| |
| |||||||
Log-Analyse und Auswertung: 6 bedrohliche Dateien im Windows Ordner gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.09.2012, 21:17
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  6 bedrohliche Dateien im Windows Ordner gefunden Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.09.2012, 21:29
| #17 |
 | 6 bedrohliche Dateien im Windows Ordner gefundenCode:
ATTFilter 22:25:10.0954 3688 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
22:25:11.0219 3688 ============================================================
22:25:11.0219 3688 Current date / time: 2012/09/21 22:25:11.0219
22:25:11.0219 3688 SystemInfo:
22:25:11.0219 3688
22:25:11.0219 3688 OS Version: 6.1.7601 ServicePack: 1.0
22:25:11.0219 3688 Product type: Workstation
22:25:11.0219 3688 ComputerName: ***TOSH
22:25:11.0219 3688 UserName: ***
22:25:11.0219 3688 Windows directory: C:\Windows
22:25:11.0219 3688 System windows directory: C:\Windows
22:25:11.0219 3688 Running under WOW64
22:25:11.0219 3688 Processor architecture: Intel x64
22:25:11.0219 3688 Number of processors: 2
22:25:11.0219 3688 Page size: 0x1000
22:25:11.0219 3688 Boot type: Normal boot
22:25:11.0219 3688 ============================================================
22:25:12.0092 3688 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:25:12.0108 3688 ============================================================
22:25:12.0108 3688 \Device\Harddisk0\DR0:
22:25:12.0108 3688 MBR partitions:
22:25:12.0108 3688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x1D0D8000
22:25:12.0108 3688 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D1A0800, BlocksNum 0x1D1E5000
22:25:12.0108 3688 ============================================================
22:25:12.0139 3688 C: <-> \Device\Harddisk0\DR0\Partition1
22:25:12.0170 3688 D: <-> \Device\Harddisk0\DR0\Partition2
22:25:12.0170 3688 ============================================================
22:25:12.0170 3688 Initialize success
22:25:12.0170 3688 ============================================================
22:25:21.0094 1224 ============================================================
22:25:21.0094 1224 Scan started
22:25:21.0094 1224 Mode: Manual; SigCheck; TDLFS;
22:25:21.0094 1224 ============================================================
22:25:23.0044 1224 ================ Scan system memory ========================
22:25:23.0044 1224 System memory - ok
22:25:23.0044 1224 ================ Scan services =============================
22:25:23.0605 1224 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:25:23.0730 1224 1394ohci - ok
22:25:23.0808 1224 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:25:23.0855 1224 ACPI - ok
22:25:23.0870 1224 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:25:23.0902 1224 AcpiPmi - ok
22:25:24.0198 1224 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:25:24.0229 1224 AdobeFlashPlayerUpdateSvc - ok
22:25:24.0292 1224 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:25:24.0323 1224 adp94xx - ok
22:25:24.0338 1224 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:25:24.0354 1224 adpahci - ok
22:25:24.0370 1224 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:25:24.0432 1224 adpu320 - ok
22:25:24.0463 1224 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:25:24.0510 1224 AeLookupSvc - ok
22:25:24.0572 1224 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:25:24.0588 1224 AFD - ok
22:25:24.0635 1224 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:25:24.0650 1224 agp440 - ok
22:25:24.0682 1224 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:25:24.0697 1224 ALG - ok
22:25:24.0728 1224 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:25:24.0760 1224 aliide - ok
22:25:24.0806 1224 [ 57B773D82E8CC3C6D7E02CC8A6632043 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:25:24.0838 1224 AMD External Events Utility - ok
22:25:24.0869 1224 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:25:24.0869 1224 amdide - ok
22:25:24.0916 1224 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:25:24.0962 1224 AmdK8 - ok
22:25:25.0134 1224 [ AEFAF27F1B7E52C705DF4FB6C96732F6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
22:25:25.0212 1224 amdkmdag - ok
22:25:25.0243 1224 [ 8149DB73BE27950EC72767A1193153A6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:25:25.0259 1224 amdkmdap - ok
22:25:25.0321 1224 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:25:25.0352 1224 AmdPPM - ok
22:25:25.0384 1224 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:25:25.0399 1224 amdsata - ok
22:25:25.0415 1224 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:25:25.0446 1224 amdsbs - ok
22:25:25.0462 1224 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:25:25.0477 1224 amdxata - ok
22:25:25.0508 1224 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:25:25.0555 1224 AppID - ok
22:25:25.0586 1224 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:25:25.0618 1224 AppIDSvc - ok
22:25:25.0649 1224 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:25:25.0696 1224 Appinfo - ok
22:25:25.0727 1224 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:25:25.0742 1224 arc - ok
22:25:25.0758 1224 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:25:25.0774 1224 arcsas - ok
22:25:25.0805 1224 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:25:26.0195 1224 aswFsBlk - ok
22:25:26.0257 1224 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:25:26.0288 1224 aswMonFlt - ok
22:25:26.0304 1224 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
22:25:26.0320 1224 aswRdr - ok
22:25:26.0351 1224 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:25:26.0398 1224 aswSnx - ok
22:25:26.0429 1224 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:25:26.0444 1224 aswSP - ok
22:25:26.0476 1224 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:25:26.0476 1224 aswTdi - ok
22:25:26.0507 1224 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:25:26.0538 1224 AsyncMac - ok
22:25:26.0569 1224 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:25:26.0585 1224 atapi - ok
22:25:26.0632 1224 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
22:25:26.0663 1224 AtiPcie - ok
22:25:26.0741 1224 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:25:26.0756 1224 atksgt - ok
22:25:26.0803 1224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:25:26.0866 1224 AudioEndpointBuilder - ok
22:25:26.0897 1224 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:25:26.0928 1224 AudioSrv - ok
22:25:27.0037 1224 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:25:27.0068 1224 avast! Antivirus - ok
22:25:27.0115 1224 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:25:27.0131 1224 AxInstSV - ok
22:25:27.0193 1224 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:25:27.0224 1224 b06bdrv - ok
22:25:27.0240 1224 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:25:27.0271 1224 b57nd60a - ok
22:25:27.0287 1224 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:25:27.0302 1224 BDESVC - ok
22:25:27.0318 1224 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:25:27.0349 1224 Beep - ok
22:25:27.0412 1224 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:25:27.0490 1224 BFE - ok
22:25:27.0521 1224 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:25:27.0536 1224 blbdrive - ok
22:25:27.0583 1224 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:25:27.0630 1224 bowser - ok
22:25:27.0661 1224 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:25:27.0677 1224 BrFiltLo - ok
22:25:27.0692 1224 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:25:27.0708 1224 BrFiltUp - ok
22:25:27.0739 1224 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:25:27.0755 1224 Browser - ok
22:25:27.0802 1224 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:25:27.0833 1224 Brserid - ok
22:25:27.0833 1224 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:25:27.0864 1224 BrSerWdm - ok
22:25:27.0864 1224 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:25:27.0880 1224 BrUsbMdm - ok
22:25:27.0880 1224 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:25:27.0895 1224 BrUsbSer - ok
22:25:27.0895 1224 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:25:27.0911 1224 BTHMODEM - ok
22:25:27.0942 1224 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:25:27.0973 1224 bthserv - ok
22:25:28.0004 1224 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:25:28.0036 1224 cdfs - ok
22:25:28.0082 1224 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:25:28.0129 1224 cdrom - ok
22:25:28.0176 1224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:25:28.0207 1224 CertPropSvc - ok
22:25:28.0254 1224 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:25:28.0270 1224 circlass - ok
22:25:28.0301 1224 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:25:28.0332 1224 CLFS - ok
22:25:28.0472 1224 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:25:28.0504 1224 clr_optimization_v2.0.50727_32 - ok
22:25:28.0628 1224 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:25:28.0675 1224 clr_optimization_v2.0.50727_64 - ok
22:25:28.0894 1224 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:25:28.0925 1224 clr_optimization_v4.0.30319_32 - ok
22:25:29.0128 1224 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:25:29.0159 1224 clr_optimization_v4.0.30319_64 - ok
22:25:29.0206 1224 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:25:29.0221 1224 CmBatt - ok
22:25:29.0252 1224 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:25:29.0268 1224 cmdide - ok
22:25:29.0315 1224 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:25:29.0377 1224 CNG - ok
22:25:29.0424 1224 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
22:25:29.0440 1224 CnxtHdAudService - ok
22:25:29.0518 1224 [ 89C99AB4AE9535F727791592D84D4821 ] CnxtHdmiAudService C:\Windows\system32\drivers\CHDMI64.sys
22:25:29.0564 1224 CnxtHdmiAudService - ok
22:25:29.0611 1224 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:25:29.0627 1224 Compbatt - ok
22:25:29.0658 1224 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:25:29.0689 1224 CompositeBus - ok
22:25:29.0705 1224 COMSysApp - ok
22:25:29.0720 1224 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:25:29.0736 1224 crcdisk - ok
22:25:29.0767 1224 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:25:29.0798 1224 CryptSvc - ok
22:25:29.0939 1224 [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
22:25:29.0954 1224 DAUpdaterSvc - ok
22:25:30.0001 1224 [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
22:25:30.0032 1224 dc3d - ok
22:25:30.0079 1224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:25:30.0157 1224 DcomLaunch - ok
22:25:30.0188 1224 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:25:30.0251 1224 defragsvc - ok
22:25:30.0282 1224 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:25:30.0313 1224 DfsC - ok
22:25:30.0360 1224 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:25:30.0391 1224 Dhcp - ok
22:25:30.0422 1224 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:25:30.0454 1224 discache - ok
22:25:30.0500 1224 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:25:30.0500 1224 Disk - ok
22:25:30.0547 1224 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:25:30.0563 1224 Dnscache - ok
22:25:30.0594 1224 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:25:30.0656 1224 dot3svc - ok
22:25:30.0688 1224 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:25:30.0734 1224 DPS - ok
22:25:30.0766 1224 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:25:30.0781 1224 drmkaud - ok
22:25:30.0828 1224 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:25:30.0890 1224 DXGKrnl - ok
22:25:30.0922 1224 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:25:30.0968 1224 EapHost - ok
22:25:31.0062 1224 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:25:31.0187 1224 ebdrv - ok
22:25:31.0218 1224 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:25:31.0234 1224 EFS - ok
22:25:31.0374 1224 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:25:31.0436 1224 ehRecvr - ok
22:25:31.0468 1224 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:25:31.0483 1224 ehSched - ok
22:25:31.0546 1224 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:25:31.0608 1224 elxstor - ok
22:25:31.0624 1224 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:25:31.0639 1224 ErrDev - ok
22:25:31.0686 1224 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:25:31.0733 1224 EventSystem - ok
22:25:31.0764 1224 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:25:31.0795 1224 exfat - ok
22:25:31.0826 1224 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:25:31.0889 1224 fastfat - ok
22:25:31.0951 1224 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:25:31.0982 1224 Fax - ok
