| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.09.2012, 16:01
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.09.2012, 17:51
| #17 |
 | Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt?Code:
ATTFilter 18:41:38.0478 4072 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:41:38.0698 4072 ============================================================
18:41:38.0698 4072 Current date / time: 2012/09/19 18:41:38.0698
18:41:38.0699 4072 SystemInfo:
18:41:38.0699 4072
18:41:38.0699 4072 OS Version: 6.1.7601 ServicePack: 1.0
18:41:38.0699 4072 Product type: Workstation
18:41:38.0700 4072 ComputerName: Axxxxxxxxxxxxx-PC
18:41:38.0701 4072 UserName: Axxxxxxxxxxxxxxx
18:41:38.0701 4072 Windows directory: C:\windows
18:41:38.0701 4072 System windows directory: C:\windows
18:41:38.0701 4072 Processor architecture: Intel x86
18:41:38.0701 4072 Number of processors: 2
18:41:38.0702 4072 Page size: 0x1000
18:41:38.0702 4072 Boot type: Normal boot
18:41:38.0702 4072 ============================================================
18:41:40.0722 4072 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:41:40.0733 4072 ============================================================
18:41:40.0733 4072 \Device\Harddisk0\DR0:
18:41:40.0734 4072 MBR partitions:
18:41:40.0734 4072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
18:41:40.0734 4072 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0xAA00000
18:41:40.0753 4072 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xD233000, BlocksNum 0xFF92000
18:41:40.0753 4072 ============================================================
18:41:40.0794 4072 C: <-> \Device\Harddisk0\DR0\Partition2
18:41:40.0847 4072 D: <-> \Device\Harddisk0\DR0\Partition3
18:41:40.0848 4072 ============================================================
18:41:40.0848 4072 Initialize success
18:41:40.0848 4072 ============================================================
18:42:49.0909 5532 ============================================================
18:42:49.0909 5532 Scan started
18:42:49.0909 5532 Mode: Manual; SigCheck; TDLFS;
18:42:49.0910 5532 ============================================================
18:42:51.0611 5532 ================ Scan system memory ========================
18:42:51.0611 5532 System memory - ok
18:42:51.0612 5532 ================ Scan services =============================
18:42:51.0936 5532 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:42:52.0329 5532 1394ohci - ok
18:42:52.0377 5532 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:42:52.0452 5532 ACPI - ok
18:42:52.0518 5532 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:42:52.0671 5532 AcpiPmi - ok
18:42:52.0872 5532 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:42:52.0934 5532 AdobeFlashPlayerUpdateSvc - ok
18:42:53.0018 5532 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
18:42:53.0106 5532 adp94xx - ok
18:42:53.0143 5532 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
18:42:53.0218 5532 adpahci - ok
18:42:53.0259 5532 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
18:42:53.0346 5532 adpu320 - ok
18:42:53.0400 5532 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:42:53.0528 5532 AeLookupSvc - ok
18:42:53.0602 5532 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
18:42:53.0715 5532 AFD - ok
18:42:53.0781 5532 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
18:42:53.0869 5532 agp440 - ok
18:42:53.0973 5532 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
18:42:54.0075 5532 aic78xx - ok
18:42:54.0175 5532 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
18:42:54.0281 5532 ALG - ok
18:42:54.0309 5532 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
18:42:54.0362 5532 aliide - ok
18:42:54.0395 5532 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
18:42:54.0453 5532 amdagp - ok
18:42:54.0505 5532 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
18:42:54.0559 5532 amdide - ok
18:42:54.0627 5532 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
18:42:54.0747 5532 AmdK8 - ok
18:42:54.0765 5532 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
18:42:54.0856 5532 AmdPPM - ok
18:42:54.0903 5532 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
18:42:54.0978 5532 amdsata - ok
18:42:55.0027 5532 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
18:42:55.0128 5532 amdsbs - ok
18:42:55.0168 5532 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:42:55.0256 5532 amdxata - ok
18:42:55.0499 5532 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:42:55.0567 5532 AntiVirSchedulerService - ok
18:42:55.0649 5532 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:42:55.0694 5532 AntiVirService - ok
18:42:55.0760 5532 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
18:42:56.0208 5532 AppID - ok
18:42:56.0269 5532 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:42:56.0416 5532 AppIDSvc - ok
18:42:56.0460 5532 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
18:42:56.0600 5532 Appinfo - ok
18:42:56.0761 5532 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:42:56.0821 5532 Apple Mobile Device - ok
18:42:56.0893 5532 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
18:42:56.0950 5532 arc - ok
18:42:56.0981 5532 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
18:42:57.0043 5532 arcsas - ok
18:42:57.0086 5532 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:42:57.0359 5532 AsyncMac - ok
18:42:57.0405 5532 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
18:42:57.0458 5532 atapi - ok
18:42:57.0533 5532 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:42:57.0679 5532 AudioEndpointBuilder - ok
18:42:57.0705 5532 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
18:42:57.0866 5532 Audiosrv - ok
18:42:57.0933 5532 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
18:42:58.0005 5532 avgntflt - ok
18:42:58.0086 5532 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
18:42:58.0137 5532 avipbb - ok
18:42:58.0167 5532 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
18:42:58.0212 5532 avkmgr - ok
18:42:58.0268 5532 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
18:42:58.0426 5532 AxInstSV - ok
18:42:58.0480 5532 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
18:42:58.0625 5532 b06bdrv - ok
18:42:58.0674 5532 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
18:42:58.0761 5532 b57nd60x - ok
18:42:58.0914 5532 [ 55BBDDE1CBD3FA79EA88BAAA051D9735 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
18:42:59.0161 5532 BCM43XX - ok
18:42:59.0298 5532 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
18:42:59.0425 5532 BDESVC - ok
18:42:59.0482 5532 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
18:42:59.0658 5532 Beep - ok
18:42:59.0741 5532 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
18:42:59.0964 5532 BFE - ok
18:43:00.0016 5532 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
18:43:00.0228 5532 BITS - ok
18:43:00.0271 5532 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:43:00.0377 5532 blbdrive - ok
18:43:00.0497 5532 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:43:00.0579 5532 Bonjour Service - ok
18:43:00.0643 5532 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:43:00.0741 5532 bowser - ok
18:43:00.0773 5532 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
18:43:00.0926 5532 BrFiltLo - ok
18:43:00.0968 5532 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
18:43:01.0155 5532 BrFiltUp - ok
18:43:01.0209 5532 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
18:43:01.0340 5532 Browser - ok
18:43:01.0375 5532 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:43:01.0516 5532 Brserid - ok
18:43:01.0542 5532 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:43:01.0657 5532 BrSerWdm - ok
18:43:01.0716 5532 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:43:01.0830 5532 BrUsbMdm - ok
