok
21:11:06.0914 3868 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:11:07.0014 3868 AeLookupSvc - ok
21:11:07.0074 3868 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:11:07.0124 3868 AFD - ok
21:11:07.0154 3868 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:11:07.0184 3868 agp440 - ok
21:11:07.0204 3868 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:11:07.0234 3868 ALG - ok
21:11:07.0264 3868 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:11:07.0304 3868 aliide - ok
21:11:07.0356 3868 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:11:07.0396 3868 AMD External Events Utility - ok
21:11:07.0406 3868 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:11:07.0436 3868 amdide - ok
21:11:07.0461 3868 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:11:07.0488 3868 AmdK8 - ok
21:11:07.0508 3868 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:11:07.0548 3868 AmdPPM - ok
21:11:07.0590 3868 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:11:07.0620 3868 amdsata - ok
21:11:07.0650 3868 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:11:07.0692 3868 amdsbs - ok
21:11:07.0702 3868 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:11:07.0744 3868 amdxata - ok
21:11:07.0806 3868 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:11:07.0912 3868 AppID - ok
21:11:07.0984 3868 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:11:08.0044 3868 AppIDSvc - ok
21:11:08.0064 3868 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:11:08.0114 3868 Appinfo - ok
21:11:08.0134 3868 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:11:08.0144 3868 arc - ok
21:11:08.0154 3868 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:11:08.0174 3868 arcsas - ok
21:11:08.0316 3868 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:11:08.0336 3868 aspnet_state - ok
21:11:08.0378 3868 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:11:08.0454 3868 AsyncMac - ok
21:11:08.0475 3868 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:11:08.0492 3868 atapi - ok
21:11:08.0590 3868 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:11:08.0640 3868 athr - ok
21:11:08.0780 3868 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:11:08.0907 3868 atikmdag - ok
21:11:09.0032 3868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:11:09.0102 3868 AudioEndpointBuilder - ok
21:11:09.0122 3868 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:11:09.0174 3868 AudioSrv - ok
21:11:09.0194 3868 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:11:09.0214 3868 AxInstSV - ok
21:11:09.0264 3868 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:11:09.0284 3868 b06bdrv - ok
21:11:09.0354 3868 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:11:09.0364 3868 b57nd60a - ok
21:11:09.0414 3868 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:11:09.0424 3868 BDESVC - ok
21:11:09.0444 3868 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:11:09.0494 3868 Beep - ok
21:11:09.0544 3868 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:11:09.0654 3868 BFE - ok
21:11:09.0746 3868 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:11:09.0876 3868 BITS - ok
21:11:09.0896 3868 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:11:09.0928 3868 blbdrive - ok
21:11:09.0958 3868 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:11:09.0998 3868 bowser - ok
21:11:10.0018 3868 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:11:10.0060 3868 BrFiltLo - ok
21:11:10.0090 3868 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:11:10.0120 3868 BrFiltUp - ok
21:11:10.0220 3868 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:11:10.0250 3868 Browser - ok
21:11:10.0290 3868 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:11:10.0320 3868 Brserid - ok
21:11:10.0340 3868 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:11:10.0382 3868 BrSerWdm - ok
21:11:10.0392 3868 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:11:10.0422 3868 BrUsbMdm - ok
21:11:10.0442 3868 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:11:10.0472 3868 BrUsbSer - ok
21:11:10.0482 3868 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:11:10.0522 3868 BTHMODEM - ok
21:11:10.0552 3868 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:11:10.0652 3868 bthserv - ok
21:11:10.0672 3868 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:11:10.0772 3868 cdfs - ok
21:11:10.0802 3868 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:11:10.0842 3868 cdrom - ok
21:11:10.0872 3868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:11:10.0964 3868 CertPropSvc - ok
21:11:10.0994 3868 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:11:11.0024 3868 circlass - ok
21:11:11.0054 3868 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:11:11.0104 3868 CLFS - ok
21:11:11.0196 3868 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:11:11.0226 3868 clr_optimization_v2.0.50727_32 - ok
21:11:11.0328 3868 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:11:11.0358 3868 clr_optimization_v2.0.50727_64 - ok
21:11:11.0478 3868 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:11:11.0508 3868 clr_optimization_v4.0.30319_32 - ok
21:11:11.0538 3868 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:11:11.0568 3868 clr_optimization_v4.0.30319_64 - ok
21:11:11.0588 3868 clwvd - ok
21:11:11.0618 3868 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:11:11.0648 3868 CmBatt - ok
21:11:11.0682 3868 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:11:11.0710 3868 cmdide - ok
21:11:11.0750 3868 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:11:11.0820 3868 CNG - ok
21:11:11.0840 3868 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:11:11.0870 3868 Compbatt - ok
21:11:11.0880 3868 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:11:11.0924 3868 CompositeBus - ok
21:11:11.0936 3868 COMSysApp - ok
21:11:11.0966 3868 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:11:11.0996 3868 crcdisk - ok
21:11:12.0038 3868 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:11:12.0068 3868 CryptSvc - ok
21:11:12.0118 3868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:11:12.0228 3868 DcomLaunch - ok
21:11:12.0300 3868 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:11:12.0410 3868 defragsvc - ok
21:11:12.0470 3868 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:11:12.0561 3868 DfsC - ok
21:11:12.0582 3868 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:11:12.0682 3868 Dhcp - ok
21:11:12.0692 3868 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:11:12.0784 3868 discache - ok
21:11:12.0814 3868 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:11:12.0844 3868 Disk - ok
21:11:12.0934 3868 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
21:11:12.0984 3868 DKbFltr - ok
21:11:13.0016 3868 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:11:13.0046 3868 Dnscache - ok
21:11:13.0096 3868 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:11:13.0196 3868 dot3svc - ok
21:11:13.0206 3868 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:11:13.0308 3868 DPS - ok
21:11:13.0378 3868 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:11:13.0418 3868 drmkaud - ok
21:11:13.0460 3868 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:11:13.0530 3868 DXGKrnl - ok
21:11:13.0562 3868 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:11:13.0652 3868 EapHost - ok
21:11:13.0762 3868 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:11:13.0892 3868 ebdrv - ok
21:11:13.0942 3868 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:11:13.0972 3868 EFS - ok
21:11:14.0064 3868 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:11:14.0114 3868 ehRecvr - ok
21:11:14.0164 3868 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:11:14.0204 3868 ehSched - ok
21:11:14.0254 3868 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:11:14.0304 3868 elxstor - ok
21:11:14.0424 3868 [ 8E910F796F5F30281CDD24ABA47DDEA2 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:11:14.0504 3868 ePowerSvc - ok
21:11:14.0524 3868 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:11:14.0567 3868 ErrDev - ok
21:11:14.0630 3868 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:11:14.0742 3868 EventSystem - ok