22:25:31.0998 1224 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:25:31.0998 1224 fdc - ok
22:25:32.0029 1224 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:25:32.0060 1224 fdPHost - ok
22:25:32.0076 1224 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:25:32.0123 1224 FDResPub - ok
22:25:32.0138 1224 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:25:32.0154 1224 FileInfo - ok
22:25:32.0154 1224 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:25:32.0201 1224 Filetrace - ok
22:25:32.0201 1224 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:25:32.0216 1224 flpydisk - ok
22:25:32.0232 1224 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:25:32.0248 1224 FltMgr - ok
22:25:32.0326 1224 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:25:32.0388 1224 FontCache - ok
22:25:32.0435 1224 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:25:32.0450 1224 FontCache3.0.0.0 - ok
22:25:32.0466 1224 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:25:32.0482 1224 FsDepends - ok
22:25:32.0528 1224 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:25:32.0560 1224 Fs_Rec - ok
22:25:32.0591 1224 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:25:32.0622 1224 fvevol - ok
22:25:32.0669 1224 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
22:25:32.0684 1224 FwLnk - ok
22:25:32.0731 1224 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:25:32.0747 1224 gagp30kx - ok
22:25:32.0794 1224 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:25:32.0872 1224 gpsvc - ok
22:25:32.0887 1224 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:25:32.0903 1224 hcw85cir - ok
22:25:32.0950 1224 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:25:32.0996 1224 HdAudAddService - ok
22:25:33.0028 1224 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:25:33.0043 1224 HDAudBus - ok
22:25:33.0043 1224 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:25:33.0059 1224 HidBatt - ok
22:25:33.0090 1224 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:25:33.0106 1224 HidBth - ok
22:25:33.0106 1224 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:25:33.0121 1224 HidIr - ok
22:25:33.0152 1224 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:25:33.0215 1224 hidserv - ok
22:25:33.0246 1224 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:25:33.0262 1224 HidUsb - ok
22:25:33.0277 1224 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:25:33.0324 1224 hkmsvc - ok
22:25:33.0355 1224 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:25:33.0371 1224 HomeGroupListener - ok
22:25:33.0402 1224 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:25:33.0418 1224 HomeGroupProvider - ok
22:25:33.0449 1224 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:25:33.0496 1224 HpSAMD - ok
22:25:33.0527 1224 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:25:33.0589 1224 HTTP - ok
22:25:33.0620 1224 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:25:33.0636 1224 hwpolicy - ok
22:25:33.0667 1224 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:25:33.0683 1224 i8042prt - ok
22:25:33.0745 1224 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:25:33.0792 1224 iaStorV - ok
22:25:34.0026 1224 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:25:34.0088 1224 idsvc - ok
22:25:34.0135 1224 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:25:34.0151 1224 iirsp - ok
22:25:34.0198 1224 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:25:34.0260 1224 IKEEXT - ok
22:25:34.0291 1224 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:25:34.0307 1224 intelide - ok
22:25:34.0322 1224 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:25:34.0369 1224 intelppm - ok
22:25:34.0400 1224 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:25:34.0447 1224 IPBusEnum - ok
22:25:34.0494 1224 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:25:34.0556 1224 IpFilterDriver - ok
22:25:34.0572 1224 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:25:34.0619 1224 iphlpsvc - ok
22:25:34.0650 1224 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:25:34.0666 1224 IPMIDRV - ok
22:25:34.0697 1224 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:25:34.0728 1224 IPNAT - ok
22:25:34.0744 1224 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:25:34.0759 1224 IRENUM - ok
22:25:34.0775 1224 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:25:34.0790 1224 isapnp - ok
22:25:34.0822 1224 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:25:34.0837 1224 iScsiPrt - ok
22:25:34.0868 1224 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:25:34.0884 1224 kbdclass - ok
22:25:34.0900 1224 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:25:34.0915 1224 kbdhid - ok
22:25:34.0946 1224 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:25:34.0962 1224 KeyIso - ok
22:25:35.0009 1224 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:25:35.0024 1224 KSecDD - ok
22:25:35.0040 1224 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:25:35.0040 1224 KSecPkg - ok
22:25:35.0071 1224 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:25:35.0118 1224 ksthunk - ok
22:25:35.0149 1224 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:25:35.0180 1224 KtmRm - ok
22:25:35.0227 1224 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
22:25:35.0243 1224 L1C - ok
22:25:35.0290 1224 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:25:35.0368 1224 LanmanServer - ok
22:25:35.0399 1224 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:25:35.0430 1224 LanmanWorkstation - ok
22:25:35.0477 1224 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:25:35.0508 1224 lirsgt - ok
22:25:35.0524 1224 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:25:35.0570 1224 lltdio - ok
22:25:35.0602 1224 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:25:35.0648 1224 lltdsvc - ok
22:25:35.0648 1224 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:25:35.0680 1224 lmhosts - ok
22:25:35.0711 1224 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:25:35.0726 1224 LSI_FC - ok
22:25:35.0758 1224 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:25:35.0773 1224 LSI_SAS - ok
22:25:35.0773 1224 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:25:35.0789 1224 LSI_SAS2 - ok
22:25:35.0804 1224 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:25:35.0820 1224 LSI_SCSI - ok
22:25:35.0820 1224 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:25:35.0867 1224 luafv - ok
22:25:35.0898 1224 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:25:35.0914 1224 Mcx2Svc - ok
22:25:35.0929 1224 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:25:35.0929 1224 megasas - ok
22:25:35.0960 1224 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:25:35.0976 1224 MegaSR - ok
22:25:35.0992 1224 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:25:36.0023 1224 MMCSS - ok
22:25:36.0038 1224 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:25:36.0070 1224 Modem - ok
22:25:36.0085 1224 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:25:36.0101 1224 monitor - ok
22:25:36.0132 1224 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:25:36.0148 1224 mouclass - ok
22:25:36.0179 1224 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:25:36.0194 1224 mouhid - ok
22:25:36.0241 1224 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:25:36.0257 1224 mountmgr - ok
22:25:36.0288 1224 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:25:36.0304 1224 MozillaMaintenance - ok
22:25:36.0350 1224 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:25:36.0382 1224 mpio - ok
22:25:36.0413 1224 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:25:36.0460 1224 mpsdrv - ok
22:25:36.0506 1224 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:25:36.0569 1224 MpsSvc - ok
22:25:36.0600 1224 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:25:36.0616 1224 MRxDAV - ok
22:25:36.0647 1224 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:25:36.0662 1224 mrxsmb - ok
22:25:36.0678 1224 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:25:36.0694 1224 mrxsmb10 - ok
22:25:36.0740 1224 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:25:36.0772 1224 mrxsmb20 - ok
22:25:36.0818 1224 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:25:36.0850 1224 msahci - ok
22:25:36.0865 1224 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:25:36.0881 1224 msdsm - ok
22:25:36.0896 1224 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:25:36.0928 1224 MSDTC - ok
22:25:36.0959 1224 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:25:37.0006 1224 Msfs - ok
22:25:37.0021 1224 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:25:37.0052 1224 mshidkmdf - ok
22:25:37.0084 1224 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:25:37.0084 1224 msisadrv - ok
22:25:37.0115 1224 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:25:37.0146 1224 MSiSCSI - ok
22:25:37.0146 1224 msiserver - ok
22:25:37.0177 1224 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:25:37.0208 1224 MSKSSRV - ok
22:25:37.0224 1224 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:25:37.0255 1224 MSPCLOCK - ok
22:25:37.0255 1224 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:25:37.0286 1224 MSPQM - ok
22:25:37.0333 1224 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:25:37.0396 1224 MsRPC - ok
22:25:37.0411 1224 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:25:37.0427 1224 mssmbios - ok
22:25:37.0458 1224 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:25:37.0489 1224 MSTEE - ok
22:25:37.0505 1224 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:25:37.0505 1224 MTConfig - ok
22:25:37.0520 1224 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:25:37.0536 1224 Mup - ok
22:25:37.0552 1224 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:25:37.0598 1224 napagent - ok
22:25:37.0630 1224 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:25:37.0645 1224 NativeWifiP - ok
22:25:37.0723 1224 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
22:25:37.0770 1224 NAUpdate - ok
22:25:37.0817 1224 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:25:37.0848 1224 NDIS - ok
22:25:37.0879 1224 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:25:37.0926 1224 NdisCap - ok
22:25:37.0942 1224 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:25:37.0973 1224 NdisTapi - ok
22:25:38.0020 1224 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:25:38.0066 1224 Ndisuio - ok
22:25:38.0098 1224 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:25:38.0144 1224 NdisWan - ok
22:25:38.0160 1224 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:25:38.0191 1224 NDProxy - ok
22:25:38.0207 1224 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:25:38.0254 1224 NetBIOS - ok
22:25:38.0285 1224 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:25:38.0316 1224 NetBT - ok
22:25:38.0347 1224 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:25:38.0363 1224 Netlogon - ok
22:25:38.0425 1224 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:25:38.0503 1224 Netman - ok
22:25:38.0503 1224 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:25:38.0550 1224 netprofm - ok
22:25:38.0581 1224 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:25:38.0597 1224 NetTcpPortSharing - ok
22:25:38.0644 1224 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:25:38.0675 1224 nfrd960 - ok
22:25:38.0722 1224 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:25:38.0784 1224 NlaSvc - ok
22:25:38.0784 1224 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:25:38.0815 1224 Npfs - ok
22:25:38.0846 1224 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:25:38.0878 1224 nsi - ok
22:25:38.0909 1224 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:25:38.0940 1224 nsiproxy - ok
22:25:39.0018 1224 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:25:39.0080 1224 Ntfs - ok
22:25:39.0096 1224 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:25:39.0143 1224 Null - ok
22:25:39.0190 1224 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:25:39.0205 1224 nvraid - ok
22:25:39.0236 1224 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:25:39.0283 1224 nvstor - ok
22:25:39.0299 1224 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:25:39.0314 1224 nv_agp - ok
22:25:39.0346 1224 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:25:39.0361 1224 ohci1394 - ok
22:25:39.0392 1224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:25:39.0408 1224 p2pimsvc - ok
22:25:39.0439 1224 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:25:39.0455 1224 p2psvc - ok
22:25:39.0486 1224 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:25:39.0502 1224 Parport - ok