18:43:01.0870 5532 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:43:01.0953 5532 BrUsbSer - ok
18:43:02.0015 5532 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
18:43:02.0177 5532 BthEnum - ok
18:43:02.0211 5532 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
18:43:02.0307 5532 BTHMODEM - ok
18:43:02.0396 5532 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
18:43:02.0474 5532 BthPan - ok
18:43:02.0535 5532 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
18:43:02.0630 5532 BTHPORT - ok
18:43:02.0685 5532 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
18:43:02.0816 5532 bthserv - ok
18:43:02.0859 5532 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
18:43:02.0947 5532 BTHUSB - ok
18:43:03.0021 5532 [ 7061FE1715E5ADED120FE4C608609357 ] btwampfl C:\windows\system32\drivers\btwampfl.sys
18:43:03.0078 5532 btwampfl - ok
18:43:03.0125 5532 [ A95B2FB3CA7B555B5CB306153F48CED8 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
18:43:03.0168 5532 btwaudio - ok
18:43:03.0221 5532 [ 1F9CD885F1C548BE93962CCABDB632E4 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
18:43:03.0264 5532 btwavdt - ok
18:43:03.0354 5532 [ 9634E2B260AA445EF6B83731AC6EE5AC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:43:03.0432 5532 btwdins - ok
18:43:03.0466 5532 [ DE53089F0678CB5F0AFEB867ACB0FB05 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
18:43:03.0517 5532 btwl2cap - ok
18:43:03.0572 5532 [ A2D6C7B7B62A6C42DCB01204A6BD6FC2 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
18:43:03.0628 5532 btwrchid - ok
18:43:03.0677 5532 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:43:03.0796 5532 cdfs - ok
18:43:03.0862 5532 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
18:43:03.0942 5532 cdrom - ok
18:43:03.0989 5532 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
18:43:04.0117 5532 CertPropSvc - ok
18:43:04.0165 5532 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
18:43:04.0270 5532 circlass - ok
18:43:04.0322 5532 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
18:43:04.0397 5532 CLFS - ok
18:43:04.0515 5532 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:43:04.0571 5532 clr_optimization_v2.0.50727_32 - ok
18:43:04.0685 5532 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:43:04.0792 5532 clr_optimization_v4.0.30319_32 - ok
18:43:04.0827 5532 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:43:04.0908 5532 CmBatt - ok
18:43:04.0944 5532 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
18:43:04.0996 5532 cmdide - ok
18:43:05.0050 5532 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
18:43:05.0186 5532 CNG - ok
18:43:05.0226 5532 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
18:43:05.0279 5532 Compbatt - ok
18:43:05.0346 5532 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
18:43:05.0453 5532 CompositeBus - ok
18:43:05.0495 5532 COMSysApp - ok
18:43:05.0533 5532 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
18:43:05.0593 5532 crcdisk - ok
18:43:05.0647 5532 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\windows\system32\cryptsvc.dll
18:43:05.0749 5532 CryptSvc - ok
18:43:05.0871 5532 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:43:05.0980 5532 cvhsvc - ok
18:43:06.0063 5532 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
18:43:06.0237 5532 DcomLaunch - ok
18:43:06.0288 5532 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
18:43:06.0436 5532 defragsvc - ok
18:43:06.0496 5532 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:43:06.0660 5532 DfsC - ok
18:43:06.0738 5532 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
18:43:06.0881 5532 Dhcp - ok
18:43:06.0928 5532 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
18:43:07.0074 5532 discache - ok
18:43:07.0120 5532 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
18:43:07.0186 5532 Disk - ok
18:43:07.0254 5532 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:43:07.0383 5532 Dnscache - ok
18:43:07.0458 5532 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
18:43:07.0626 5532 dot3svc - ok
18:43:07.0689 5532 [ B5E479EB83707DD698F66953E922042C ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
18:43:07.0797 5532 dot4 - ok
18:43:07.0881 5532 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\windows\system32\drivers\Dot4Prt.sys
18:43:08.0060 5532 Dot4Print - ok
18:43:08.0102 5532 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
18:43:08.0180 5532 dot4usb - ok
18:43:08.0224 5532 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
18:43:08.0382 5532 DPS - ok
18:43:08.0430 5532 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:43:08.0518 5532 drmkaud - ok
18:43:08.0590 5532 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:43:08.0862 5532 DXGKrnl - ok
18:43:08.0918 5532 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
18:43:09.0064 5532 EapHost - ok
18:43:09.0210 5532 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
18:43:09.0446 5532 ebdrv - ok
18:43:09.0523 5532 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
18:43:09.0681 5532 EFS - ok
18:43:09.0750 5532 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
18:43:09.0831 5532 elxstor - ok
18:43:09.0862 5532 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
18:43:09.0933 5532 ErrDev - ok
18:43:10.0021 5532 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
18:43:10.0214 5532 EventSystem - ok
18:43:10.0248 5532 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
18:43:10.0389 5532 exfat - ok
18:43:10.0420 5532 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
18:43:10.0564 5532 fastfat - ok
18:43:10.0628 5532 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
18:43:10.0815 5532 Fax - ok
18:43:10.0835 5532 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
18:43:10.0909 5532 fdc - ok
18:43:10.0970 5532 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
18:43:11.0154 5532 fdPHost - ok
18:43:11.0194 5532 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
18:43:11.0422 5532 FDResPub - ok
18:43:11.0452 5532 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:43:11.0534 5532 FileInfo - ok
18:43:11.0650 5532 [ ACEDB7769F9043E869E252153487CC5C ] FileOpenManagerSvc C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe
18:43:11.0737 5532 FileOpenManagerSvc - ok
18:43:11.0769 5532 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:43:11.0972 5532 Filetrace - ok
18:43:12.0028 5532 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
18:43:12.0149 5532 flpydisk - ok
18:43:12.0224 5532 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:43:12.0316 5532 FltMgr - ok
18:43:12.0399 5532 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
18:43:12.0569 5532 FontCache - ok
18:43:12.0683 5532 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:43:12.0932 5532 FontCache3.0.0.0 - ok
18:43:13.0007 5532 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:43:13.0106 5532 FsDepends - ok
18:43:13.0203 5532 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
18:43:13.0269 5532 fssfltr - ok
18:43:13.0402 5532 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:43:13.0599 5532 fsssvc - ok
18:43:13.0688 5532 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:43:13.0782 5532 Fs_Rec - ok
18:43:13.0874 5532 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:43:13.0988 5532 fvevol - ok
18:43:14.0067 5532 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
18:43:14.0157 5532 gagp30kx - ok
18:43:14.0238 5532 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
18:43:14.0303 5532 GEARAspiWDM - ok
18:43:14.0366 5532 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
18:43:14.0639 5532 gpsvc - ok
18:43:14.0756 5532 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:43:14.0824 5532 gupdate - ok
18:43:14.0869 5532 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:43:14.0931 5532 gupdatem - ok