21:11:14.0764 3868 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:11:14.0874 3868 exfat - ok
21:11:14.0934 3868 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:11:15.0034 3868 fastfat - ok
21:11:15.0106 3868 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:11:15.0156 3868 Fax - ok
21:11:15.0176 3868 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:11:15.0218 3868 fdc - ok
21:11:15.0258 3868 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:11:15.0350 3868 fdPHost - ok
21:11:15.0370 3868 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:11:15.0460 3868 FDResPub - ok
21:11:15.0480 3868 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:11:15.0510 3868 FileInfo - ok
21:11:15.0520 3868 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:11:15.0622 3868 Filetrace - ok
21:11:15.0642 3868 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:11:15.0685 3868 flpydisk - ok
21:11:15.0694 3868 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:11:15.0714 3868 FltMgr - ok
21:11:15.0764 3868 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:11:15.0804 3868 FontCache - ok
21:11:15.0844 3868 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:11:15.0874 3868 FontCache3.0.0.0 - ok
21:11:15.0884 3868 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:11:15.0904 3868 FsDepends - ok
21:11:15.0934 3868 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:11:15.0964 3868 Fs_Rec - ok
21:11:16.0034 3868 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:11:16.0064 3868 fvevol - ok
21:11:16.0104 3868 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:11:16.0154 3868 gagp30kx - ok
21:11:16.0224 3868 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:11:16.0334 3868 gpsvc - ok
21:11:16.0364 3868 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:11:16.0394 3868 hcw85cir - ok
21:11:16.0474 3868 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:11:16.0534 3868 HdAudAddService - ok
21:11:16.0564 3868 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:11:16.0604 3868 HDAudBus - ok
21:11:16.0614 3868 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:11:16.0654 3868 HidBatt - ok
21:11:16.0676 3868 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:11:16.0706 3868 HidBth - ok
21:11:16.0726 3868 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:11:16.0773 3868 HidIr - ok
21:11:16.0838 3868 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:11:16.0928 3868 hidserv - ok
21:11:16.0968 3868 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:11:16.0998 3868 HidUsb - ok
21:11:17.0068 3868 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:11:17.0168 3868 hkmsvc - ok
21:11:17.0188 3868 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:11:17.0218 3868 HomeGroupListener - ok
21:11:17.0258 3868 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:11:17.0305 3868 HomeGroupProvider - ok
21:11:17.0345 3868 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:11:17.0370 3868 HpSAMD - ok
21:11:17.0410 3868 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:11:17.0532 3868 HTTP - ok
21:11:17.0552 3868 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:11:17.0582 3868 hwpolicy - ok
21:11:17.0592 3868 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:11:17.0622 3868 i8042prt - ok
21:11:17.0662 3868 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:11:17.0702 3868 iaStorV - ok
21:11:17.0762 3868 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:11:17.0822 3868 idsvc - ok
21:11:17.0842 3868 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:11:17.0872 3868 iirsp - ok
21:11:17.0933 3868 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:11:18.0046 3868 IKEEXT - ok
21:11:18.0176 3868 [ 492CD3A94913D753B4591CD9E29EC843 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:11:18.0278 3868 IntcAzAudAddService - ok
21:11:18.0298 3868 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:11:18.0328 3868 intelide - ok
21:11:18.0365 3868 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:11:18.0390 3868 intelppm - ok
21:11:18.0440 3868 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:11:18.0540 3868 IPBusEnum - ok
21:11:18.0550 3868 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:11:18.0652 3868 IpFilterDriver - ok
21:11:18.0682 3868 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:11:18.0792 3868 iphlpsvc - ok
21:11:18.0802 3868 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:11:18.0832 3868 IPMIDRV - ok
21:11:18.0852 3868 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:11:18.0952 3868 IPNAT - ok
21:11:18.0982 3868 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:11:19.0022 3868 IRENUM - ok
21:11:19.0032 3868 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:11:19.0062 3868 isapnp - ok
21:11:19.0092 3868 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:11:19.0132 3868 iScsiPrt - ok
21:11:19.0152 3868 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:11:19.0192 3868 kbdclass - ok
21:11:19.0212 3868 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:11:19.0244 3868 kbdhid - ok
21:11:19.0264 3868 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:11:19.0294 3868 KeyIso - ok
21:11:19.0328 3868 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:11:19.0361 3868 KSecDD - ok
21:11:19.0388 3868 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:11:19.0427 3868 KSecPkg - ok
21:11:19.0456 3868 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:11:19.0556 3868 ksthunk - ok
21:11:19.0606 3868 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:11:19.0706 3868 KtmRm - ok
21:11:19.0756 3868 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:11:19.0786 3868 L1C - ok
21:11:19.0826 3868 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:11:19.0926 3868 LanmanServer - ok
21:11:19.0966 3868 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:11:20.0068 3868 LanmanWorkstation - ok
21:11:20.0108 3868 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:11:20.0208 3868 lltdio - ok
21:11:20.0290 3868 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:11:20.0390 3868 lltdsvc - ok
21:11:20.0420 3868 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:11:20.0520 3868 lmhosts - ok
21:11:20.0550 3868 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:11:20.0580 3868 LSI_FC - ok
21:11:20.0601 3868 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:11:20.0635 3868 LSI_SAS - ok
21:11:20.0642 3868 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:11:20.0672 3868 LSI_SAS2 - ok
21:11:20.0682 3868 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:11:20.0722 3868 LSI_SCSI - ok
21:11:20.0752 3868 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:11:20.0852 3868 luafv - ok
21:11:20.0912 3868 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
21:11:20.0932 3868 ManyCam - ok
21:11:21.0002 3868 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:11:21.0032 3868 MBAMProtector - ok
21:11:21.0152 3868 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:11:21.0202 3868 MBAMService - ok
21:11:21.0244 3868 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
21:11:21.0264 3868 mcaudrv_simple - ok
21:11:21.0322 3868 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:11:21.0358 3868 Mcx2Svc - ok
21:11:21.0389 3868 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:11:21.0426 3868 megasas - ok
21:11:21.0470 3868 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:11:21.0502 3868 MegaSR - ok
21:11:21.0578 3868 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:11:21.0628 3868 MMCSS - ok
21:11:21.0668 3868 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:11:21.0737 3868 Modem - ok
21:11:21.0753 3868 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:11:21.0778 3868 monitor - ok
21:11:21.0805 3868 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:11:21.0820 3868 mouclass - ok
21:11:21.0840 3868 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:11:21.0865 3868 mouhid - ok
21:11:21.0895 3868 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:11:21.0922 3868 mountmgr - ok
21:11:22.0014 3868 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:11:22.0034 3868 MozillaMaintenance - ok
21:11:22.0086 3868 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:11:22.0106 3868 MpFilter - ok
21:11:22.0140 3868 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:11:22.0158 3868 mpio - ok