22:25:39.0533 1224 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:25:39.0548 1224 partmgr - ok
22:25:39.0564 1224 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:25:39.0611 1224 PcaSvc - ok
22:25:39.0626 1224 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:25:39.0642 1224 pci - ok
22:25:39.0673 1224 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:25:39.0689 1224 pciide - ok
22:25:39.0720 1224 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:25:39.0736 1224 pcmcia - ok
22:25:39.0751 1224 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:25:39.0767 1224 pcw - ok
22:25:39.0782 1224 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:25:39.0829 1224 PEAUTH - ok
22:25:40.0094 1224 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:25:40.0126 1224 PerfHost - ok
22:25:40.0188 1224 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
22:25:40.0204 1224 PGEffect - ok
22:25:40.0266 1224 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:25:40.0360 1224 pla - ok
22:25:40.0406 1224 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:25:40.0453 1224 PlugPlay - ok
22:25:40.0469 1224 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:25:40.0500 1224 PNRPAutoReg - ok
22:25:40.0516 1224 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:25:40.0531 1224 PNRPsvc - ok
22:25:40.0562 1224 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
22:25:40.0578 1224 Point64 - ok
22:25:40.0609 1224 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:25:40.0656 1224 PolicyAgent - ok
22:25:40.0703 1224 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:25:40.0750 1224 Power - ok
22:25:40.0765 1224 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:25:40.0796 1224 PptpMiniport - ok
22:25:40.0828 1224 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:25:40.0843 1224 Processor - ok
22:25:40.0874 1224 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:25:40.0921 1224 ProfSvc - ok
22:25:40.0937 1224 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:25:40.0952 1224 ProtectedStorage - ok
22:25:40.0999 1224 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:25:41.0046 1224 Psched - ok
22:25:41.0124 1224 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:25:41.0186 1224 ql2300 - ok
22:25:41.0202 1224 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:25:41.0218 1224 ql40xx - ok
22:25:41.0249 1224 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:25:41.0264 1224 QWAVE - ok
22:25:41.0280 1224 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:25:41.0296 1224 QWAVEdrv - ok
22:25:41.0296 1224 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:25:41.0327 1224 RasAcd - ok
22:25:41.0358 1224 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:25:41.0389 1224 RasAgileVpn - ok
22:25:41.0405 1224 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:25:41.0452 1224 RasAuto - ok
22:25:41.0467 1224 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:25:41.0514 1224 Rasl2tp - ok
22:25:41.0545 1224 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:25:41.0576 1224 RasMan - ok
22:25:41.0592 1224 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:25:41.0639 1224 RasPppoe - ok
22:25:41.0639 1224 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:25:41.0686 1224 RasSstp - ok
22:25:41.0701 1224 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:25:41.0748 1224 rdbss - ok
22:25:41.0764 1224 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:25:41.0795 1224 rdpbus - ok
22:25:41.0795 1224 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:25:41.0826 1224 RDPCDD - ok
22:25:41.0842 1224 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:25:41.0888 1224 RDPENCDD - ok
22:25:41.0888 1224 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:25:41.0920 1224 RDPREFMP - ok
22:25:41.0982 1224 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:25:42.0013 1224 RDPWD - ok
22:25:42.0060 1224 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:25:42.0076 1224 rdyboost - ok
22:25:42.0107 1224 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:25:42.0154 1224 RemoteAccess - ok
22:25:42.0185 1224 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:25:42.0216 1224 RemoteRegistry - ok
22:25:42.0232 1224 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:25:42.0263 1224 RpcEptMapper - ok
22:25:42.0278 1224 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:25:42.0294 1224 RpcLocator - ok
22:25:42.0325 1224 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:25:42.0356 1224 RpcSs - ok
22:25:42.0403 1224 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:25:42.0434 1224 rspndr - ok
22:25:42.0481 1224 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:25:42.0512 1224 RSUSBSTOR - ok
22:25:42.0590 1224 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
22:25:42.0653 1224 rtl8192se - ok
22:25:42.0684 1224 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:25:42.0700 1224 SamSs - ok
22:25:42.0731 1224 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:25:42.0746 1224 sbp2port - ok
22:25:42.0793 1224 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:25:42.0871 1224 SCardSvr - ok
22:25:42.0902 1224 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:25:42.0980 1224 scfilter - ok
22:25:43.0027 1224 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:25:43.0121 1224 Schedule - ok
22:25:43.0168 1224 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:25:43.0230 1224 SCPolicySvc - ok
22:25:43.0261 1224 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:25:43.0277 1224 SDRSVC - ok
22:25:43.0308 1224 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:25:43.0339 1224 secdrv - ok
22:25:43.0355 1224 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:25:43.0402 1224 seclogon - ok
22:25:43.0417 1224 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:25:43.0464 1224 SENS - ok
22:25:43.0480 1224 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:25:43.0495 1224 SensrSvc - ok
22:25:43.0495 1224 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:25:43.0511 1224 Serenum - ok
22:25:43.0558 1224 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:25:43.0573 1224 Serial - ok
22:25:43.0604 1224 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:25:43.0620 1224 sermouse - ok
22:25:43.0651 1224 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:25:43.0682 1224 SessionEnv - ok
22:25:43.0714 1224 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:25:43.0729 1224 sffdisk - ok
22:25:43.0729 1224 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:25:43.0745 1224 sffp_mmc - ok
22:25:43.0760 1224 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:25:43.0776 1224 sffp_sd - ok
22:25:43.0807 1224 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:25:43.0823 1224 sfloppy - ok
22:25:43.0854 1224 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:25:43.0901 1224 ShellHWDetection - ok
22:25:43.0916 1224 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:25:43.0932 1224 SiSRaid2 - ok
22:25:43.0948 1224 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:25:43.0963 1224 SiSRaid4 - ok
22:25:43.0994 1224 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:25:44.0010 1224 SkypeUpdate - ok
22:25:44.0041 1224 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:25:44.0072 1224 Smb - ok
22:25:44.0119 1224 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:25:44.0150 1224 SNMPTRAP - ok
22:25:44.0166 1224 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:25:44.0182 1224 spldr - ok
22:25:44.0213 1224 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:25:44.0228 1224 Spooler - ok
22:25:44.0353 1224 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:25:44.0494 1224 sppsvc - ok
22:25:44.0525 1224 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:25:44.0556 1224 sppuinotify - ok
22:25:44.0618 1224 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:25:44.0650 1224 srv - ok
22:25:44.0665 1224 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:25:44.0696 1224 srv2 - ok
22:25:44.0743 1224 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:25:44.0774 1224 SrvHsfHDA - ok
22:25:44.0821 1224 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:25:44.0868 1224 SrvHsfV92 - ok
22:25:44.0899 1224 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:25:44.0946 1224 SrvHsfWinac - ok
22:25:44.0977 1224 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:25:45.0008 1224 srvnet - ok
22:25:45.0055 1224 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:25:45.0133 1224 SSDPSRV - ok
22:25:45.0149 1224 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:25:45.0180 1224 SstpSvc - ok
22:25:45.0227 1224 Steam Client Service - ok
22:25:45.0242 1224 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:25:45.0258 1224 stexstor - ok
22:25:45.0289 1224 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:25:45.0320 1224 stisvc - ok
22:25:45.0336 1224 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:25:45.0352 1224 swenum - ok
22:25:45.0383 1224 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:25:45.0430 1224 swprv - ok
22:25:45.0508 1224 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:25:45.0523 1224 SynTP - ok
22:25:45.0632 1224 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:25:45.0726 1224 SysMain - ok
22:25:45.0757 1224 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:25:45.0773 1224 TabletInputService - ok
22:25:45.0804 1224 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:25:45.0835 1224 TapiSrv - ok
22:25:45.0866 1224 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:25:45.0929 1224 TBS - ok
22:25:46.0022 1224 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:25:46.0069 1224 Tcpip - ok
22:25:46.0147 1224 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:25:46.0194 1224 TCPIP6 - ok
22:25:46.0225 1224 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:25:46.0288 1224 tcpipreg - ok
22:25:46.0350 1224 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:25:46.0381 1224 tdcmdpst - ok
22:25:46.0412 1224 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:25:46.0428 1224 TDPIPE - ok
22:25:46.0459 1224 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:25:46.0475 1224 TDTCP - ok
22:25:46.0506 1224 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:25:46.0537 1224 tdx - ok
22:25:46.0568 1224 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:25:46.0600 1224 TermDD - ok
22:25:46.0631 1224 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:25:46.0693 1224 TermService - ok
22:25:46.0724 1224 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:25:46.0756 1224 Themes - ok
22:25:46.0771 1224 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:25:46.0802 1224 THREADORDER - ok
22:25:46.0834 1224 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
22:25:46.0865 1224 TODDSrv - ok
22:25:46.0896 1224 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:25:46.0943 1224 TrkWks - ok
22:25:46.0990 1224 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:25:47.0052 1224 TrustedInstaller - ok
22:25:47.0083 1224 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:25:47.0114 1224 tssecsrv - ok
22:25:47.0146 1224 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:25:47.0161 1224 TsUsbFlt - ok
22:25:47.0208 1224 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:25:47.0286 1224 tunnel - ok
22:25:47.0317 1224 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:25:47.0333 1224 TVALZ - ok
22:25:47.0348 1224 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:25:47.0364 1224 uagp35 - ok
22:25:47.0395 1224 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:25:47.0426 1224 udfs - ok
22:25:47.0473 1224 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:25:47.0504 1224 UI0Detect - ok
22:25:47.0551 1224 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:25:47.0567 1224 uliagpkx - ok
22:25:47.0598 1224 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:25:47.0614 1224 umbus - ok
22:25:47.0629 1224 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:25:47.0645 1224 UmPass - ok
22:25:47.0676 1224 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:25:47.0723 1224 upnphost - ok
22:25:47.0754 1224 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:25:47.0770 1224 usbccgp - ok
22:25:47.0801 1224 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:25:47.0816 1224 usbcir - ok
22:25:47.0848 1224 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:25:47.0848 1224 usbehci - ok
22:25:47.0879 1224 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:25:47.0894 1224 usbhub - ok
22:25:47.0926 1224 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:25:47.0926 1224 usbohci - ok
22:25:47.0972 1224 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:25:47.0988 1224 usbprint - ok
22:25:48.0019 1224 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:25:48.0035 1224 usbscan - ok