18:43:14.0988 5532 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:43:15.0158 5532 hcw85cir - ok
18:43:15.0247 5532 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:43:15.0399 5532 HdAudAddService - ok
18:43:15.0486 5532 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
18:43:15.0623 5532 HDAudBus - ok
18:43:15.0703 5532 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
18:43:15.0860 5532 HidBatt - ok
18:43:15.0905 5532 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
18:43:16.0078 5532 HidBth - ok
18:43:16.0125 5532 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
18:43:16.0577 5532 HidIr - ok
18:43:16.0660 5532 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
18:43:17.0873 5532 hidserv - ok
18:43:18.0080 5532 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
18:43:18.0686 5532 HidUsb - ok
18:43:18.0937 5532 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
18:43:19.0533 5532 hkmsvc - ok
18:43:19.0625 5532 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:43:21.0121 5532 HomeGroupListener - ok
18:43:21.0307 5532 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:43:22.0138 5532 HomeGroupProvider - ok
18:43:22.0209 5532 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:43:22.0476 5532 HpSAMD - ok
18:43:22.0585 5532 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:43:22.0987 5532 HTTP - ok
18:43:23.0049 5532 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:43:23.0177 5532 hwpolicy - ok
18:43:23.0362 5532 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
18:43:23.0764 5532 i8042prt - ok
18:43:23.0876 5532 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
18:43:24.0227 5532 iaStor - ok
18:43:24.0395 5532 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:43:24.0636 5532 iaStorV - ok
18:43:24.0737 5532 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:43:25.0282 5532 idsvc - ok
18:43:26.0488 5532 [ 99469637D568076EA5664DAA8463C2E3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
18:43:28.0074 5532 igfx - ok
18:43:28.0274 5532 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
18:43:28.0408 5532 iirsp - ok
18:43:28.0702 5532 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
18:43:29.0494 5532 IKEEXT - ok
18:43:29.0891 5532 [ F4427E5DF32CDE359B2E2E5512D18001 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
18:43:30.0658 5532 IntcAzAudAddService - ok
18:43:30.0796 5532 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
18:43:30.0923 5532 intelide - ok
18:43:31.0037 5532 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:43:31.0831 5532 intelppm - ok
18:43:32.0140 5532 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:43:33.0058 5532 IPBusEnum - ok
18:43:33.0110 5532 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:43:33.0552 5532 IpFilterDriver - ok
18:43:33.0642 5532 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:43:34.0738 5532 iphlpsvc - ok
18:43:34.0817 5532 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:43:35.0821 5532 IPMIDRV - ok
18:43:35.0965 5532 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:43:36.0654 5532 IPNAT - ok
18:43:37.0056 5532 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:43:37.0378 5532 iPod Service - ok
18:43:37.0456 5532 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
18:43:38.0994 5532 IRENUM - ok
18:43:39.0110 5532 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:43:39.0358 5532 isapnp - ok
18:43:39.0452 5532 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:43:39.0587 5532 iScsiPrt - ok
18:43:39.0855 5532 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
18:43:40.0086 5532 kbdclass - ok
18:43:40.0546 5532 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
18:43:41.0091 5532 kbdhid - ok
18:43:41.0338 5532 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
18:43:41.0807 5532 KeyIso - ok
18:43:42.0067 5532 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:43:42.0354 5532 KSecDD - ok
18:43:42.0579 5532 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:43:42.0853 5532 KSecPkg - ok
18:43:43.0231 5532 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
18:43:44.0145 5532 KtmRm - ok
18:43:44.0648 5532 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
18:43:45.0594 5532 LanmanServer - ok
18:43:45.0827 5532 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:43:46.0469 5532 LanmanWorkstation - ok
18:43:46.0695 5532 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:43:47.0239 5532 lltdio - ok
18:43:47.0346 5532 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
18:43:48.0281 5532 lltdsvc - ok
18:43:48.0348 5532 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
18:43:49.0305 5532 lmhosts - ok
18:43:49.0514 5532 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
18:43:49.0699 5532 LSI_FC - ok
18:43:49.0796 5532 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
18:43:49.0901 5532 LSI_SAS - ok
18:43:50.0074 5532 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
18:43:50.0294 5532 LSI_SAS2 - ok
18:43:50.0526 5532 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
18:43:50.0975 5532 LSI_SCSI - ok
18:43:51.0021 5532 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
18:43:52.0193 5532 luafv - ok
18:43:52.0633 5532 [ D5673785903639D186DC345FF86F423F ] massfilter C:\windows\system32\drivers\massfilter.sys
18:43:52.0956 5532 massfilter - ok
18:43:53.0111 5532 [ 38BFA8FA6D838CBAB58A1C2B49EBF96B ] massfilter_hs C:\windows\system32\drivers\massfilter_hs.sys
18:43:54.0154 5532 massfilter_hs - ok
18:43:54.0440 5532 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
18:43:54.0795 5532 MBAMProtector - ok
18:43:55.0157 5532 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:43:55.0400 5532 MBAMScheduler - ok
18:43:55.0593 5532 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:43:55.0839 5532 MBAMService - ok
18:43:55.0916 5532 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
18:43:56.0132 5532 megasas - ok
18:43:56.0216 5532 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
18:43:56.0583 5532 MegaSR - ok
18:43:56.0804 5532 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
18:43:57.0664 5532 MMCSS - ok
18:43:57.0785 5532 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
18:43:58.0348 5532 Modem - ok
18:43:58.0395 5532 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:43:59.0085 5532 monitor - ok
18:43:59.0319 5532 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
18:43:59.0663 5532 mouclass - ok
18:43:59.0798 5532 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:43:59.0923 5532 mouhid - ok
18:44:00.0140 5532 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:44:00.0393 5532 mountmgr - ok
18:44:00.0594 5532 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:44:00.0773 5532 MozillaMaintenance - ok
18:44:00.0844 5532 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
18:44:01.0218 5532 mpio - ok
18:44:01.0594 5532 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:44:02.0521 5532 mpsdrv - ok
18:44:02.0654 5532 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
18:44:03.0923 5532 MpsSvc - ok
18:44:04.0082 5532 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:44:04.0804 5532 MRxDAV - ok
18:44:04.0904 5532 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:44:05.0859 5532 mrxsmb - ok
18:44:06.0083 5532 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:44:06.0924 5532 mrxsmb10 - ok
18:44:07.0184 5532 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:44:07.0534 5532 mrxsmb20 - ok
18:44:07.0598 5532 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
18:44:07.0713 5532 msahci - ok
18:44:07.0936 5532 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:44:08.0253 5532 msdsm - ok
18:44:08.0458 5532 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
18:44:08.0703 5532 MSDTC - ok