21:11:22.0168 3868 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:11:22.0218 3868 mpsdrv - ok
21:11:22.0258 3868 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:11:22.0335 3868 MpsSvc - ok
21:11:22.0360 3868 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:11:22.0390 3868 MRxDAV - ok
21:11:22.0429 3868 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:11:22.0442 3868 mrxsmb - ok
21:11:22.0480 3868 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:11:22.0499 3868 mrxsmb10 - ok
21:11:22.0511 3868 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:11:22.0528 3868 mrxsmb20 - ok
21:11:22.0540 3868 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:11:22.0554 3868 msahci - ok
21:11:22.0562 3868 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:11:22.0577 3868 msdsm - ok
21:11:22.0596 3868 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:11:22.0614 3868 MSDTC - ok
21:11:22.0634 3868 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:11:22.0685 3868 Msfs - ok
21:11:22.0706 3868 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:11:22.0746 3868 mshidkmdf - ok
21:11:22.0756 3868 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:11:22.0766 3868 msisadrv - ok
21:11:22.0795 3868 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:11:22.0841 3868 MSiSCSI - ok
21:11:22.0851 3868 msiserver - ok
21:11:22.0908 3868 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:11:22.0948 3868 MSKSSRV - ok
21:11:23.0070 3868 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:11:23.0080 3868 MsMpSvc - ok
21:11:23.0080 3868 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:11:23.0131 3868 MSPCLOCK - ok
21:11:23.0140 3868 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:11:23.0183 3868 MSPQM - ok
21:11:23.0201 3868 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:11:23.0222 3868 MsRPC - ok
21:11:23.0239 3868 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:11:23.0252 3868 mssmbios - ok
21:11:23.0282 3868 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:11:23.0322 3868 MSTEE - ok
21:11:23.0336 3868 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:11:23.0350 3868 MTConfig - ok
21:11:23.0358 3868 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:11:23.0372 3868 Mup - ok
21:11:23.0394 3868 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:11:23.0473 3868 napagent - ok
21:11:23.0506 3868 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:11:23.0536 3868 NativeWifiP - ok
21:11:23.0566 3868 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:11:23.0596 3868 NDIS - ok
21:11:23.0616 3868 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:11:23.0658 3868 NdisCap - ok
21:11:23.0678 3868 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:11:23.0718 3868 NdisTapi - ok
21:11:23.0729 3868 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:11:23.0768 3868 Ndisuio - ok
21:11:23.0779 3868 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:11:23.0820 3868 NdisWan - ok
21:11:23.0837 3868 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:11:23.0883 3868 NDProxy - ok
21:11:23.0893 3868 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:11:23.0936 3868 NetBIOS - ok
21:11:23.0953 3868 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:11:24.0002 3868 NetBT - ok
21:11:24.0025 3868 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:11:24.0032 3868 Netlogon - ok
21:11:24.0082 3868 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:11:24.0138 3868 Netman - ok
21:11:24.0174 3868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:24.0184 3868 NetMsmqActivator - ok
21:11:24.0194 3868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:24.0214 3868 NetPipeActivator - ok
21:11:24.0224 3868 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:11:24.0288 3868 netprofm - ok
21:11:24.0302 3868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:24.0316 3868 NetTcpActivator - ok
21:11:24.0327 3868 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:24.0340 3868 NetTcpPortSharing - ok
21:11:24.0366 3868 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:11:24.0386 3868 nfrd960 - ok
21:11:24.0416 3868 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:11:24.0436 3868 NisDrv - ok
21:11:24.0496 3868 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:11:24.0516 3868 NisSrv - ok
21:11:24.0618 3868 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:11:24.0668 3868 NlaSvc - ok
21:11:24.0697 3868 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:11:24.0746 3868 Npfs - ok
21:11:24.0769 3868 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:11:24.0810 3868 nsi - ok
21:11:24.0825 3868 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:11:24.0864 3868 nsiproxy - ok
21:11:24.0922 3868 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:11:24.0970 3868 Ntfs - ok
21:11:25.0004 3868 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:11:25.0044 3868 Null - ok
21:11:25.0076 3868 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:11:25.0096 3868 nvraid - ok
21:11:25.0116 3868 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:11:25.0135 3868 nvstor - ok
21:11:25.0188 3868 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:11:25.0198 3868 nv_agp - ok
21:11:25.0208 3868 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:11:25.0275 3868 ohci1394 - ok
21:11:25.0330 3868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:11:25.0409 3868 p2pimsvc - ok
21:11:25.0440 3868 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:11:25.0519 3868 p2psvc - ok
21:11:25.0611 3868 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:11:25.0692 3868 Parport - ok
21:11:25.0727 3868 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:11:25.0741 3868 partmgr - ok
21:11:25.0761 3868 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:11:25.0787 3868 PcaSvc - ok
21:11:25.0809 3868 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:11:25.0832 3868 pci - ok
21:11:25.0864 3868 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:11:25.0876 3868 pciide - ok
21:11:25.0899 3868 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:11:25.0916 3868 pcmcia - ok
21:11:25.0928 3868 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:11:25.0943 3868 pcw - ok
21:11:25.0974 3868 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:11:26.0034 3868 PEAUTH - ok
21:11:26.0076 3868 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:11:26.0086 3868 PerfHost - ok
21:11:26.0158 3868 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:11:26.0222 3868 pla - ok
21:11:26.0270 3868 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:11:26.0280 3868 PlugPlay - ok
21:11:26.0310 3868 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:11:26.0330 3868 PNRPAutoReg - ok
21:11:26.0340 3868 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:11:26.0360 3868 PNRPsvc - ok
21:11:26.0410 3868 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:11:26.0450 3868 PolicyAgent - ok
21:11:26.0500 3868 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:11:26.0550 3868 Power - ok
21:11:26.0580 3868 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:11:26.0620 3868 PptpMiniport - ok
21:11:26.0640 3868 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:11:26.0660 3868 Processor - ok
21:11:26.0690 3868 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:11:26.0710 3868 ProfSvc - ok
21:11:26.0720 3868 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:11:26.0730 3868 ProtectedStorage - ok
21:11:26.0760 3868 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:11:26.0800 3868 Psched - ok
21:11:26.0871 3868 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:11:26.0912 3868 ql2300 - ok
21:11:26.0932 3868 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:11:26.0950 3868 ql40xx - ok
21:11:26.0999 3868 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:11:27.0094 3868 QWAVE - ok
21:11:27.0103 3868 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:11:27.0132 3868 QWAVEdrv - ok
21:11:27.0159 3868 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:11:27.0204 3868 RasAcd - ok
21:11:27.0274 3868 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:11:27.0324 3868 RasAgileVpn - ok
21:11:27.0344 3868 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:11:27.0384 3868 RasAuto - ok