22:25:48.0050 1224 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
22:25:48.0066 1224 USBSTOR - ok
22:25:48.0082 1224 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:25:48.0097 1224 usbuhci - ok
22:25:48.0144 1224 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:25:48.0160 1224 usbvideo - ok
22:25:48.0175 1224 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:25:48.0222 1224 UxSms - ok
22:25:48.0238 1224 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:25:48.0253 1224 VaultSvc - ok
22:25:48.0284 1224 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:25:48.0300 1224 vdrvroot - ok
22:25:48.0331 1224 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:25:48.0409 1224 vds - ok
22:25:48.0456 1224 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:25:48.0472 1224 vga - ok
22:25:48.0472 1224 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:25:48.0503 1224 VgaSave - ok
22:25:48.0550 1224 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:25:48.0581 1224 vhdmp - ok
22:25:48.0612 1224 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:25:48.0628 1224 viaide - ok
22:25:48.0643 1224 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:25:48.0659 1224 volmgr - ok
22:25:48.0706 1224 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:25:48.0737 1224 volmgrx - ok
22:25:48.0768 1224 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:25:48.0784 1224 volsnap - ok
22:25:48.0830 1224 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:25:48.0862 1224 vsmraid - ok
22:25:48.0924 1224 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:25:49.0049 1224 VSS - ok
22:25:49.0064 1224 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:25:49.0080 1224 vwifibus - ok
22:25:49.0096 1224 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:25:49.0127 1224 vwififlt - ok
22:25:49.0127 1224 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:25:49.0142 1224 vwifimp - ok
22:25:49.0174 1224 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:25:49.0220 1224 W32Time - ok
22:25:49.0236 1224 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:25:49.0252 1224 WacomPen - ok
22:25:49.0283 1224 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:25:49.0314 1224 WANARP - ok
22:25:49.0314 1224 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:25:49.0361 1224 Wanarpv6 - ok
22:25:49.0408 1224 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:25:49.0454 1224 wbengine - ok
22:25:49.0486 1224 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:25:49.0501 1224 WbioSrvc - ok
22:25:49.0532 1224 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:25:49.0564 1224 wcncsvc - ok
22:25:49.0579 1224 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:25:49.0595 1224 WcsPlugInService - ok
22:25:49.0626 1224 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:25:49.0642 1224 Wd - ok
22:25:49.0657 1224 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:25:49.0688 1224 Wdf01000 - ok
22:25:49.0720 1224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:25:49.0751 1224 WdiServiceHost - ok
22:25:49.0751 1224 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:25:49.0782 1224 WdiSystemHost - ok
22:25:49.0798 1224 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:25:49.0829 1224 WebClient - ok
22:25:49.0860 1224 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:25:49.0907 1224 Wecsvc - ok
22:25:49.0907 1224 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:25:49.0954 1224 wercplsupport - ok
22:25:49.0969 1224 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:25:50.0016 1224 WerSvc - ok
22:25:50.0063 1224 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:25:50.0125 1224 WfpLwf - ok
22:25:50.0125 1224 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:25:50.0141 1224 WIMMount - ok
22:25:50.0156 1224 WinDefend - ok
22:25:50.0156 1224 WinHttpAutoProxySvc - ok
22:25:50.0281 1224 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:25:50.0344 1224 Winmgmt - ok
22:25:50.0437 1224 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:25:50.0562 1224 WinRM - ok
22:25:50.0640 1224 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:25:50.0702 1224 Wlansvc - ok
22:25:50.0765 1224 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:25:50.0796 1224 wlcrasvc - ok
22:25:50.0905 1224 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:25:50.0983 1224 wlidsvc - ok
22:25:51.0030 1224 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:25:51.0030 1224 WmiAcpi - ok
22:25:51.0061 1224 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:25:51.0092 1224 wmiApSrv - ok
22:25:51.0124 1224 WMPNetworkSvc - ok
22:25:51.0139 1224 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:25:51.0186 1224 WPCSvc - ok
22:25:51.0217 1224 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:25:51.0233 1224 WPDBusEnum - ok
22:25:51.0264 1224 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:25:51.0295 1224 ws2ifsl - ok
22:25:51.0311 1224 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:25:51.0326 1224 wscsvc - ok
22:25:51.0326 1224 WSearch - ok
22:25:51.0373 1224 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:25:51.0404 1224 WudfPf - ok
22:25:51.0436 1224 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:25:51.0482 1224 WUDFRd - ok
22:25:51.0514 1224 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:25:51.0545 1224 wudfsvc - ok
22:25:51.0560 1224 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:25:51.0592 1224 WwanSvc - ok
22:25:51.0607 1224 ================ Scan global ===============================
22:25:51.0638 1224 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:25:51.0670 1224 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:25:51.0701 1224 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:25:51.0748 1224 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:25:51.0779 1224 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
22:25:51.0794 1224 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
22:25:51.0794 1224 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
22:25:51.0794 1224 ================ Scan MBR ==================================
22:25:51.0826 1224 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:25:52.0340 1224 \Device\Harddisk0\DR0 - ok
22:25:52.0340 1224 ================ Scan VBR ==================================
22:25:52.0372 1224 [ FB394E0D70AA2AAF0B46852DDB7B15DE ] \Device\Harddisk0\DR0\Partition1
22:25:52.0387 1224 \Device\Harddisk0\DR0\Partition1 - ok
22:25:52.0418 1224 [ ED331D13EA6F93952D7789A9F35DDB07 ] \Device\Harddisk0\DR0\Partition2
22:25:52.0418 1224 \Device\Harddisk0\DR0\Partition2 - ok
22:25:52.0418 1224 ============================================================
22:25:52.0418 1224 Scan finished
22:25:52.0418 1224 ============================================================
22:25:52.0434 4744 Detected object count: 1
22:25:52.0434 4744 Actual detected object count: 1
22:26:00.0078 4744 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
22:26:00.0078 4744 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip
|
|
22.09.2012, 15:55
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 6 bedrohliche Dateien im Windows Ordner gefundenZitat:
mach dazu einen neuen Scan mit dem TDSS-Killer und wähl bei der Auflistung diesen Eintrag aus, indem du dort CURE bzw. DELETE einstellst. Dann diese Aktion ausführen. Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ |
|
22.09.2012, 20:12
| #19 |
| | 6 bedrohliche Dateien im Windows Ordner gefunden Der Eintrag lässt sich nicht löschen. Alle anderen Programme waren dabei beendet und der Virenscanner deaktiviert. Der TDSS-Killer zeigt zwar das Fenster "Cure in progress" an, dieser Vorgang wird aber nicht beendet bzw. fängt gar nicht erst an. |
|
23.09.2012, 15:54
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 6 bedrohliche Dateien im Windows Ordner gefunden Ok, dann mach mit CF weiter: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.09.2012, 12:40
| #21 |
| | 6 bedrohliche Dateien im Windows Ordner gefundenCode:
ATTFilter ComboFix 12-09-23.03 - ***24.09.2012 13:08:10.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6139.5087 [GMT 2:00]
ausgeführt von:: c:\users***\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\SysWow64\muzapp.exe
.
-- Vorheriger Suchlauf --
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
--------
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-24 bis 2012-09-24 ))))))))))))))))))))))))))))))
.
.
2012-09-24 11:14 . 2012-09-24 11:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-22 19:19 . 2012-09-22 19:19 -------- d-----w- c:\program files (x86)\Free Download Manager
2012-09-22 15:57 . 2012-09-22 19:07 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-21 17:56 . 2012-09-21 17:56 -------- d-----w- c:\programdata\FreeHideIP
2012-09-21 17:55 . 2012-09-21 17:55 -------- d-----w- c:\program files (x86)\FreeHideIP
2012-09-21 16:11 . 2012-09-21 16:11 -------- d-----w- C:\_OTL
2012-09-17 17:52 . 2012-09-17 17:52 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-09-17 17:19 . 2012-09-17 17:19 -------- d-----w- c:\program files (x86)\ESET
2012-09-16 19:56 . 2012-09-16 19:56 -------- d-----w- c:\programdata\Malwarebytes
2012-09-16 19:56 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-16 19:56 . 2012-09-16 19:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-16 18:58 . 2012-09-16 19:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-09-16 18:58 . 2012-09-16 18:58 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-09-16 18:03 . 2012-09-16 18:03 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2012-09-16 17:25 . 2012-09-16 18:03 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-09-16 16:42 . 2012-09-16 16:42 -------- d-----w- c:\program files\7-Zip
2012-09-15 16:30 . 2012-09-15 16:30 -------- d-----w- c:\program files (x86)\Activision
2012-09-15 16:29 . 2012-09-15 16:29 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-09-15 16:29 . 2012-09-15 16:29 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-09-15 16:27 . 2008-05-30 12:17 25608 ----a-w- c:\windows\SysWow64\X3DAudio1_4.dll
2012-09-15 16:16 . 2012-09-15 16:16 -------- d-----w- c:\program files (x86)\Deep Silver
2012-09-15 16:14 . 2012-09-15 16:14 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2012-09-15 16:14 . 2012-09-15 16:14 -------- d-----w- c:\windows\SysWow64\AGEIA
2012-09-15 16:14 . 2012-09-15 16:14 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-09-15 16:11 . 2007-05-16 14:45 4496232 ----a-w- c:\windows\system32\d3dx9_34.dll
2012-09-15 15:31 . 2012-09-15 16:08 -------- d-----w- c:\program files (x86)\Common Files\BioWare
2012-09-15 15:31 . 2012-09-15 16:03 -------- d-----w- c:\program files (x86)\Dragon Age
2012-09-15 14:48 . 2012-09-15 14:48 -------- d-----w- c:\program files (x86)\Microsoft Games
2012-09-15 14:48 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2012-09-15 14:47 . 2012-09-15 14:47 -------- d-----w- c:\programdata\Microsoft Games
2012-09-15 13:28 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-15 13:28 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-15 13:28 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-15 13:28 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-15 13:28 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-14 22:29 . 2012-09-14 22:29 -------- d-----w- c:\program files (x86)\Foxit Software
2012-09-14 21:13 . 2012-09-14 21:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-14 21:13 . 2012-09-14 21:13 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-14 21:13 . 2012-09-14 21:13 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-14 21:13 . 2012-09-14 21:13 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-14 21:12 . 2012-09-14 21:11 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-14 21:12 . 2012-09-14 21:11 289768 ----a-w- c:\windows\system32\javaws.exe
2012-09-14 21:12 . 2012-09-14 21:11 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-14 21:11 . 2012-09-14 21:11 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-09-14 21:11 . 2012-09-14 21:11 189416 ----a-w- c:\windows\system32\javaw.exe
2012-09-14 21:11 . 2012-09-14 21:11 188904 ----a-w- c:\windows\system32\java.exe
2012-09-14 21:11 . 2012-09-14 21:11 -------- d-----w- c:\program files\Java
2012-09-14 19:46 . 2012-09-14 19:46 -------- d-----w- c:\windows\system32\SPReview
2012-09-14 19:45 . 2012-09-14 19:45 -------- d-----w- c:\windows\system32\EventProviders
2012-09-14 19:45 . 2012-09-14 19:45 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-09-14 19:45 . 2012-09-14 19:45 -------- d-----r- c:\program files (x86)\Skype
2012-09-14 10:21 . 2012-08-27 23:49 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D71E67BF-394D-4FAE-897A-5E5DA659DEF4}\mpengine.dll