18:44:09.0181 5532 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
18:44:09.0911 5532 Msfs - ok
18:44:09.0988 5532 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:44:10.0552 5532 mshidkmdf - ok
18:44:10.0584 5532 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:44:10.0873 5532 msisadrv - ok
18:44:10.0977 5532 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:44:11.0671 5532 MSiSCSI - ok
18:44:11.0698 5532 msiserver - ok
18:44:11.0744 5532 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:44:12.0251 5532 MSKSSRV - ok
18:44:12.0455 5532 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:44:12.0953 5532 MSPCLOCK - ok
18:44:12.0990 5532 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:44:13.0395 5532 MSPQM - ok
18:44:13.0494 5532 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:44:13.0626 5532 MsRPC - ok
18:44:13.0769 5532 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
18:44:13.0905 5532 mssmbios - ok
18:44:14.0024 5532 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:44:14.0731 5532 MSTEE - ok
18:44:14.0865 5532 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
18:44:15.0242 5532 MTConfig - ok
18:44:15.0364 5532 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
18:44:15.0660 5532 Mup - ok
18:44:15.0888 5532 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
18:44:17.0425 5532 napagent - ok
18:44:17.0605 5532 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:44:18.0413 5532 NativeWifiP - ok
18:44:18.0690 5532 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
18:44:19.0058 5532 NDIS - ok
18:44:19.0125 5532 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:44:20.0121 5532 NdisCap - ok
18:44:20.0328 5532 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:44:20.0874 5532 NdisTapi - ok
18:44:21.0111 5532 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:44:21.0408 5532 Ndisuio - ok
18:44:21.0607 5532 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:44:22.0008 5532 NdisWan - ok
18:44:22.0058 5532 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:44:23.0573 5532 NDProxy - ok
18:44:24.0095 5532 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:44:24.0544 5532 NetBIOS - ok
18:44:24.0601 5532 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:44:25.0772 5532 NetBT - ok
18:44:25.0901 5532 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
18:44:26.0484 5532 Netlogon - ok
18:44:26.0715 5532 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
18:44:27.0730 5532 Netman - ok
18:44:28.0463 5532 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
18:44:29.0637 5532 netprofm - ok
18:44:29.0729 5532 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:44:29.0844 5532 NetTcpPortSharing - ok
18:44:30.0023 5532 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
18:44:30.0404 5532 nfrd960 - ok
18:44:30.0461 5532 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
18:44:31.0394 5532 NlaSvc - ok
18:44:31.0506 5532 NOBU - ok
18:44:31.0547 5532 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
18:44:32.0193 5532 Npfs - ok
18:44:32.0504 5532 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
18:44:33.0100 5532 nsi - ok
18:44:33.0278 5532 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:44:34.0000 5532 nsiproxy - ok
18:44:34.0269 5532 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:44:34.0626 5532 Ntfs - ok
18:44:34.0744 5532 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
18:44:35.0057 5532 Null - ok
18:44:35.0114 5532 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
18:44:35.0297 5532 nvraid - ok
18:44:35.0378 5532 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
18:44:35.0682 5532 nvstor - ok
18:44:35.0751 5532 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:44:35.0911 5532 nv_agp - ok
18:44:36.0064 5532 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:44:36.0531 5532 ohci1394 - ok
18:44:36.0838 5532 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:44:36.0931 5532 ose - ok
18:44:37.0414 5532 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:44:38.0717 5532 osppsvc - ok
18:44:38.0814 5532 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:44:39.0880 5532 p2pimsvc - ok
18:44:40.0215 5532 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
18:44:40.0960 5532 p2psvc - ok
18:44:41.0043 5532 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
18:44:41.0702 5532 Parport - ok
18:44:41.0943 5532 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
18:44:42.0097 5532 partmgr - ok
18:44:42.0224 5532 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
18:44:43.0492 5532 Parvdm - ok
18:44:43.0744 5532 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
18:44:44.0501 5532 PcaSvc - ok
18:44:44.0624 5532 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
18:44:44.0787 5532 pci - ok
18:44:44.0823 5532 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
18:44:45.0069 5532 pciide - ok
18:44:45.0723 5532 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
18:44:45.0913 5532 pcmcia - ok
18:44:45.0982 5532 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
18:44:46.0186 5532 pcw - ok
18:44:46.0385 5532 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:44:47.0011 5532 PEAUTH - ok
18:44:47.0244 5532 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
18:44:47.0963 5532 pla - ok
18:44:48.0072 5532 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:44:48.0530 5532 PlugPlay - ok
18:44:48.0601 5532 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:44:48.0961 5532 PNRPAutoReg - ok
18:44:49.0006 5532 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:44:49.0271 5532 PNRPsvc - ok
18:44:49.0336 5532 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:44:49.0670 5532 PolicyAgent - ok
18:44:49.0752 5532 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
18:44:50.0190 5532 Power - ok
18:44:50.0258 5532 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:44:50.0830 5532 PptpMiniport - ok
18:44:50.0893 5532 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
18:44:51.0030 5532 Processor - ok
18:44:51.0103 5532 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
18:44:51.0620 5532 ProfSvc - ok
18:44:51.0664 5532 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
18:44:51.0972 5532 ProtectedStorage - ok
18:44:52.0025 5532 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:44:52.0391 5532 Psched - ok
18:44:52.0499 5532 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
18:44:52.0860 5532 ql2300 - ok
18:44:52.0921 5532 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
18:44:53.0063 5532 ql40xx - ok
18:44:53.0125 5532 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
18:44:53.0542 5532 QWAVE - ok
18:44:53.0590 5532 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:44:54.0111 5532 QWAVEdrv - ok
18:44:54.0156 5532 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:44:54.0660 5532 RasAcd - ok
18:44:54.0688 5532 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:44:55.0039 5532 RasAgileVpn - ok
18:44:55.0095 5532 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
18:44:55.0510 5532 RasAuto - ok
18:44:55.0571 5532 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:44:56.0100 5532 Rasl2tp - ok
18:44:56.0183 5532 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
18:44:56.0686 5532 RasMan - ok
18:44:56.0738 5532 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:44:57.0309 5532 RasPppoe - ok
18:44:57.0357 5532 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:44:57.0844 5532 RasSstp - ok
18:44:57.0909 5532 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:44:58.0499 5532 rdbss - ok
18:44:58.0557 5532 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
18:44:59.0129 5532 rdpbus - ok
18:44:59.0180 5532 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:44:59.0661 5532 RDPCDD - ok