21:11:27.0444 3868 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:11:27.0484 3868 Rasl2tp - ok
21:11:27.0504 3868 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:11:27.0554 3868 RasMan - ok
21:11:27.0554 3868 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:11:27.0604 3868 RasPppoe - ok
21:11:27.0604 3868 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:11:27.0654 3868 RasSstp - ok
21:11:27.0674 3868 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:11:27.0714 3868 rdbss - ok
21:11:27.0734 3868 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:11:27.0754 3868 rdpbus - ok
21:11:27.0774 3868 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:11:27.0814 3868 RDPCDD - ok
21:11:27.0834 3868 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:11:27.0874 3868 RDPENCDD - ok
21:11:27.0894 3868 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:11:27.0934 3868 RDPREFMP - ok
21:11:27.0964 3868 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:11:27.0984 3868 RDPWD - ok
21:11:27.0994 3868 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:11:28.0014 3868 rdyboost - ok
21:11:28.0044 3868 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:11:28.0094 3868 RemoteAccess - ok
21:11:28.0114 3868 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:11:28.0154 3868 RemoteRegistry - ok
21:11:28.0164 3868 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:11:28.0214 3868 RpcEptMapper - ok
21:11:28.0234 3868 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:11:28.0254 3868 RpcLocator - ok
21:11:28.0274 3868 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:11:28.0341 3868 RpcSs - ok
21:11:28.0366 3868 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:11:28.0406 3868 rspndr - ok
21:11:28.0432 3868 RSUSBSTOR - ok
21:11:28.0446 3868 RtsUIR - ok
21:11:28.0473 3868 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:11:28.0490 3868 SamSs - ok
21:11:28.0508 3868 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:11:28.0524 3868 sbp2port - ok
21:11:28.0558 3868 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:11:28.0620 3868 SCardSvr - ok
21:11:28.0635 3868 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:11:28.0686 3868 scfilter - ok
21:11:28.0710 3868 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:11:28.0770 3868 Schedule - ok
21:11:28.0811 3868 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:11:28.0842 3868 SCPolicySvc - ok
21:11:28.0862 3868 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:11:28.0892 3868 SDRSVC - ok
21:11:28.0932 3868 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:11:28.0972 3868 secdrv - ok
21:11:28.0992 3868 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:11:29.0047 3868 seclogon - ok
21:11:29.0079 3868 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:11:29.0135 3868 SENS - ok
21:11:29.0184 3868 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:11:29.0204 3868 SensrSvc - ok
21:11:29.0241 3868 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:11:29.0256 3868 Serenum - ok
21:11:29.0286 3868 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:11:29.0306 3868 Serial - ok
21:11:29.0326 3868 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:11:29.0346 3868 sermouse - ok
21:11:29.0366 3868 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:11:29.0406 3868 SessionEnv - ok
21:11:29.0416 3868 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:11:29.0436 3868 sffdisk - ok
21:11:29.0446 3868 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:11:29.0456 3868 sffp_mmc - ok
21:11:29.0466 3868 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:11:29.0486 3868 sffp_sd - ok
21:11:29.0486 3868 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:11:29.0506 3868 sfloppy - ok
21:11:29.0536 3868 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:11:29.0586 3868 SharedAccess - ok
21:11:29.0606 3868 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:11:29.0646 3868 ShellHWDetection - ok
21:11:29.0666 3868 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:11:29.0676 3868 SiSRaid2 - ok
21:11:29.0696 3868 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:11:29.0710 3868 SiSRaid4 - ok
21:11:29.0738 3868 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:11:29.0778 3868 Smb - ok
21:11:29.0845 3868 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:11:29.0860 3868 SNMPTRAP - ok
21:11:29.0870 3868 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:11:29.0895 3868 spldr - ok
21:11:29.0942 3868 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:11:29.0972 3868 Spooler - ok
21:11:30.0064 3868 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:11:30.0186 3868 sppsvc - ok
21:11:30.0196 3868 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:11:30.0236 3868 sppuinotify - ok
21:11:30.0306 3868 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:11:30.0326 3868 srv - ok
21:11:30.0356 3868 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:11:30.0366 3868 srv2 - ok
21:11:30.0396 3868 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:11:30.0406 3868 srvnet - ok
21:11:30.0486 3868 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:11:30.0620 3868 SSDPSRV - ok
21:11:30.0662 3868 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:11:30.0793 3868 SstpSvc - ok
21:11:30.0862 3868 Steam Client Service - ok
21:11:30.0929 3868 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:11:30.0960 3868 stexstor - ok
21:11:31.0028 3868 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:11:31.0105 3868 stisvc - ok
21:11:31.0128 3868 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:11:31.0148 3868 swenum - ok
21:11:31.0190 3868 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:11:31.0270 3868 swprv - ok
21:11:31.0360 3868 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:11:31.0447 3868 SysMain - ok
21:11:31.0476 3868 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:11:31.0510 3868 TabletInputService - ok
21:11:31.0522 3868 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:11:31.0586 3868 TapiSrv - ok
21:11:31.0616 3868 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:11:31.0674 3868 TBS - ok
21:11:31.0734 3868 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:11:31.0814 3868 Tcpip - ok
21:11:31.0862 3868 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:11:31.0935 3868 TCPIP6 - ok
21:11:31.0994 3868 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:11:32.0062 3868 tcpipreg - ok
21:11:32.0097 3868 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:11:32.0122 3868 TDPIPE - ok
21:11:32.0156 3868 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:11:32.0166 3868 TDTCP - ok
21:11:32.0176 3868 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:11:32.0232 3868 tdx - ok
21:11:32.0247 3868 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:11:32.0262 3868 TermDD - ok
21:11:32.0317 3868 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:11:32.0378 3868 TermService - ok
21:11:32.0411 3868 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:11:32.0447 3868 Themes - ok
21:11:32.0459 3868 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:11:32.0500 3868 THREADORDER - ok
21:11:32.0532 3868 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:11:32.0572 3868 TrkWks - ok
21:11:32.0612 3868 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:11:32.0662 3868 TrustedInstaller - ok
21:11:32.0693 3868 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:11:32.0734 3868 tssecsrv - ok
21:11:32.0754 3868 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:11:32.0782 3868 TsUsbFlt - ok
21:11:32.0790 3868 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:11:32.0806 3868 TsUsbGD - ok
21:11:32.0826 3868 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:11:32.0888 3868 tunnel - ok
21:11:32.0916 3868 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:11:32.0929 3868 uagp35 - ok
21:11:32.0955 3868 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:11:32.0998 3868 udfs - ok
21:11:33.0038 3868 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:11:33.0058 3868 UI0Detect - ok
21:11:33.0120 3868 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:11:33.0130 3868 uliagpkx - ok
21:11:33.0150 3868 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:11:33.0170 3868 umbus - ok