2012-09-13 17:30 . 2012-08-28 08:05 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-09-13 17:30 . 2012-09-13 17:30 -------- d-----w- c:\program files (x86)\MarkAny
2012-09-13 17:30 . 2012-08-28 08:04 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-09-13 17:28 . 2012-09-13 17:31 -------- d-----w- c:\program files (x86)\Samsung
2012-09-13 17:28 . 2012-09-13 17:30 -------- d-----w- c:\programdata\Samsung
2012-09-13 17:16 . 2012-09-13 17:16 -------- d-----w- c:\program files (x86)\Amazon
2012-09-13 16:57 . 2012-09-13 16:57 -------- d-----w- c:\programdata\Conexant
2012-09-12 11:50 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 11:50 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-11 13:20 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-09-11 13:20 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-09-11 13:20 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-09-09 12:00 . 2010-11-20 12:17 322048 ----a-w- c:\windows\SysWow64\RMActivate.exe
2012-09-09 11:59 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2012-09-09 11:58 . 2010-11-20 13:25 158720 ----a-w- c:\windows\system32\aaclient.dll
2012-09-09 11:57 . 2010-11-20 13:27 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2012-09-09 11:56 . 2010-11-20 13:00 2560 ----a-w- c:\windows\system32\drivers\de-DE\rdpwd.sys.mui
2012-09-09 11:56 . 2010-11-20 13:12 7168 ----a-w- c:\windows\system32\drivers\de-DE\msdsm.sys.mui
2012-09-09 11:56 . 2010-11-20 13:07 2560 ----a-w- c:\windows\system32\drivers\de-DE\disk.sys.mui
2012-09-09 11:56 . 2010-11-20 13:00 4608 ----a-w- c:\windows\system32\drivers\de-DE\vdrvroot.sys.mui
2012-09-09 11:56 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2012-09-09 11:56 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2012-09-09 11:56 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-09-09 11:56 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-09-09 11:55 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-09-08 21:09 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-09-08 20:46 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-09-08 20:46 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-09-08 20:46 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-09-08 20:46 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-09-08 20:46 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-09-08 20:46 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-09-08 20:46 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-09-08 11:54 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-09-08 11:53 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-09-08 11:52 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-09-08 11:51 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-09-08 11:50 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-09-08 11:49 . 2011-07-16 05:37 421888 ----a-w- c:\windows\system32\KernelBase.dll
2012-09-08 11:48 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-09-08 11:37 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-09-08 11:37 . 2012-06-06 05:05 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2012-09-08 11:37 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2012-09-08 11:37 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2012-09-08 11:37 . 2012-06-06 06:05 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2012-09-08 11:37 . 2012-06-06 05:05 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2012-09-08 11:37 . 2012-06-06 05:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-09-08 11:37 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2012-09-08 11:37 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2012-09-08 11:37 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2012-09-08 11:37 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll
2012-09-08 11:37 . 2012-06-06 05:05 57344 ----a-w- c:\program files (x86)\Common Files\System\ado\msador15.dll
2012-09-08 11:36 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-09-08 11:36 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-09-08 11:36 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-09-08 11:25 . 2012-09-08 11:25 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2012-09-08 11:25 . 2012-09-08 11:25 -------- d-----w- c:\windows\system32\wbem\en-US
2012-09-08 11:18 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-09-08 11:18 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-09-07 19:48 . 2012-09-07 19:48 -------- d-----w- c:\program files\Paint.NET
2012-09-07 19:46 . 2012-09-07 19:46 -------- d-----w- c:\program files (x86)\Songr
2012-09-07 19:41 . 2012-09-07 19:41 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-09-07 19:41 . 2012-09-07 19:41 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-09-07 19:32 . 2012-09-07 19:32 -------- d-----w- c:\program files (x86)\VideoLAN
2012-09-07 19:27 . 2012-09-09 20:56 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-09-07 19:27 . 2012-09-23 17:56 -------- d-----w- c:\program files (x86)\Steam
2012-09-07 19:20 . 2012-09-07 19:20 2295408 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-09-07 19:19 . 2012-09-07 19:19 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-09-07 19:19 . 2012-09-07 19:19 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-07 19:11 . 2012-09-07 19:11 -------- d-----w- c:\program files\Microsoft Device Center
2012-09-07 18:26 . 2012-09-07 18:26 -------- d-----w- c:\windows\system32\Macromed
2012-09-07 18:19 . 2012-09-14 21:15 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-07 18:19 . 2012-09-14 21:15 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-14 19:55 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-09-14 19:55 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-09-07 15:18 . 2010-06-24 10:33 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-26 19:38 . 2012-06-26 19:38 827728 ----a-w- c:\windows\system32\msvcr100.dll
2012-06-26 19:38 . 2012-06-26 19:38 770384 ----a-w- c:\windows\SysWow64\msvcr100.dll
2012-06-26 19:38 . 2012-06-26 19:38 607568 ----a-w- c:\windows\system32\msvcp100.dll
2012-06-26 19:38 . 2012-06-26 19:38 46176 ----a-w- c:\windows\system32\drivers\point64.sys
2012-06-26 19:38 . 2012-06-26 19:38 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 250568]
R3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-01 232992]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-15 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-24 52320]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-26 46176]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1103904]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-07 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-26 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-26 2004584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://toshiba.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=;ftp=;https=;
IE: Alles mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Free YouTube to MP3 Converter - c:\users\Alexei\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Videos mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Alexei\AppData\Roaming\Mozilla\Firefox\Profiles\38g8y0t0.default\
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-24 13:16:50
ComboFix-quarantined-files.txt 2012-09-24 11:16
.
Vor Suchlauf: 11 Verzeichnis(se), 97.958.215.680 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 97.572.175.872 Bytes frei
.
- - End Of File - - 51D8D43494AD42F19A1C99501437176E
|
|
24.09.2012, 18:45
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 6 bedrohliche Dateien im Windows Ordner gefunden Das ist gut, CF hat die manipulierte services.exe repariert!  Mach bitte ein neues Log mit dem TDSS-Killer
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.09.2012, 19:12
| #23 |
| | 6 bedrohliche Dateien im Windows Ordner gefunden Sehr gut, die Windows-Firewall funktioniert auch wieder. Code:
ATTFilter 20:07:05.0754 4412 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:07:06.0207 4412 ============================================================
20:07:06.0207 4412 Current date / time: 2012/09/24 20:07:06.0207
20:07:06.0207 4412 SystemInfo:
20:07:06.0207 4412
20:07:06.0207 4412 OS Version: 6.1.7601 ServicePack: 1.0
20:07:06.0207 4412 Product type: Workstation
20:07:06.0207 4412 ComputerName: ***TOSH
20:07:06.0207 4412 UserName: ***
20:07:06.0207 4412 Windows directory: C:\Windows
20:07:06.0207 4412 System windows directory: C:\Windows
20:07:06.0207 4412 Running under WOW64
20:07:06.0207 4412 Processor architecture: Intel x64
20:07:06.0207 4412 Number of processors: 2
20:07:06.0207 4412 Page size: 0x1000
20:07:06.0207 4412 Boot type: Normal boot
20:07:06.0207 4412 ============================================================
20:07:10.0933 4412 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:07:11.0058 4412 ============================================================
20:07:11.0058 4412 \Device\Harddisk0\DR0:
20:07:11.0058 4412 MBR partitions:
20:07:11.0058 4412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x1D0D8000
20:07:11.0058 4412 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D1A0800, BlocksNum 0x1D1E5000
20:07:11.0058 4412 ============================================================
20:07:11.0089 4412 C: <-> \Device\Harddisk0\DR0\Partition1
20:07:11.0386 4412 D: <-> \Device\Harddisk0\DR0\Partition2
20:07:11.0386 4412 ============================================================
20:07:11.0386 4412 Initialize success
20:07:11.0386 4412 ============================================================
20:07:15.0816 2656 ============================================================
20:07:15.0816 2656 Scan started
20:07:15.0816 2656 Mode: Manual; SigCheck; TDLFS;
20:07:15.0816 2656 ============================================================
20:07:21.0588 2656 ================ Scan system memory ========================
20:07:21.0588 2656 System memory - ok
20:07:21.0588 2656 ================ Scan services =============================
20:07:23.0023 2656 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:07:23.0133 2656 1394ohci - ok
20:07:23.0195 2656 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:07:23.0226 2656 ACPI - ok
20:07:23.0273 2656 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:07:23.0304 2656 AcpiPmi - ok
20:07:24.0412 2656 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:07:24.0443 2656 AdobeFlashPlayerUpdateSvc - ok
20:07:24.0537 2656 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:07:24.0599 2656 adp94xx - ok
20:07:24.0739 2656 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:07:24.0802 2656 adpahci - ok
20:07:24.0880 2656 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:07:24.0911 2656 adpu320 - ok
20:07:25.0051 2656 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:07:25.0192 2656 AeLookupSvc - ok
20:07:25.0863 2656 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:07:26.0081 2656 AFD - ok
20:07:26.0424 2656 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:07:26.0455 2656 agp440 - ok
20:07:26.0643 2656 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:07:26.0767 2656 ALG - ok
20:07:26.0861 2656 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:07:26.0986 2656 aliide - ok
20:07:27.0454 2656 [ 57B773D82E8CC3C6D7E02CC8A6632043 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:07:27.0594 2656 AMD External Events Utility - ok
20:07:28.0015 2656 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:07:28.0109 2656 amdide - ok
20:07:28.0171 2656 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:07:28.0265 2656 AmdK8 - ok
20:07:28.0764 2656 [ AEFAF27F1B7E52C705DF4FB6C96732F6 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
20:07:29.0201 2656 amdkmdag - ok
20:07:29.0326 2656 [ 8149DB73BE27950EC72767A1193153A6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:07:29.0388 2656 amdkmdap - ok
20:07:29.0529 2656 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:07:29.0575 2656 AmdPPM - ok
20:07:29.0809 2656 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:07:29.0841 2656 amdsata - ok
20:07:30.0527 2656 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:07:30.0558 2656 amdsbs - ok
20:07:30.0589 2656 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:07:30.0605 2656 amdxata - ok
20:07:30.0745 2656 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:07:30.0808 2656 AppID - ok
20:07:30.0855 2656 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:07:31.0089 2656 AppIDSvc - ok
20:07:31.0167 2656 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:07:31.0229 2656 Appinfo - ok
20:07:31.0354 2656 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:07:31.0369 2656 arc - ok
20:07:31.0401 2656 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:07:31.0416 2656 arcsas - ok