18:44:59.0753 5532 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:45:00.0284 5532 RDPENCDD - ok
18:45:00.0334 5532 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:45:00.0775 5532 RDPREFMP - ok
18:45:00.0859 5532 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:45:01.0222 5532 RDPWD - ok
18:45:01.0339 5532 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:45:01.0521 5532 rdyboost - ok
18:45:01.0633 5532 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
18:45:02.0094 5532 RemoteAccess - ok
18:45:02.0156 5532 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:45:02.0481 5532 RemoteRegistry - ok
18:45:02.0552 5532 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
18:45:02.0794 5532 RFCOMM - ok
18:45:02.0850 5532 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:45:03.0244 5532 RpcEptMapper - ok
18:45:03.0289 5532 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
18:45:03.0674 5532 RpcLocator - ok
18:45:03.0746 5532 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
18:45:04.0241 5532 RpcSs - ok
18:45:04.0302 5532 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:45:04.0831 5532 rspndr - ok
18:45:04.0882 5532 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
18:45:05.0220 5532 RTL8167 - ok
18:45:05.0291 5532 [ 41CE6B172542A9A227E34A45881E1D2A ] rtport C:\windows\system32\drivers\rtport.sys
18:45:05.0540 5532 rtport - ok
18:45:05.0603 5532 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\windows\system32\Drivers\SABI.sys
18:45:06.0023 5532 SABI - ok
18:45:06.0084 5532 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
18:45:06.0380 5532 SamSs - ok
18:45:06.0545 5532 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:45:06.0630 5532 sbp2port - ok
18:45:06.0702 5532 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
18:45:07.0231 5532 SCardSvr - ok
18:45:07.0298 5532 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:45:07.0890 5532 scfilter - ok
18:45:07.0974 5532 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
18:45:08.0294 5532 Schedule - ok
18:45:08.0339 5532 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
18:45:08.0703 5532 SCPolicySvc - ok
18:45:08.0777 5532 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:45:09.0131 5532 SDRSVC - ok
18:45:09.0199 5532 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:45:09.0501 5532 secdrv - ok
18:45:09.0549 5532 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
18:45:09.0993 5532 seclogon - ok
18:45:10.0069 5532 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
18:45:10.0641 5532 SENS - ok
18:45:10.0695 5532 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
18:45:11.0170 5532 Serenum - ok
18:45:11.0210 5532 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
18:45:11.0490 5532 Serial - ok
18:45:11.0554 5532 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
18:45:11.0984 5532 sermouse - ok
18:45:12.0163 5532 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
18:45:12.0700 5532 SessionEnv - ok
18:45:12.0764 5532 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:45:13.0165 5532 sffdisk - ok
18:45:13.0328 5532 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:45:13.0703 5532 sffp_mmc - ok
18:45:13.0803 5532 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:45:14.0123 5532 sffp_sd - ok
18:45:14.0189 5532 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
18:45:14.0327 5532 sfloppy - ok
18:45:14.0430 5532 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
18:45:14.0814 5532 Sftfs - ok
18:45:14.0937 5532 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
18:45:15.0101 5532 sftlist - ok
18:45:15.0361 5532 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
18:45:15.0491 5532 Sftplay - ok
18:45:15.0662 5532 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
18:45:15.0761 5532 Sftredir - ok
18:45:16.0055 5532 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
18:45:16.0134 5532 Sftvol - ok
18:45:16.0222 5532 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
18:45:16.0499 5532 sftvsa - ok
18:45:16.0592 5532 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
18:45:17.0274 5532 SharedAccess - ok
18:45:17.0323 5532 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:45:18.0179 5532 ShellHWDetection - ok
18:45:18.0249 5532 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
18:45:18.0361 5532 sisagp - ok
18:45:18.0435 5532 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
18:45:18.0610 5532 SiSRaid2 - ok
18:45:18.0645 5532 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
18:45:18.0850 5532 SiSRaid4 - ok
18:45:18.0933 5532 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:45:19.0164 5532 SkypeUpdate - ok
18:45:19.0216 5532 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
18:45:19.0899 5532 Smb - ok
18:45:20.0057 5532 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:45:20.0491 5532 SNMPTRAP - ok
18:45:20.0611 5532 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
18:45:20.0690 5532 spldr - ok
18:45:20.0843 5532 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
18:45:21.0181 5532 Spooler - ok
18:45:21.0478 5532 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
18:45:22.0419 5532 sppsvc - ok
18:45:22.0492 5532 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:45:22.0826 5532 sppuinotify - ok
18:45:22.0896 5532 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
18:45:23.0131 5532 srv - ok
18:45:23.0206 5532 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:45:23.0654 5532 srv2 - ok
18:45:23.0699 5532 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:45:23.0971 5532 srvnet - ok
18:45:24.0028 5532 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:45:24.0550 5532 SSDPSRV - ok
18:45:24.0623 5532 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
18:45:24.0721 5532 ssmdrv - ok
18:45:24.0763 5532 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
18:45:25.0214 5532 SstpSvc - ok
18:45:25.0267 5532 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
18:45:25.0392 5532 stexstor - ok
18:45:25.0499 5532 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
18:45:25.0868 5532 StiSvc - ok
18:45:25.0924 5532 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
18:45:26.0040 5532 swenum - ok
18:45:26.0109 5532 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
18:45:26.0530 5532 swprv - ok
18:45:26.0616 5532 [ 069E5728E565BD401347CB94732C4733 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
18:45:26.0750 5532 SynTP - ok
18:45:26.0844 5532 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
18:45:27.0589 5532 SysMain - ok
18:45:27.0649 5532 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
18:45:28.0149 5532 TabletInputService - ok
18:45:28.0212 5532 [ 8CF6E2AE1707D82E904ECCA68CEF8B87 ] tap0901 C:\windows\system32\DRIVERS\tap0901.sys
18:45:28.0640 5532 tap0901 - ok
18:45:28.0707 5532 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
18:45:29.0030 5532 TapiSrv - ok
18:45:29.0092 5532 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
18:45:29.0715 5532 TBS - ok
18:45:29.0851 5532 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:45:30.0299 5532 Tcpip - ok
18:45:30.0434 5532 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:45:30.0880 5532 TCPIP6 - ok
18:45:30.0958 5532 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:45:31.0429 5532 tcpipreg - ok
18:45:31.0520 5532 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:45:31.0902 5532 TDPIPE - ok
18:45:31.0948 5532 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:45:32.0342 5532 TDTCP - ok
18:45:32.0420 5532 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:45:33.0024 5532 tdx - ok
18:45:33.0087 5532 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
18:45:33.0243 5532 TermDD - ok
18:45:33.0309 5532 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
18:45:34.0090 5532 TermService - ok