21:11:33.0170 3868 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:11:33.0190 3868 UmPass - ok
21:11:33.0220 3868 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:11:33.0260 3868 upnphost - ok
21:11:33.0290 3868 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:11:33.0310 3868 usbaudio - ok
21:11:33.0350 3868 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:11:33.0370 3868 usbccgp - ok
21:11:33.0380 3868 USBCCID - ok
21:11:33.0429 3868 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:11:33.0442 3868 usbcir - ok
21:11:33.0482 3868 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:11:33.0502 3868 usbehci - ok
21:11:33.0542 3868 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:11:33.0562 3868 usbhub - ok
21:11:33.0604 3868 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:11:33.0620 3868 usbohci - ok
21:11:33.0648 3868 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:11:33.0674 3868 usbprint - ok
21:11:33.0694 3868 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:11:33.0714 3868 USBSTOR - ok
21:11:33.0726 3868 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:11:33.0736 3868 usbuhci - ok
21:11:33.0786 3868 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:11:33.0796 3868 usbvideo - ok
21:11:33.0826 3868 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:11:33.0876 3868 UxSms - ok
21:11:33.0896 3868 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:11:33.0906 3868 VaultSvc - ok
21:11:33.0926 3868 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:11:33.0936 3868 vdrvroot - ok
21:11:33.0966 3868 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:11:34.0016 3868 vds - ok
21:11:34.0046 3868 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:11:34.0066 3868 vga - ok
21:11:34.0066 3868 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:11:34.0116 3868 VgaSave - ok
21:11:34.0126 3868 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:11:34.0136 3868 vhdmp - ok
21:11:34.0156 3868 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:11:34.0176 3868 viaide - ok
21:11:34.0186 3868 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:11:34.0207 3868 volmgr - ok
21:11:34.0237 3868 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:11:34.0258 3868 volmgrx - ok
21:11:34.0271 3868 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:11:34.0293 3868 volsnap - ok
21:11:34.0318 3868 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:11:34.0338 3868 vsmraid - ok
21:11:34.0390 3868 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:11:34.0460 3868 VSS - ok
21:11:34.0482 3868 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:11:34.0502 3868 vwifibus - ok
21:11:34.0522 3868 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:11:34.0542 3868 vwififlt - ok
21:11:34.0572 3868 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:11:34.0592 3868 vwifimp - ok
21:11:34.0612 3868 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:11:34.0662 3868 W32Time - ok
21:11:34.0772 3868 w7Svc - ok
21:11:34.0792 3868 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:11:34.0812 3868 WacomPen - ok
21:11:34.0842 3868 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:11:34.0882 3868 WANARP - ok
21:11:34.0882 3868 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:11:34.0974 3868 Wanarpv6 - ok
21:11:35.0034 3868 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:11:35.0114 3868 wbengine - ok
21:11:35.0134 3868 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:11:35.0186 3868 WbioSrvc - ok
21:11:35.0216 3868 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:11:35.0288 3868 wcncsvc - ok
21:11:35.0318 3868 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:11:35.0361 3868 WcsPlugInService - ok
21:11:35.0407 3868 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:11:35.0440 3868 Wd - ok
21:11:35.0500 3868 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:11:35.0550 3868 Wdf01000 - ok
21:11:35.0585 3868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:11:35.0677 3868 WdiServiceHost - ok
21:11:35.0694 3868 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:11:35.0733 3868 WdiSystemHost - ok
21:11:35.0757 3868 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:11:35.0782 3868 WebClient - ok
21:11:35.0814 3868 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:11:35.0897 3868 Wecsvc - ok
21:11:35.0922 3868 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:11:35.0984 3868 wercplsupport - ok
21:11:36.0037 3868 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:11:36.0096 3868 WerSvc - ok
21:11:36.0116 3868 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:11:36.0166 3868 WfpLwf - ok
21:11:36.0196 3868 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:11:36.0208 3868 WIMMount - ok
21:11:36.0218 3868 WinDefend - ok
21:11:36.0238 3868 WinHttpAutoProxySvc - ok
21:11:36.0328 3868 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:11:36.0388 3868 Winmgmt - ok
21:11:36.0498 3868 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:11:36.0578 3868 WinRM - ok
21:11:36.0638 3868 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:11:36.0678 3868 Wlansvc - ok
21:11:36.0698 3868 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:11:36.0718 3868 WmiAcpi - ok
21:11:36.0748 3868 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:11:36.0778 3868 wmiApSrv - ok
21:11:36.0820 3868 WMPNetworkSvc - ok
21:11:36.0850 3868 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:11:36.0870 3868 WPCSvc - ok
21:11:36.0931 3868 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:11:36.0952 3868 WPDBusEnum - ok
21:11:36.0982 3868 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:11:37.0034 3868 ws2ifsl - ok
21:11:37.0057 3868 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:11:37.0086 3868 wscsvc - ok
21:11:37.0086 3868 WSearch - ok
21:11:37.0166 3868 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:11:37.0230 3868 wuauserv - ok
21:11:37.0273 3868 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:11:37.0320 3868 WudfPf - ok
21:11:37.0354 3868 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:11:37.0400 3868 WUDFRd - ok
21:11:37.0432 3868 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:11:37.0488 3868 wudfsvc - ok
21:11:37.0507 3868 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:11:37.0524 3868 WwanSvc - ok
21:11:37.0576 3868 ================ Scan global ===============================
21:11:37.0606 3868 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:11:37.0636 3868 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:11:37.0656 3868 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:11:37.0705 3868 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:11:37.0738 3868 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:11:37.0748 3868 [Global] - ok
21:11:37.0748 3868 ================ Scan MBR ==================================
21:11:37.0758 3868 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:11:38.0068 3868 \Device\Harddisk0\DR0 - ok
21:11:38.0078 3868 ================ Scan VBR ==================================
21:11:38.0078 3868 [ 161E4CAB2233851E98353B156F840649 ] \Device\Harddisk0\DR0\Partition1
21:11:38.0078 3868 \Device\Harddisk0\DR0\Partition1 - ok
21:11:38.0118 3868 [ E18181D28E93290224EBD532EE013FE5 ] \Device\Harddisk0\DR0\Partition2
21:11:38.0118 3868 \Device\Harddisk0\DR0\Partition2 - ok
21:11:38.0128 3868 ============================================================
21:11:38.0128 3868 Scan finished
21:11:38.0128 3868 ============================================================
21:11:38.0148 3880 Detected object count: 0
21:11:38.0148 3880 Actual detected object count: 0
|
|
05.09.2012, 08:37
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Website nicht anzeigen. Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
05.09.2012, 14:34
| #19 |
| | Dieses Programm kann die Website nicht anzeigen.Code:
ATTFilter ComboFix 12-09-05.01 - Hengstermann 05.09.2012 15:06:36.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.2044.1227 [GMT 2:00]
ausgeführt von:: c:\users\Hengstermann\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\sdelevURL.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-05 bis 2012-09-05 ))))))))))))))))))))))))))))))
.