20:07:31.0463 2656 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:07:31.0494 2656 aswFsBlk - ok
20:07:31.0822 2656 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:07:31.0853 2656 aswMonFlt - ok
20:07:32.0056 2656 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:07:32.0087 2656 aswRdr - ok
20:07:32.0446 2656 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:07:32.0477 2656 aswSnx - ok
20:07:32.0524 2656 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:07:32.0539 2656 aswSP - ok
20:07:32.0664 2656 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:07:32.0695 2656 aswTdi - ok
20:07:32.0727 2656 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:07:32.0773 2656 AsyncMac - ok
20:07:32.0820 2656 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:07:32.0851 2656 atapi - ok
20:07:32.0914 2656 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:07:32.0945 2656 AtiPcie - ok
20:07:33.0039 2656 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
20:07:33.0085 2656 atksgt - ok
20:07:33.0257 2656 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:07:33.0382 2656 AudioEndpointBuilder - ok
20:07:33.0553 2656 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:07:33.0616 2656 AudioSrv - ok
20:07:33.0975 2656 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:07:34.0006 2656 avast! Antivirus - ok
20:07:34.0146 2656 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:07:34.0255 2656 AxInstSV - ok
20:07:34.0349 2656 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:07:34.0380 2656 b06bdrv - ok
20:07:34.0583 2656 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:07:34.0677 2656 b57nd60a - ok
20:07:34.0879 2656 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:07:34.0911 2656 BDESVC - ok
20:07:34.0942 2656 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:07:35.0004 2656 Beep - ok
20:07:35.0316 2656 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:07:35.0394 2656 BFE - ok
20:07:35.0909 2656 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
20:07:36.0049 2656 BITS - ok
20:07:36.0221 2656 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:07:36.0268 2656 blbdrive - ok
20:07:36.0330 2656 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:07:36.0346 2656 bowser - ok
20:07:36.0455 2656 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:07:36.0517 2656 BrFiltLo - ok
20:07:36.0549 2656 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:07:36.0580 2656 BrFiltUp - ok
20:07:36.0673 2656 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:07:36.0751 2656 BridgeMP - ok
20:07:36.0783 2656 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:07:36.0861 2656 Browser - ok
20:07:36.0907 2656 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:07:36.0970 2656 Brserid - ok
20:07:37.0017 2656 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:07:37.0079 2656 BrSerWdm - ok
20:07:37.0110 2656 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:07:37.0141 2656 BrUsbMdm - ok
20:07:37.0157 2656 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:07:37.0219 2656 BrUsbSer - ok
20:07:37.0219 2656 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:07:37.0235 2656 BTHMODEM - ok
20:07:37.0282 2656 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:07:37.0344 2656 bthserv - ok
20:07:37.0375 2656 catchme - ok
20:07:37.0407 2656 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:07:37.0485 2656 cdfs - ok
20:07:37.0563 2656 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:07:37.0625 2656 cdrom - ok
20:07:37.0734 2656 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:07:37.0828 2656 CertPropSvc - ok
20:07:37.0953 2656 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:07:38.0171 2656 circlass - ok
20:07:38.0280 2656 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:07:38.0343 2656 CLFS - ok
20:07:38.0499 2656 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:07:38.0530 2656 clr_optimization_v2.0.50727_32 - ok
20:07:38.0608 2656 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:07:38.0655 2656 clr_optimization_v2.0.50727_64 - ok
20:07:38.0842 2656 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:07:38.0873 2656 clr_optimization_v4.0.30319_32 - ok
20:07:39.0029 2656 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:07:39.0060 2656 clr_optimization_v4.0.30319_64 - ok
20:07:39.0091 2656 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:07:39.0154 2656 CmBatt - ok
20:07:39.0185 2656 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:07:39.0435 2656 cmdide - ok
20:07:39.0575 2656 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:07:39.0653 2656 CNG - ok
20:07:39.0840 2656 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
20:07:39.0887 2656 CnxtHdAudService - ok
20:07:39.0996 2656 [ 89C99AB4AE9535F727791592D84D4821 ] CnxtHdmiAudService C:\Windows\system32\drivers\CHDMI64.sys
20:07:40.0027 2656 CnxtHdmiAudService - ok
20:07:40.0090 2656 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:07:40.0105 2656 Compbatt - ok
20:07:40.0183 2656 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:07:40.0246 2656 CompositeBus - ok
20:07:40.0246 2656 COMSysApp - ok
20:07:40.0324 2656 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:07:40.0339 2656 crcdisk - ok
20:07:40.0417 2656 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:07:40.0449 2656 CryptSvc - ok
20:07:40.0651 2656 [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
20:07:40.0667 2656 DAUpdaterSvc - ok
20:07:40.0714 2656 [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
20:07:40.0729 2656 dc3d - ok
20:07:40.0807 2656 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:07:40.0870 2656 DcomLaunch - ok
20:07:40.0963 2656 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:07:41.0073 2656 defragsvc - ok
20:07:41.0135 2656 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:07:41.0229 2656 DfsC - ok
20:07:41.0322 2656 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:07:41.0338 2656 dg_ssudbus - ok
20:07:41.0385 2656 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:07:41.0431 2656 Dhcp - ok
20:07:41.0463 2656 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:07:41.0556 2656 discache - ok
20:07:41.0619 2656 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:07:41.0634 2656 Disk - ok
20:07:41.0681 2656 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:07:41.0712 2656 Dnscache - ok
20:07:41.0790 2656 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:07:41.0868 2656 dot3svc - ok
20:07:41.0931 2656 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:07:41.0977 2656 DPS - ok
20:07:42.0040 2656 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:07:42.0118 2656 drmkaud - ok
20:07:42.0211 2656 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:07:42.0258 2656 DXGKrnl - ok
20:07:42.0289 2656 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:07:42.0336 2656 EapHost - ok
20:07:42.0586 2656 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:07:42.0711 2656 ebdrv - ok
20:07:42.0742 2656 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:07:42.0757 2656 EFS - ok
20:07:42.0882 2656 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:07:42.0913 2656 ehRecvr - ok
20:07:42.0960 2656 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:07:42.0991 2656 ehSched - ok
20:07:43.0101 2656 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:07:43.0163 2656 elxstor - ok
20:07:43.0194 2656 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:07:43.0241 2656 ErrDev - ok
20:07:43.0428 2656 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:07:43.0491 2656 EventSystem - ok
20:07:43.0569 2656 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:07:43.0615 2656 exfat - ok
20:07:43.0647 2656 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:07:43.0709 2656 fastfat - ok
20:07:43.0771 2656 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:07:43.0803 2656 Fax - ok
20:07:43.0803 2656 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:07:43.0834 2656 fdc - ok
20:07:43.0881 2656 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:07:43.0927 2656 fdPHost - ok
20:07:43.0943 2656 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:07:43.0990 2656 FDResPub - ok
20:07:44.0037 2656 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:07:44.0052 2656 FileInfo - ok
20:07:44.0052 2656 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:07:44.0099 2656 Filetrace - ok
20:07:44.0130 2656 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:07:44.0146 2656 flpydisk - ok
20:07:44.0177 2656 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:07:44.0193 2656 FltMgr - ok
20:07:44.0302 2656 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:07:44.0349 2656 FontCache - ok
20:07:44.0395 2656 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:07:44.0411 2656 FontCache3.0.0.0 - ok
20:07:44.0427 2656 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:07:44.0442 2656 FsDepends - ok
20:07:44.0473 2656 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:07:44.0473 2656 Fs_Rec - ok
20:07:44.0520 2656 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:07:44.0536 2656 fvevol - ok
20:07:44.0567 2656 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
20:07:44.0583 2656 FwLnk - ok
20:07:44.0614 2656 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:07:44.0629 2656 gagp30kx - ok
20:07:44.0661 2656 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:07:44.0739 2656 gpsvc - ok
20:07:44.0739 2656 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:07:44.0770 2656 hcw85cir - ok
20:07:44.0832 2656 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:07:44.0848 2656 HdAudAddService - ok
20:07:44.0879 2656 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:07:44.0895 2656 HDAudBus - ok
20:07:44.0926 2656 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:07:44.0941 2656 HidBatt - ok
20:07:44.0957 2656 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:07:44.0973 2656 HidBth - ok
20:07:44.0973 2656 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:07:45.0004 2656 HidIr - ok
20:07:45.0035 2656 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:07:45.0082 2656 hidserv - ok
20:07:45.0113 2656 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:07:45.0113 2656 HidUsb - ok
20:07:45.0144 2656 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:07:45.0175 2656 hkmsvc - ok
20:07:45.0222 2656 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:07:45.0269 2656 HomeGroupListener - ok
20:07:45.0300 2656 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:07:45.0331 2656 HomeGroupProvider - ok
20:07:45.0378 2656 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:07:45.0394 2656 HpSAMD - ok
20:07:45.0425 2656 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:07:45.0472 2656 HTTP - ok
20:07:45.0487 2656 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:07:45.0503 2656 hwpolicy - ok
20:07:45.0534 2656 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:07:45.0550 2656 i8042prt - ok
20:07:45.0581 2656 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:07:45.0597 2656 iaStorV - ok
20:07:45.0643 2656 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:07:45.0690 2656 idsvc - ok
20:07:45.0706 2656 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:07:45.0721 2656 iirsp - ok
20:07:45.0753 2656 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:07:45.0846 2656 IKEEXT - ok
20:07:45.0909 2656 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:07:45.0924 2656 intelide - ok
20:07:45.0955 2656 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:07:45.0987 2656 intelppm - ok
20:07:46.0033 2656 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:07:46.0065 2656 IPBusEnum - ok
20:07:46.0096 2656 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:07:46.0143 2656 IpFilterDriver - ok
20:07:46.0205 2656 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:07:46.0252 2656 iphlpsvc - ok
20:07:46.0299 2656 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:07:46.0314 2656 IPMIDRV - ok
20:07:46.0345 2656 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:07:46.0392 2656 IPNAT - ok
20:07:46.0439 2656 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:07:46.0455 2656 IRENUM - ok
20:07:46.0486 2656 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:07:46.0501 2656 isapnp - ok
20:07:46.0517 2656 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:07:46.0533 2656 iScsiPrt - ok
20:07:46.0564 2656 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:07:46.0579 2656 kbdclass - ok
20:07:46.0579 2656 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:07:46.0595 2656 kbdhid - ok
20:07:46.0626 2656 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:07:46.0642 2656 KeyIso - ok
20:07:46.0657 2656 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:07:46.0673 2656 KSecDD - ok