18:45:34.0247 5532 [ F6B82925BC410C0A7DDE5F5FFF0EDE3D ] TGCM_ImportWiFiSvc C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
18:45:34.0433 5532 TGCM_ImportWiFiSvc ( UnsignedFile.Multi.Generic ) - warning
18:45:34.0433 5532 TGCM_ImportWiFiSvc - detected UnsignedFile.Multi.Generic (1)
18:45:34.0502 5532 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
18:45:34.0943 5532 Themes - ok
18:45:34.0994 5532 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
18:45:35.0640 5532 THREADORDER - ok
18:45:35.0722 5532 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
18:45:36.0373 5532 TrkWks - ok
18:45:36.0468 5532 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:45:37.0311 5532 TrustedInstaller - ok
18:45:37.0403 5532 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:45:37.0711 5532 tssecsrv - ok
18:45:37.0799 5532 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:45:38.0229 5532 TsUsbFlt - ok
18:45:38.0294 5532 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:45:38.0713 5532 tunnel - ok
18:45:38.0773 5532 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
18:45:38.0955 5532 uagp35 - ok
18:45:39.0020 5532 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:45:39.0622 5532 udfs - ok
18:45:39.0706 5532 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:45:40.0010 5532 UI0Detect - ok
18:45:40.0076 5532 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:45:40.0210 5532 uliagpkx - ok
18:45:40.0318 5532 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
18:45:40.0531 5532 umbus - ok
18:45:40.0612 5532 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
18:45:41.0092 5532 UmPass - ok
18:45:41.0323 5532 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
18:45:41.0710 5532 upnphost - ok
18:45:41.0780 5532 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
18:45:42.0092 5532 USBAAPL - ok
18:45:42.0157 5532 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:45:42.0590 5532 usbccgp - ok
18:45:42.0642 5532 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:45:43.0009 5532 usbcir - ok
18:45:43.0075 5532 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
18:45:43.0382 5532 usbehci - ok
18:45:43.0450 5532 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:45:43.0831 5532 usbhub - ok
18:45:43.0883 5532 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
18:45:44.0224 5532 usbohci - ok
18:45:44.0288 5532 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:45:44.0891 5532 usbprint - ok
18:45:44.0965 5532 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:45:45.0420 5532 USBSTOR - ok
18:45:45.0497 5532 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:45:45.0933 5532 usbuhci - ok
18:45:45.0995 5532 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
18:45:46.0530 5532 usbvideo - ok
18:45:46.0584 5532 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
18:45:47.0147 5532 UxSms - ok
18:45:47.0189 5532 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
18:45:47.0640 5532 VaultSvc - ok
18:45:47.0740 5532 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:45:47.0920 5532 vdrvroot - ok
18:45:47.0986 5532 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
18:45:48.0371 5532 vds - ok
18:45:48.0439 5532 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:45:48.0670 5532 vga - ok
18:45:48.0712 5532 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
18:45:49.0131 5532 VgaSave - ok
18:45:49.0201 5532 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:45:49.0523 5532 vhdmp - ok
18:45:49.0584 5532 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
18:45:49.0740 5532 viaagp - ok
18:45:49.0790 5532 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
18:45:49.0951 5532 ViaC7 - ok
18:45:50.0078 5532 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
18:45:50.0226 5532 viaide - ok
18:45:50.0273 5532 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:45:50.0400 5532 volmgr - ok
18:45:50.0447 5532 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:45:50.0661 5532 volmgrx - ok
18:45:50.0708 5532 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
18:45:50.0870 5532 volsnap - ok
18:45:50.0937 5532 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
18:45:51.0112 5532 vsmraid - ok
18:45:51.0303 5532 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
18:45:52.0169 5532 VSS - ok
18:45:52.0223 5532 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:45:52.0496 5532 vwifibus - ok
18:45:52.0549 5532 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:45:53.0145 5532 vwififlt - ok
18:45:53.0227 5532 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
18:45:53.0932 5532 W32Time - ok
18:45:54.0018 5532 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
18:45:54.0351 5532 WacomPen - ok
18:45:54.0418 5532 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:45:55.0167 5532 WANARP - ok
18:45:55.0203 5532 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:45:55.0759 5532 Wanarpv6 - ok
18:45:55.0882 5532 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
18:45:56.0422 5532 wbengine - ok
18:45:56.0476 5532 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:45:56.0849 5532 WbioSrvc - ok
18:45:57.0202 5532 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
18:45:57.0663 5532 wcncsvc - ok
18:45:57.0717 5532 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:45:58.0192 5532 WcsPlugInService - ok
18:45:58.0272 5532 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
18:45:58.0461 5532 Wd - ok
18:45:58.0514 5532 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:45:58.0750 5532 Wdf01000 - ok
18:45:58.0791 5532 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
18:45:59.0330 5532 WdiServiceHost - ok
18:45:59.0383 5532 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
18:45:59.0903 5532 WdiSystemHost - ok
18:46:00.0393 5532 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
18:46:01.0000 5532 WebClient - ok
18:46:01.0165 5532 [ 302A025CAB861CFBC06DDA6D6F67E790 ] WebOptimizer C:\windows\system32\dmwu.exe
18:46:01.0416 5532 WebOptimizer - ok
18:46:01.0478 5532 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
18:46:01.0971 5532 Wecsvc - ok
18:46:02.0037 5532 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
18:46:02.0529 5532 wercplsupport - ok
18:46:02.0592 5532 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
18:46:03.0461 5532 WerSvc - ok
18:46:03.0557 5532 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:46:04.0230 5532 WfpLwf - ok
18:46:04.0436 5532 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:46:04.0564 5532 WIMMount - ok
18:46:04.0665 5532 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:46:05.0509 5532 WinDefend - ok
18:46:05.0710 5532 WinHttpAutoProxySvc - ok
18:46:05.0926 5532 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:46:06.0449 5532 Winmgmt - ok
18:46:06.0554 5532 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
18:46:07.0574 5532 WinRM - ok
18:46:07.0689 5532 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
18:46:08.0234 5532 WinUsb - ok
18:46:08.0334 5532 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
18:46:08.0769 5532 Wlansvc - ok
18:46:08.0819 5532 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:46:09.0150 5532 WmiAcpi - ok
18:46:09.0240 5532 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:46:09.0531 5532 wmiApSrv - ok
18:46:09.0649 5532 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:46:10.0183 5532 WMPNetworkSvc - ok
18:46:10.0241 5532 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
18:46:10.0480 5532 WPCSvc - ok
18:46:10.0533 5532 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:46:10.0863 5532 WPDBusEnum - ok
18:46:10.0918 5532 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:46:11.0354 5532 ws2ifsl - ok
18:46:11.0407 5532 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
18:46:12.0170 5532 wscsvc - ok
18:46:12.0234 5532 WSearch - ok