.
2012-09-04 19:15 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{076A5BF3-E24A-4EDD-BE24-266D89C1A519}\mpengine.dll
2012-09-04 18:33 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-04 18:29 . 2012-09-04 18:29 -------- d-----w- C:\_OTL
2012-09-03 12:32 . 2012-09-03 12:32 -------- d-----w- c:\program files (x86)\ESET
2012-09-01 14:07 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-31 21:39 . 2012-08-31 21:39 -------- d-----w- c:\users\Hengstermann\AppData\Roaming\Malwarebytes
2012-08-31 21:39 . 2012-09-01 14:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-31 21:39 . 2012-08-31 21:39 -------- d-----w- c:\programdata\Malwarebytes
2012-08-28 19:08 . 2012-08-28 19:08 -------- d-----w- c:\windows\Downloaded Installations
2012-08-15 19:29 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 19:29 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 19:29 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 19:29 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 19:29 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 19:29 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 19:29 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 19:29 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 19:29 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 19:29 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 19:29 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 19:29 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-24 13:58 . 2012-07-04 17:52 405152 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-08-15 19:48 . 2012-07-04 03:57 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-15 08:08 . 2012-07-04 15:46 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 08:08 . 2012-07-04 15:46 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-05 20:06 . 2012-07-31 02:34 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-05 20:06 . 2012-07-31 02:34 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-04 04:45 . 2012-07-04 04:45 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40E89106-1D7B-448E-A684-7B14663FBBBC}\gapaengine.dll
2012-07-04 03:56 . 2009-03-26 09:16 25608 ----a-w- c:\windows\SysWow64\drivers\DKbFltr.sys
2012-07-04 03:56 . 2009-08-21 08:31 347656 ----a-w- c:\windows\UNINST32.EXE
2012-07-04 03:56 . 2012-07-04 04:33 7347200 ----a-w- c:\windows\system32\RTSUSTORicon.dll
2012-07-04 03:54 . 2012-07-04 04:32 513536 ----a-w- c:\windows\system32\SRSTSX64.dll
2012-07-04 03:54 . 2012-07-04 04:32 211376 ----a-w- c:\windows\system32\SRSTSH64.dll
2012-07-04 03:54 . 2012-07-04 04:32 193536 ----a-w- c:\windows\system32\SRSHP64.dll
2012-07-04 03:54 . 2012-07-04 04:32 150528 ----a-w- c:\windows\system32\SRSWOW64.dll
2012-07-04 03:54 . 2012-07-04 04:32 611872 ----a-w- c:\windows\system32\RTSnMg64.cpl
2012-07-04 03:54 . 2012-07-04 04:32 1558560 ----a-w- c:\windows\system32\RtPgEx64.dll
2012-07-04 03:54 . 2012-07-04 04:32 332320 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2012-07-04 03:54 . 2012-07-04 04:32 2012832 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2012-07-04 03:54 . 2012-07-04 04:32 436768 ----a-w- c:\windows\system32\RtkApi64.dll
2012-07-04 03:54 . 2012-07-04 04:32 1633312 ----a-w- c:\windows\system32\RtkAPO64.dll
2012-07-04 03:54 . 2012-07-04 04:32 149536 ----a-w- c:\windows\system32\RtkCfg64.dll
2012-07-04 03:54 . 2012-07-04 04:32 1200672 ----a-w- c:\windows\system32\RTCOM64.dll
2012-07-04 03:54 . 2012-07-04 04:32 66592 ----a-w- c:\windows\system32\RCoInst64.dll
2012-07-04 03:54 . 2012-07-04 04:32 304640 ----a-w- c:\windows\system32\RP3DHT64.dll
2012-07-04 03:54 . 2012-07-04 04:32 304640 ----a-w- c:\windows\system32\RP3DAA64.dll
2012-07-04 03:54 . 2012-07-04 04:32 320512 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2012-07-04 03:54 . 2012-07-04 04:32 310784 ----a-w- c:\windows\system32\FMAPO64.dll
2012-07-04 03:54 . 2012-07-04 04:32 166400 ----a-w- c:\windows\system32\AERTAC64.dll
2012-07-04 03:54 . 2012-07-04 04:32 108032 ----a-w- c:\windows\system32\AERTAR64.dll
2012-07-04 03:53 . 2012-07-04 04:32 831488 ----a-w- c:\windows\RtlExUpd.dll
2012-07-04 03:21 . 2012-07-04 03:21 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-07-04 03:21 . 2012-07-04 03:21 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-07-04 03:21 . 2012-07-04 03:21 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-07-04 03:21 . 2012-07-04 03:21 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-04 03:17 . 2012-07-04 03:17 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-07-04 03:17 . 2012-07-04 03:17 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-07-04 03:17 . 2012-07-04 03:17 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-07-04 03:11 . 2012-07-04 03:11 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-07-04 03:10 . 2012-07-04 03:10 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-07-04 03:03 . 2012-07-04 03:03 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-07-04 03:03 . 2012-07-04 03:03 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-07-04 03:02 . 2012-07-04 03:02 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-04 03:02 . 2012-07-04 03:02 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-07-04 03:02 . 2012-07-04 03:02 5120 ----a-w- c:\windows\system32\wmi.dll