20:07:46.0689 2656 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:07:46.0704 2656 KSecPkg - ok
20:07:46.0735 2656 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:07:46.0782 2656 ksthunk - ok
20:07:46.0860 2656 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:07:46.0907 2656 KtmRm - ok
20:07:46.0954 2656 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:07:46.0954 2656 L1C - ok
20:07:47.0001 2656 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:07:47.0047 2656 LanmanServer - ok
20:07:47.0110 2656 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:07:47.0157 2656 LanmanWorkstation - ok
20:07:47.0219 2656 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
20:07:47.0219 2656 lirsgt - ok
20:07:47.0250 2656 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:07:47.0313 2656 lltdio - ok
20:07:47.0359 2656 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:07:47.0422 2656 lltdsvc - ok
20:07:47.0437 2656 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:07:47.0484 2656 lmhosts - ok
20:07:47.0515 2656 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:07:47.0531 2656 LSI_FC - ok
20:07:47.0547 2656 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:07:47.0562 2656 LSI_SAS - ok
20:07:47.0578 2656 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:07:47.0593 2656 LSI_SAS2 - ok
20:07:47.0609 2656 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:07:47.0609 2656 LSI_SCSI - ok
20:07:47.0640 2656 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:07:47.0687 2656 luafv - ok
20:07:47.0718 2656 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:07:47.0749 2656 Mcx2Svc - ok
20:07:47.0749 2656 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:07:47.0765 2656 megasas - ok
20:07:47.0812 2656 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:07:47.0859 2656 MegaSR - ok
20:07:47.0874 2656 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:07:47.0937 2656 MMCSS - ok
20:07:47.0937 2656 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:07:47.0968 2656 Modem - ok
20:07:47.0968 2656 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:07:47.0999 2656 monitor - ok
20:07:48.0046 2656 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:07:48.0061 2656 mouclass - ok
20:07:48.0139 2656 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:07:48.0186 2656 mouhid - ok
20:07:48.0217 2656 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:07:48.0233 2656 mountmgr - ok
20:07:48.0264 2656 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:07:48.0280 2656 MozillaMaintenance - ok
20:07:48.0295 2656 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:07:48.0311 2656 mpio - ok
20:07:48.0342 2656 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:07:48.0373 2656 mpsdrv - ok
20:07:48.0420 2656 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:07:48.0483 2656 MpsSvc - ok
20:07:48.0545 2656 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:07:48.0607 2656 MRxDAV - ok
20:07:48.0654 2656 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:07:48.0701 2656 mrxsmb - ok
20:07:48.0795 2656 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:07:48.0826 2656 mrxsmb10 - ok
20:07:48.0841 2656 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:07:48.0873 2656 mrxsmb20 - ok
20:07:48.0888 2656 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:07:48.0904 2656 msahci - ok
20:07:48.0919 2656 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:07:48.0951 2656 msdsm - ok
20:07:48.0966 2656 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:07:48.0997 2656 MSDTC - ok
20:07:49.0029 2656 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:07:49.0060 2656 Msfs - ok
20:07:49.0091 2656 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:07:49.0138 2656 mshidkmdf - ok
20:07:49.0153 2656 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:07:49.0153 2656 msisadrv - ok
20:07:49.0185 2656 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:07:49.0231 2656 MSiSCSI - ok
20:07:49.0231 2656 msiserver - ok
20:07:49.0309 2656 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:07:49.0403 2656 MSKSSRV - ok
20:07:49.0419 2656 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:07:49.0465 2656 MSPCLOCK - ok
20:07:49.0512 2656 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:07:49.0621 2656 MSPQM - ok
20:07:49.0809 2656 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:07:49.0840 2656 MsRPC - ok
20:07:49.0902 2656 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:07:49.0933 2656 mssmbios - ok
20:07:49.0965 2656 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:07:50.0043 2656 MSTEE - ok
20:07:50.0058 2656 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:07:50.0074 2656 MTConfig - ok
20:07:50.0089 2656 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:07:50.0105 2656 Mup - ok
20:07:50.0136 2656 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:07:50.0183 2656 napagent - ok
20:07:50.0214 2656 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:07:50.0245 2656 NativeWifiP - ok
20:07:50.0323 2656 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
20:07:50.0355 2656 NAUpdate - ok
20:07:50.0479 2656 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:07:50.0511 2656 NDIS - ok
20:07:50.0557 2656 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:07:50.0589 2656 NdisCap - ok
20:07:50.0667 2656 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:07:50.0729 2656 NdisTapi - ok
20:07:50.0791 2656 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:07:50.0838 2656 Ndisuio - ok
20:07:50.0869 2656 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:07:50.0916 2656 NdisWan - ok
20:07:50.0947 2656 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:07:51.0057 2656 NDProxy - ok
20:07:51.0103 2656 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:07:51.0135 2656 NetBIOS - ok
20:07:51.0181 2656 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:07:51.0244 2656 NetBT - ok
20:07:51.0322 2656 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:07:51.0369 2656 Netlogon - ok
20:07:51.0384 2656 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:07:51.0447 2656 Netman - ok
20:07:51.0478 2656 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:07:51.0556 2656 netprofm - ok
20:07:51.0649 2656 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:07:51.0681 2656 NetTcpPortSharing - ok
20:07:51.0727 2656 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:07:51.0759 2656 nfrd960 - ok
20:07:51.0821 2656 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:07:51.0930 2656 NlaSvc - ok
20:07:51.0961 2656 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:07:51.0993 2656 Npfs - ok
20:07:52.0024 2656 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:07:52.0071 2656 nsi - ok
20:07:52.0117 2656 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:07:52.0211 2656 nsiproxy - ok
20:07:52.0383 2656 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:07:52.0461 2656 Ntfs - ok
20:07:52.0507 2656 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:07:52.0539 2656 Null - ok
20:07:52.0570 2656 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:07:52.0585 2656 nvraid - ok
20:07:52.0617 2656 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:07:52.0663 2656 nvstor - ok
20:07:52.0710 2656 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:07:52.0741 2656 nv_agp - ok
20:07:52.0773 2656 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:07:52.0788 2656 ohci1394 - ok
20:07:52.0819 2656 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:07:52.0835 2656 p2pimsvc - ok
20:07:52.0866 2656 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:07:52.0897 2656 p2psvc - ok
20:07:52.0960 2656 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:07:52.0991 2656 Parport - ok
20:07:53.0022 2656 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:07:53.0038 2656 partmgr - ok
20:07:53.0053 2656 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:07:53.0069 2656 PcaSvc - ok
20:07:53.0100 2656 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:07:53.0147 2656 pci - ok
20:07:53.0194 2656 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:07:53.0225 2656 pciide - ok
20:07:53.0272 2656 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:07:53.0319 2656 pcmcia - ok
20:07:53.0365 2656 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:07:53.0397 2656 pcw - ok
20:07:53.0412 2656 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:07:53.0615 2656 PEAUTH - ok
20:07:53.0724 2656 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:07:53.0740 2656 PerfHost - ok
20:07:53.0787 2656 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
20:07:53.0818 2656 PGEffect - ok
20:07:53.0896 2656 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:07:54.0005 2656 pla - ok
20:07:54.0052 2656 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:07:54.0067 2656 PlugPlay - ok
20:07:54.0099 2656 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:07:54.0130 2656 PNRPAutoReg - ok
20:07:54.0145 2656 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:07:54.0161 2656 PNRPsvc - ok
20:07:54.0192 2656 [ 32D374C60778253B81FA76C2FE19E155 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
20:07:54.0192 2656 Point64 - ok
20:07:54.0286 2656 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:07:54.0379 2656 PolicyAgent - ok
20:07:54.0426 2656 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:07:54.0473 2656 Power - ok
20:07:54.0504 2656 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:07:54.0551 2656 PptpMiniport - ok
20:07:54.0613 2656 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:07:54.0660 2656 Processor - ok
20:07:54.0691 2656 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:07:54.0723 2656 ProfSvc - ok
20:07:54.0738 2656 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:07:54.0754 2656 ProtectedStorage - ok
20:07:54.0785 2656 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:07:54.0847 2656 Psched - ok
20:07:55.0175 2656 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:07:55.0269 2656 ql2300 - ok
20:07:55.0300 2656 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:07:55.0315 2656 ql40xx - ok
20:07:55.0518 2656 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:07:55.0643 2656 QWAVE - ok
20:07:55.0690 2656 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:07:55.0737 2656 QWAVEdrv - ok
20:07:55.0768 2656 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:07:55.0799 2656 RasAcd - ok
20:07:55.0846 2656 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:07:55.0908 2656 RasAgileVpn - ok
20:07:55.0955 2656 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:07:56.0002 2656 RasAuto - ok
20:07:56.0033 2656 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:07:56.0080 2656 Rasl2tp - ok
20:07:56.0127 2656 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:07:56.0220 2656 RasMan - ok
20:07:56.0267 2656 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:07:56.0329 2656 RasPppoe - ok
20:07:56.0345 2656 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:07:56.0376 2656 RasSstp - ok
20:07:56.0454 2656 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:07:56.0532 2656 rdbss - ok
20:07:56.0579 2656 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:07:56.0595 2656 rdpbus - ok
20:07:56.0610 2656 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:07:56.0657 2656 RDPCDD - ok
20:07:56.0673 2656 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:07:56.0719 2656 RDPENCDD - ok
20:07:56.0735 2656 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:07:56.0766 2656 RDPREFMP - ok
20:07:56.0813 2656 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:07:56.0907 2656 RDPWD - ok
20:07:56.0953 2656 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:07:57.0000 2656 rdyboost - ok
20:07:57.0047 2656 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:07:57.0156 2656 RemoteAccess - ok
20:07:57.0219 2656 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:07:57.0312 2656 RemoteRegistry - ok
20:07:57.0328 2656 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:07:57.0375 2656 RpcEptMapper - ok
20:07:57.0437 2656 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:07:57.0484 2656 RpcLocator - ok
20:07:57.0562 2656 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:07:57.0624 2656 RpcSs - ok
20:07:57.0733 2656 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:07:57.0811 2656 rspndr - ok
20:07:57.0874 2656 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:07:57.0905 2656 RSUSBSTOR - ok
20:07:58.0014 2656 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
20:07:58.0045 2656 rtl8192se - ok
20:07:58.0061 2656 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:07:58.0077 2656 SamSs - ok