18:46:12.0551 5532 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
18:46:12.0982 5532 wuauserv - ok
18:46:13.0034 5532 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:46:13.0383 5532 WudfPf - ok
18:46:13.0460 5532 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:46:13.0982 5532 WUDFRd - ok
18:46:14.0039 5532 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:46:14.0546 5532 wudfsvc - ok
18:46:14.0670 5532 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
18:46:15.0232 5532 WwanSvc - ok
18:46:15.0322 5532 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
18:46:15.0814 5532 yukonw7 - ok
18:46:15.0879 5532 [ 19F17ECC68439C51497F1156C7F90B24 ] ZTEusbmdm6k C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
18:46:16.0140 5532 ZTEusbmdm6k - ok
18:46:16.0192 5532 [ 19F17ECC68439C51497F1156C7F90B24 ] ZTEusbnmea C:\windows\system32\DRIVERS\ZTEusbnmea.sys
18:46:16.0597 5532 ZTEusbnmea - ok
18:46:16.0668 5532 [ 19F17ECC68439C51497F1156C7F90B24 ] ZTEusbser6k C:\windows\system32\DRIVERS\ZTEusbser6k.sys
18:46:16.0920 5532 ZTEusbser6k - ok
18:46:17.0001 5532 ================ Scan global ===============================
18:46:17.0150 5532 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
18:46:17.0365 5532 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
18:46:17.0405 5532 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
18:46:17.0474 5532 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
18:46:17.0555 5532 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
18:46:17.0575 5532 [Global] - ok
18:46:17.0679 5532 ================ Scan MBR ==================================
18:46:17.0702 5532 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
18:46:40.0987 5532 \Device\Harddisk0\DR0 - ok
18:46:40.0992 5532 ================ Scan VBR ==================================
18:46:41.0012 5532 [ 397AF1304F88ED1E0CEC4254FA39777F ] \Device\Harddisk0\DR0\Partition1
18:46:41.0024 5532 \Device\Harddisk0\DR0\Partition1 - ok
18:46:41.0060 5532 [ 46E6F9D50FDE53EEB7DA85DF6357B7AC ] \Device\Harddisk0\DR0\Partition2
18:46:41.0070 5532 \Device\Harddisk0\DR0\Partition2 - ok
18:46:41.0109 5532 [ 18C5A1D2F8E9B7417B42018847F0528C ] \Device\Harddisk0\DR0\Partition3
18:46:41.0119 5532 \Device\Harddisk0\DR0\Partition3 - ok
18:46:41.0121 5532 ============================================================
18:46:41.0122 5532 Scan finished
18:46:41.0122 5532 ============================================================
18:46:41.0192 5552 Detected object count: 1
18:46:41.0193 5552 Actual detected object count: 1
18:47:12.0451 5552 TGCM_ImportWiFiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:47:12.0451 5552 TGCM_ImportWiFiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.09.2012, 10:05
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt? Ein paar Logs brauch ich nur noch
__________________Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
22.09.2012, 17:22
| #19 |
| | Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt? Hier der ComboFix, lief problemlos: Combofix Logfile: Code:
ATTFilter ComboFix 12-09-22.02 - Axxxxxxxxxx 22.09.2012 17:53:59.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1252.49.1031.18.1013.467 [GMT 2:00]
ausgeführt von:: c:\users\Axxxxxxxxxxx\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\system32\DEBUG.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-22 bis 2012-09-22 ))))))))))))))))))))))))))))))
.
.
2012-09-22 16:09 . 2012-09-22 16:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-17 19:53 . 2012-09-17 19:53 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2012-09-17 19:53 . 2012-09-17 19:53 -------- d-----w- C:\_OTL
2012-09-13 19:47 . 2012-09-13 19:47 -------- d-----w- c:\program files\ESET
2012-09-12 18:11 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 18:11 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 18:11 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 18:11 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 18:11 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 18:10 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-11 13:58 . 2012-09-11 13:58 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-09-08 20:27 . 2012-09-08 20:27 -------- d-----w- c:\users\Axxxxxxxx\AppData\Roaming\Malwarebytes
2012-09-08 20:27 . 2012-09-08 20:27 -------- d-----w- c:\programdata\Malwarebytes
2012-09-08 20:27 . 2012-09-16 19:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-08 20:27 . 2012-09-07 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-05 21:06 . 2012-09-05 21:06 -------- d-----w- c:\program files\Common Files\Java
2012-09-05 21:05 . 2012-09-05 21:04 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-05 08:19 . 2012-07-10 07:14 632656 ----a-w- c:\windows\system32\msvcr80.dll
2012-09-05 08:19 . 2012-07-10 07:14 554832 ----a-w- c:\windows\system32\msvcp80.dll
2012-09-05 08:19 . 2012-07-10 07:14 479232 ----a-w- c:\windows\system32\msvcm80.dll
2012-09-05 08:19 . 2012-09-05 08:19 -------- d-----w- c:\windows\system32\ARFC
2012-09-05 08:19 . 2012-08-16 11:44 362104 ----a-w- c:\windows\system32\dmwu.exe
2012-09-05 08:19 . 2012-08-16 11:43 28160 ----a-w- c:\windows\system32\ImHttpComm.dll
2012-09-05 08:19 . 2012-09-05 20:47 -------- d-----w- c:\windows\system32\WNLT
2012-09-02 21:16 . 2011-12-15 18:29 26624 ----a-w- c:\windows\system32\drivers\tap0901.sys
2012-09-02 20:49 . 2012-09-08 21:02 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-02 20:49 . 2012-09-08 21:02 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-02 16:14 . 2012-09-02 16:14 -------- d-----w- c:\program files\iPod
2012-09-02 16:14 . 2012-09-02 16:16 -------- d-----w- c:\program files\iTunes
2012-09-02 16:05 . 2012-09-02 16:05 -------- d-----w- c:\program files\Bonjour
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-05 21:04 . 2010-11-30 07:48 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-18 17:47 . 2012-08-16 11:19 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 19:23 . 2012-08-21 08:28 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-04 21:14 . 2012-08-16 11:19 102912 ----a-w- c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-16 11:19 41984 ----a-w- c:\windows\system32\browcli.dll
2012-06-29 00:16 . 2012-08-21 08:25 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 00:09 . 2012-08-21 08:25 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 00:08 . 2012-08-21 08:24 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 00:04 . 2012-08-21 08:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 00:00 . 2012-08-21 08:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-11 13:58 . 2011-05-18 06:17 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Axxxxxxxxxxxxxx\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-22 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-22 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-07 8555040]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"APLangApp"="c:\program files\AnyPC Client\APLangApp.exe" [2009-11-20 13312]
"NortonOnlineBackup"="c:\program files\Symantec\Norton Online Backup\NOBuClient.exe" [2010-03-05 926040]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Axxxxxxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Axxxxxxxxxxxxx\AppData\Local\Facebook\Messenger\2.1.4631.0\FacebookMessenger.exe [2012-9-5 247728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-4-7 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 FileOpenManagerSvc;FileOpenManagerSvc;c:\programdata\FileOpen\Services\FileOpenManagerSvc32.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NOBU;Norton Online Backup;c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe service [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 WebOptimizer;WebOptimizer;c:\windows\system32\dmwu.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-02 21:02]
.