2012-07-04 03:02 . 2012-07-04 03:02 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-04 03:02 . 2012-07-04 03:02 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-07-04 03:02 . 2012-07-04 03:02 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-07-04 03:02 . 2012-07-04 03:02 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-07-04 03:02 . 2012-07-04 03:02 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-07-04 03:02 . 2012-07-04 03:02 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-07-04 03:02 . 2012-07-04 03:02 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-07-04 03:02 . 2012-07-04 03:02 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-07-04 03:01 . 2012-07-04 03:01 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-07-04 03:01 . 2012-07-04 03:01 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-07-04 03:01 . 2012-07-04 03:01 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-07-04 03:01 . 2012-07-04 03:01 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-07-04 03:01 . 2012-07-04 03:01 395776 ----a-w- c:\windows\system32\webio.dll
2012-07-04 03:01 . 2012-07-04 03:01 314880 ----a-w- c:\windows\SysWow64\webio.dll
2012-07-04 03:01 . 2012-07-04 03:01 31232 ----a-w- c:\windows\system32\lsass.exe
2012-07-04 03:01 . 2012-07-04 03:01 29184 ----a-w- c:\windows\system32\sspisrv.dll
2012-07-04 03:01 . 2012-07-04 03:01 28160 ----a-w- c:\windows\system32\secur32.dll
2012-07-04 03:01 . 2012-07-04 03:01 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2012-07-04 03:01 . 2012-07-04 03:01 136192 ----a-w- c:\windows\system32\sspicli.dll
2012-07-04 03:01 . 2012-07-04 03:01 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-07-04 03:01 . 2012-07-04 03:01 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-07-04 03:00 . 2012-07-04 03:00 77312 ----a-w- c:\windows\system32\packager.dll
2012-07-04 03:00 . 2012-07-04 03:00 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-07-04 02:57 . 2012-07-04 02:57 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-07-04 02:57 . 2012-07-04 02:57 2048 ----a-w- c:\windows\system32\tzres.dll
2012-07-04 02:56 . 2012-07-04 02:56 43520 ----a-w- c:\windows\system32\csrsrv.dll
2012-07-04 02:56 . 2012-07-04 02:56 723456 ----a-w- c:\windows\system32\EncDec.dll
2012-07-04 02:56 . 2012-07-04 02:56 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2012-07-04 02:56 . 2012-07-04 02:56 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2012-07-04 02:56 . 2012-07-04 02:56 613888 ----a-w- c:\windows\system32\psisdecd.dll
2012-07-04 02:56 . 2012-07-04 02:56 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2012-07-04 02:56 . 2012-07-04 02:56 108032 ----a-w- c:\windows\system32\psisrndr.ax
2012-07-04 02:55 . 2012-07-04 02:55 861696 ----a-w- c:\windows\system32\oleaut32.dll
2012-07-04 02:55 . 2012-07-04 02:55 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2012-07-04 02:55 . 2012-07-04 02:55 331776 ----a-w- c:\windows\system32\oleacc.dll
2012-07-04 02:55 . 2012-07-04 02:55 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2012-07-04 02:53 . 2012-07-04 02:53 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2012-07-04 02:53 . 2012-07-04 02:53 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2012-07-04 02:53 . 2012-07-04 02:53 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2012-07-04 02:53 . 2012-07-04 02:53 212992 ----a-w- c:\windows\system32\odbctrac.dll
2012-07-04 02:53 . 2012-07-04 02:53 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2012-07-04 02:53 . 2012-07-04 02:53 163840 ----a-w- c:\windows\system32\odbccp32.dll
2012-07-04 02:53 . 2012-07-04 02:53 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2012-07-04 02:53 . 2012-07-04 02:53 106496 ----a-w- c:\windows\system32\odbccu32.dll
2012-07-04 02:53 . 2012-07-04 02:53 106496 ----a-w- c:\windows\system32\odbccr32.dll
2012-07-04 02:53 . 2012-07-04 02:53 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2012-07-04 02:53 . 2012-07-04 02:53 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-07-04 02:53 . 2012-07-04 02:53 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-07-04 02:53 . 2012-07-04 02:53 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-07-04 02:53 . 2012-07-04 02:53 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-07-04 02:53 . 2012-07-04 02:53 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-07-04 02:53 . 2012-07-04 02:53 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-07-04 02:53 . 2012-07-04 02:53 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-07-04 02:53 . 2012-07-04 02:53 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-07-04 02:53 . 2012-07-04 02:53 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-07-04 02:53 . 2012-07-04 02:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-08-05 1353080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-07-04 1157128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 w7Svc;webcam 7 Service;c:\program files (x86)\webcam 7\wService.exe [2012-03-26 5094200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-10-29 844320]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-04 08:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-04 8306208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-10-29 822816]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\users\Hengstermann\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Hengstermann\AppData\Roaming\Mozilla\Firefox\Profiles\exlg0zft.default\
FF - prefs.js: browser.startup.homepage - Google.de
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\w7Svc]
"ImagePath"="c:\program files (x86)\webcam 7\wService.exe /startedbyscm:5053B757-40E35B3B-webcam7SRV"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-05 15:27:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-05 13:27
.
Vor Suchlauf: 8 Verzeichnis(se), 590.385.713.152 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 590.000.160.768 Bytes frei
.