2012-09-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1208384110-4107883307-101704457-1000Core.job
- c:\users\Axxxxxxxxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-05 08:04]
.
2012-09-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1208384110-4107883307-101704457-1000UA.job
- c:\users\Axxxxxxxxxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-05 08:04]
.
2012-06-03 c:\windows\Tasks\FileTask.job
- c:\program files\FileTask\FileTask.exe [2010-09-13 17:04]
.
2012-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 17:19]
.
2012-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-08 17:19]
.
2012-06-03 c:\windows\Tasks\StartUp_FileTask.job
- c:\program files\FileTask\FileTask.exe [2010-09-13 17:04]
.
2012-06-03 c:\windows\Tasks\StartUp_FileTask.job
- c:\program files\FileTask\FileTask.exe [2010-09-13 17:04]
.
2012-06-03 c:\windows\Tasks\Update_FileTask.job
- c:\program files\FileTask\FileTask.exe [2010-09-13 17:04]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.spiegel.de/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.forumswatcher.com/search.htm
TCP: DhcpNameServer = 10.2.0.1 10.2.0.2
FF - ProfilePath - c:\users\Axxxxxxxxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\v4a2gnfa.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-22 18:14:57
ComboFix-quarantined-files.txt 2012-09-22 16:14
.
Vor Suchlauf: 7 Verzeichnis(se), 45.742.977.024 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 45.654.913.024 Bytes frei
.
- - End Of File - - ECB70BC43CD80A748524E6AF522BF3EF
|
|
22.09.2012, 20:12
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt? Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.09.2012, 20:11
| #21 |
| | Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt? GMER hat in der Tat nur 2mal zum abstürzen geführt, hier jetzt OSAM: OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:09:31 on 24.09.2012 OS: Windows 7 Starter Edition Service Pack 1 (Build 7601), 32-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "FileTask.job" - ? - C:\Program Files\FileTask\FileTask.exe "FacebookUpdateTaskUserS-1-5-21-1208384110-4107883307-101704457-1000Core.job" - "Facebook Inc." - C:\Users\Anne Caterina\AppData\Local\Facebook\Update\FacebookUpdate.exe "FacebookUpdateTaskUserS-1-5-21-1208384110-4107883307-101704457-1000UA.job" - "Facebook Inc." - C:\Users\Anne Caterina\AppData\Local\Facebook\Update\FacebookUpdate.exe "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "GoogleUpdateTaskUserS-1-5-21-1208384110-4107883307-101704457-1000Core.job" - "Google Inc." - C:\Users\Anne Caterina\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-1208384110-4107883307-101704457-1000UA.job" - "Google Inc." - C:\Users\Anne Caterina\AppData\Local\Google\Update\GoogleUpdate.exe "StartUp_FileTask.job" - ? - C:\Program Files\FileTask\FileTask.exe "Update_FileTask.job" - ? - C:\Program Files\FileTask\FileTask.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\ANNECA~1\AppData\Local\Temp\catchme.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\fssfltr.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\windows\system32\drivers\mbam.sys "rtport" (rtport) - "Windows (R) 2003 DDK 3790 provider" - C:\windows\system32\drivers\rtport.sys "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\windows\System32\DRIVERS\Sftvollh.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\windows\System32\DRIVERS\ssmdrv.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_35" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} "Java Plug-in 1.6.0_35" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_35" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_35.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Anne Caterina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Facebook Messenger.lnk" - "Facebook" - C:\Users\Anne Caterina\AppData\Local\Facebook\Messenger\2.1.4631.0\FacebookMessenger.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Bluetooth.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Facebook Update" - "Facebook Inc." - "C:\Users\Anne Caterina\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver "Google Update" - "Google Inc." - "C:\Users\Anne Caterina\AppData\Local\Google\Update\GoogleUpdate.exe" /c -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "APLangApp" - "DoctorSoft" - "C:\Program Files\AnyPC Client\APLangApp.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "NortonOnlineBackup" - "Symantec Corporation" - C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "UCam_Menu" - "CyberLink Corp." - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FileOpenManagerSvc" (FileOpenManagerSvc) - "FileOpen Systems Inc." - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe "Norton Online Backup" (NOBU) - "Symantec Corporation" - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe "TGCM_ImportWiFiSvc" (TGCM_ImportWiFiSvc) - "Telefónica I+D" - C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe "WebOptimizer" (WebOptimizer) - ? - C:\windows\system32\dmwu.exe "Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - "Microsoft Corporation" - C:\windows\WLXPGSS.SCR [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] und hier das zweite (bzw eigentlich dritte) unaussprechliche log  )Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-24 21:13:23
-----------------------------
21:13:23.253 OS Version: Windows 6.1.7601 Service Pack 1
21:13:23.254 Number of processors: 2 586 0x1C0A
21:13:23.262 ComputerName: A-PC UserName: A
21:13:26.366 Initialize success
21:14:38.578 AVAST engine defs: 12092400
21:14:49.283 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:14:49.294 Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 238475MB BusType: 3
21:14:49.320 Disk 0 MBR read successfully
21:14:49.332 Disk 0 MBR scan
21:14:49.451 Disk 0 unknown MBR code
21:14:49.483 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 20480 MB offset 2048
21:14:49.558 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 41945088
21:14:49.624 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 87040 MB offset 42149888
21:14:49.662 Disk 0 Partition - 00 0F Extended LBA 130853 MB offset 220407808
21:14:49.718 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 130852 MB offset 220409856
21:14:49.798 Disk 0 scanning sectors +488394752
21:14:49.961 Disk 0 scanning C:\windows\system32\drivers
21:15:29.550 Service scanning
21:16:45.799 Modules scanning
21:17:09.454 Disk 0 trace - called modules:
21:17:09.498 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
21:17:09.524 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84e69030]
21:17:09.550 3 CLASSPNP.SYS[86d9259e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8440a028]
21:17:10.465 AVAST engine scan C:\windows
21:17:21.733 AVAST engine scan C:\windows\system32
21:28:55.277 AVAST engine scan C:\windows\system32\drivers
21:29:41.715 AVAST engine scan C:\Users\
21:42:00.656 AVAST engine scan C:\ProgramData
21:44:21.511 Scan finished successfully
21:47:30.003 Disk 0 MBR has been saved successfully to "C:\Users\\Desktop\MBR.dat"
21:47:30.045 The log file has been saved successfully to "C:\Users\\Desktop\aswMBR.txt"
|
|
25.09.2012, 10:00
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt? Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Incredibar durch Malwarebytes in Quarantäne versetzt! Was jetzt? |
| administrator, anti-malware, appdata, autostart, bösartige, dateien, daten, erfolgreich, ergebnis, explorer, files, gelöscht, hilfe!, installiert, malwarebytes, microsoft, minute, quarantäne, registrierung, service, software, speicher, test, version |
Linear-Darstellung