- - End Of File - - A07C93ECAFF4FE15AFE24C8707DCA387
|
|
05.09.2012, 15:15
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Website nicht anzeigen. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2012, 15:56
| #21 |
| | Dieses Programm kann die Website nicht anzeigen. bei GMER finde ich das log nicht hier das OSAM log: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 16:31:19 on 05.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 14.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "CyberLink WebCam Virtual Driver" (clwvd) - ? - C:\Windows\System32\DRIVERS\clwvd.sys (File not found) "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "Realtek IR Driver" (RtsUIR) - ? - C:\Windows\System32\DRIVERS\Rts516xIR.sys (File not found) "Realtek Smartcard Reader Driver" (USBCCID) - ? - C:\Windows\System32\DRIVERS\RtsUCcid.sys (File not found) "RtsUStor.Sys Realtek USB Card Reader" (RSUSBSTOR) - ? - C:\Windows\System32\Drivers\RtsUStor.sys (File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL [Internet Explorer] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Hengstermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Steam" - "Valve Corporation" - "C:\Program Files (x86)\Steam\Steam.exe" -silent -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "LManager" - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\LManager.exe "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\NisSrv.exe "Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Client\MsMpEng.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe "webcam 7 Service" (w7Svc) - "Moonware Studios" - C:\Program Files (x86)\webcam 7\wService.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-05 16:33:43
-----------------------------
16:33:43.503 OS Version: Windows x64 6.1.7601 Service Pack 1
16:33:43.504 Number of processors: 2 586 0x602
16:33:43.505 ComputerName: HENGSTERMANN-PC UserName: Hengstermann
16:33:46.849 Initialize success
16:35:36.668 AVAST engine defs: 12090501
16:35:52.380 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:35:52.390 Disk 0 Vendor: SAMSUNG_HM641JI 2AJ10001 Size: 610480MB BusType: 11
16:35:52.410 Disk 0 MBR read successfully
16:35:52.420 Disk 0 MBR scan
16:35:52.430 Disk 0 Windows 7 default MBR code
16:35:52.450 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:35:52.490 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 610378 MB offset 206848
16:35:52.560 Disk 0 scanning C:\Windows\system32\drivers
16:36:07.835 Service scanning
16:36:36.586 Modules scanning
16:36:36.596 Disk 0 trace - called modules:
16:36:36.626 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:36:36.636 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80027bb060]
16:36:36.646 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8002654520]
16:36:36.666 5 ACPI.sys[fffff88000f877a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80026471f0]
16:36:38.696 AVAST engine scan C:\Windows
16:36:45.002 AVAST engine scan C:\Windows\system32
16:41:28.258 AVAST engine scan C:\Windows\system32\drivers
16:41:44.809 AVAST engine scan C:\Users\Hengstermann
16:43:26.118 AVAST engine scan C:\ProgramData
16:43:43.042 Scan finished successfully
16:46:09.508 Disk 0 MBR has been saved successfully to "C:\Users\Hengstermann\Desktop\MBR.dat"
16:46:09.518 The log file has been saved successfully to "C:\Users\Hengstermann\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-05 16:46:45
-----------------------------
16:46:45.314 OS Version: Windows x64 6.1.7601 Service Pack 1
16:46:45.314 Number of processors: 2 586 0x602
16:46:45.324 ComputerName: HENGSTERMANN-PC UserName: Hengstermann
16:46:47.380 Initialize success
16:46:59.510 AVAST engine defs: 12090501
16:48:17.626 The log file has been saved successfully to "C:\Users\Hengstermann\Desktop\aswMBR.txt"
|
|
06.09.2012, 10:15
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Website nicht anzeigen. Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2012, 14:34
| #23 |
| | Dieses Programm kann die Website nicht anzeigen.Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.09.06.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Hengstermann :: HENGSTERMANN-PC [Administrator] Schutz: Deaktiviert 06.09.2012 13:55:16 mbam-log-2012-09-06 (13-55-16).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 298762 Laufzeit: 36 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/06/2012 at 03:30 PM
Application Version : 5.5.1012
Core Rules Database Version : 9181
Trace Rules Database Version: 6993
Scan type : Complete Scan
Total Scan Time : 00:52:17
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 678
Memory threats detected : 0
Registry items scanned : 63486
Registry threats detected : 0
File items scanned : 44797
File threats detected : 19
Adware.Tracking Cookie
C:\Users\Hengstermann\AppData\Roaming\Microsoft\Windows\Cookies\OB6ZBF9Y.txt [ /doubleclick.net ]
C:\Users\Hengstermann\AppData\Roaming\Microsoft\Windows\Cookies\M2JN8WUW.txt [ /www.windowsmedia.com ]
C:\Users\Hengstermann\AppData\Roaming\Microsoft\Windows\Cookies\JUPXUGHG.txt [ /www.hsselite.com ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\GIIZ3Z3K.txt [ Cookie:hengstermann@clkads.com/adServe ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\LKC23KUM.txt [ Cookie:hengstermann@clkads.com/adServe/banners ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\2272HAM2.txt [ Cookie:hengstermann@adform.net/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JSET18QW.txt [ Cookie:hengstermann@ad.yieldmanager.com/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZQPA9ODX.txt [ Cookie:hengstermann@invitemedia.com/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y517ELJ5.txt [ Cookie:hengstermann@fl01.ct2.comclick.com/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NXRSQ30F.txt [ Cookie:hengstermann@c.atdmt.com/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\NWUTNZ0L.txt [ Cookie:hengstermann@serving-sys.com/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\2QPD0FXF.txt [ Cookie:hengstermann@apmebf.com/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\WKU1VXCH.txt [ Cookie:hengstermann@mediaplex.com/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\STNEDM59.txt [ Cookie:hengstermann@adx.chip.de/ ]
C:\USERS\HENGSTERMANN\AppData\Roaming\Microsoft\Windows\Cookies\Low\PL6C2HZX.txt [ Cookie:hengstermann@adfarm1.adition.com/ ]
C:\USERS\HENGSTERMANN\Cookies\GIIZ3Z3K.txt [ Cookie:hengstermann@clkads.com/adServe ]
C:\USERS\HENGSTERMANN\Cookies\LKC23KUM.txt [ Cookie:hengstermann@clkads.com/adServe/banners ]
accounts.google.com [ C:\USERS\HENGSTERMANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EXLG0ZFT.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\HENGSTERMANN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EXLG0ZFT.DEFAULT\COOKIES.SQLITE ]
|
|
06.09.2012, 15:44
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Website nicht anzeigen. Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2012, 16:48
| #25 |
| | Dieses Programm kann die Website nicht anzeigen. ok, das beim schliessen des browsers alles gelöscht wird hab ich schon länger so bei firefox eingestellt. ich benutz auch eigentlich gar keinen anderen browser. soweit ich das beurteilen kann ist hier wieder alles ok.. erstmal danke für die hilfe und deine zeit! kann ich die ganzen programme jetzt wieder deinstallieren? und noch eine frage, ich hatte meinen laptop neu machen lassen und dann "Microsoft Security Essentials" als schutzprogramm auf meinem rechner, davor hatte ich immer avira womit ich eigentlich auch zufrieden war, welches würdest du mir da empfehlen? |
|
06.09.2012, 20:04
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dieses Programm kann die Website nicht anzeigen. MSE ist ok und damit bist du gut bedient, behalte es Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Dieses Programm kann die Website nicht anzeigen. |
| abgesicherte, abgesicherten, abgesicherten modus, anzeige, anzeigen, bildschirm, erschein, erscheint, folge, folgendes, gestartet, hochgefahren, hoffe, laptop, leute, malwarebytes, modus, problem, programm, rum, runtergeladen, suchlauf, website, weisser, weisser bildschirm |
Linear-Darstellung