20:07:58.0108 2656 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:07:58.0139 2656 sbp2port - ok
20:07:58.0186 2656 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:07:58.0217 2656 SCardSvr - ok
20:07:58.0342 2656 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:07:58.0451 2656 scfilter - ok
20:07:58.0529 2656 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:07:58.0638 2656 Schedule - ok
20:07:58.0669 2656 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:07:58.0701 2656 SCPolicySvc - ok
20:07:58.0747 2656 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:07:58.0794 2656 SDRSVC - ok
20:07:58.0810 2656 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:07:58.0888 2656 secdrv - ok
20:07:58.0935 2656 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:07:59.0013 2656 seclogon - ok
20:07:59.0028 2656 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
20:07:59.0091 2656 SENS - ok
20:07:59.0122 2656 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:07:59.0153 2656 SensrSvc - ok
20:07:59.0153 2656 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:07:59.0184 2656 Serenum - ok
20:07:59.0215 2656 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:07:59.0262 2656 Serial - ok
20:07:59.0309 2656 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:07:59.0340 2656 sermouse - ok
20:07:59.0371 2656 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:07:59.0434 2656 SessionEnv - ok
20:07:59.0481 2656 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:07:59.0527 2656 sffdisk - ok
20:07:59.0543 2656 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:07:59.0559 2656 sffp_mmc - ok
20:07:59.0559 2656 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:07:59.0590 2656 sffp_sd - ok
20:07:59.0637 2656 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:07:59.0652 2656 sfloppy - ok
20:07:59.0715 2656 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:07:59.0824 2656 SharedAccess - ok
20:07:59.0871 2656 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:07:59.0949 2656 ShellHWDetection - ok
20:08:00.0042 2656 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:08:00.0058 2656 SiSRaid2 - ok
20:08:00.0073 2656 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:08:00.0073 2656 SiSRaid4 - ok
20:08:00.0120 2656 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:08:00.0120 2656 SkypeUpdate - ok
20:08:00.0151 2656 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:08:00.0198 2656 Smb - ok
20:08:00.0229 2656 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:08:00.0261 2656 SNMPTRAP - ok
20:08:00.0276 2656 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:08:00.0292 2656 spldr - ok
20:08:00.0323 2656 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:08:00.0339 2656 Spooler - ok
20:08:00.0791 2656 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:08:00.0916 2656 sppsvc - ok
20:08:00.0978 2656 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:08:01.0087 2656 sppuinotify - ok
20:08:01.0119 2656 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:08:01.0165 2656 srv - ok
20:08:01.0197 2656 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:08:01.0228 2656 srv2 - ok
20:08:01.0259 2656 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:08:01.0306 2656 SrvHsfHDA - ok
20:08:01.0462 2656 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:08:01.0540 2656 SrvHsfV92 - ok
20:08:01.0633 2656 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:08:01.0696 2656 SrvHsfWinac - ok
20:08:01.0727 2656 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:08:01.0758 2656 srvnet - ok
20:08:01.0774 2656 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:08:01.0836 2656 SSDPSRV - ok
20:08:01.0836 2656 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:08:01.0883 2656 SstpSvc - ok
20:08:01.0945 2656 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:08:01.0977 2656 ssudmdm - ok
20:08:02.0039 2656 Steam Client Service - ok
20:08:02.0070 2656 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:08:02.0101 2656 stexstor - ok
20:08:02.0179 2656 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:08:02.0242 2656 stisvc - ok
20:08:02.0273 2656 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:08:02.0289 2656 swenum - ok
20:08:02.0320 2656 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:08:02.0367 2656 swprv - ok
20:08:02.0413 2656 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:08:02.0445 2656 SynTP - ok
20:08:02.0554 2656 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:08:02.0632 2656 SysMain - ok
20:08:02.0663 2656 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:08:02.0679 2656 TabletInputService - ok
20:08:02.0710 2656 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:08:02.0757 2656 TapiSrv - ok
20:08:02.0803 2656 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:08:02.0881 2656 TBS - ok
20:08:02.0975 2656 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:08:03.0084 2656 Tcpip - ok
20:08:03.0162 2656 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:08:03.0225 2656 TCPIP6 - ok
20:08:03.0303 2656 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:08:03.0396 2656 tcpipreg - ok
20:08:03.0459 2656 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
20:08:03.0490 2656 tdcmdpst - ok
20:08:03.0505 2656 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:08:03.0521 2656 TDPIPE - ok
20:08:03.0537 2656 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:08:03.0568 2656 TDTCP - ok
20:08:03.0599 2656 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:08:03.0646 2656 tdx - ok
20:08:03.0661 2656 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:08:03.0677 2656 TermDD - ok
20:08:03.0708 2656 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:08:03.0755 2656 TermService - ok
20:08:03.0802 2656 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:08:03.0864 2656 Themes - ok
20:08:03.0895 2656 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:08:03.0942 2656 THREADORDER - ok
20:08:03.0973 2656 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
20:08:03.0989 2656 TODDSrv - ok
20:08:04.0020 2656 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:08:04.0083 2656 TrkWks - ok
20:08:04.0161 2656 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:08:04.0239 2656 TrustedInstaller - ok
20:08:04.0270 2656 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:08:04.0301 2656 tssecsrv - ok
20:08:04.0332 2656 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:08:04.0348 2656 TsUsbFlt - ok
20:08:04.0379 2656 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:08:04.0426 2656 tunnel - ok
20:08:04.0488 2656 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
20:08:04.0504 2656 TVALZ - ok
20:08:04.0566 2656 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:08:04.0597 2656 uagp35 - ok
20:08:04.0629 2656 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:08:04.0707 2656 udfs - ok
20:08:04.0769 2656 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:08:04.0847 2656 UI0Detect - ok
20:08:04.0909 2656 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:08:04.0941 2656 uliagpkx - ok
20:08:04.0972 2656 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:08:05.0003 2656 umbus - ok
20:08:05.0034 2656 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:08:05.0034 2656 UmPass - ok
20:08:05.0065 2656 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:08:05.0112 2656 upnphost - ok
20:08:05.0143 2656 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:08:05.0190 2656 usbccgp - ok
20:08:05.0221 2656 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:08:05.0253 2656 usbcir - ok
20:08:05.0284 2656 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:08:05.0315 2656 usbehci - ok
20:08:05.0362 2656 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:08:05.0409 2656 usbhub - ok
20:08:05.0424 2656 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:08:05.0455 2656 usbohci - ok
20:08:05.0487 2656 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:08:05.0502 2656 usbprint - ok
20:08:05.0518 2656 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:08:05.0533 2656 usbscan - ok
20:08:05.0549 2656 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
20:08:05.0580 2656 USBSTOR - ok
20:08:05.0596 2656 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:08:05.0611 2656 usbuhci - ok
20:08:05.0643 2656 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:08:05.0674 2656 usbvideo - ok
20:08:05.0689 2656 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:08:05.0752 2656 UxSms - ok
20:08:05.0783 2656 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:08:05.0799 2656 VaultSvc - ok
20:08:05.0830 2656 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:08:05.0830 2656 vdrvroot - ok
20:08:05.0877 2656 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:08:05.0970 2656 vds - ok
20:08:06.0017 2656 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:08:06.0048 2656 vga - ok
20:08:06.0064 2656 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:08:06.0142 2656 VgaSave - ok
20:08:06.0173 2656 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:08:06.0189 2656 vhdmp - ok
20:08:06.0220 2656 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:08:06.0235 2656 viaide - ok
20:08:06.0251 2656 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:08:06.0267 2656 volmgr - ok
20:08:06.0282 2656 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:08:06.0313 2656 volmgrx - ok
20:08:06.0329 2656 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:08:06.0345 2656 volsnap - ok
20:08:06.0376 2656 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:08:06.0391 2656 vsmraid - ok
20:08:06.0454 2656 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:08:06.0719 2656 VSS - ok
20:08:06.0735 2656 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:08:06.0750 2656 vwifibus - ok
20:08:06.0781 2656 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:08:06.0813 2656 vwififlt - ok
20:08:06.0828 2656 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:08:06.0844 2656 vwifimp - ok
20:08:06.0875 2656 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:08:06.0984 2656 W32Time - ok
20:08:07.0000 2656 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:08:07.0031 2656 WacomPen - ok
20:08:07.0062 2656 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:08:07.0109 2656 WANARP - ok
20:08:07.0109 2656 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:08:07.0140 2656 Wanarpv6 - ok
20:08:07.0249 2656 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:08:07.0343 2656 wbengine - ok
20:08:07.0390 2656 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:08:07.0452 2656 WbioSrvc - ok
20:08:07.0499 2656 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:08:07.0530 2656 wcncsvc - ok
20:08:07.0546 2656 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:08:07.0561 2656 WcsPlugInService - ok
20:08:07.0608 2656 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:08:07.0639 2656 Wd - ok
20:08:07.0671 2656 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:08:07.0717 2656 Wdf01000 - ok
20:08:07.0717 2656 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:08:07.0764 2656 WdiServiceHost - ok
20:08:07.0764 2656 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:08:07.0780 2656 WdiSystemHost - ok
20:08:07.0842 2656 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:08:07.0920 2656 WebClient - ok
20:08:07.0951 2656 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:08:08.0045 2656 Wecsvc - ok
20:08:08.0061 2656 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:08:08.0139 2656 wercplsupport - ok
20:08:08.0154 2656 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:08:08.0201 2656 WerSvc - ok
20:08:08.0248 2656 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:08:08.0279 2656 WfpLwf - ok
20:08:08.0310 2656 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:08:08.0310 2656 WIMMount - ok
20:08:08.0326 2656 WinDefend - ok
20:08:08.0341 2656 WinHttpAutoProxySvc - ok
20:08:08.0388 2656 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:08:08.0482 2656 Winmgmt - ok
20:08:08.0560 2656 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:08:08.0669 2656 WinRM - ok
20:08:08.0731 2656 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:08:08.0778 2656 WinUsb - ok
20:08:08.0809 2656 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:08:08.0887 2656 Wlansvc - ok
20:08:08.0950 2656 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:08:08.0981 2656 wlcrasvc - ok
20:08:09.0106 2656 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:08:09.0231 2656 wlidsvc - ok
20:08:09.0277 2656 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:08:09.0309 2656 WmiAcpi - ok
20:08:09.0340 2656 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:08:09.0387 2656 wmiApSrv - ok
20:08:09.0402 2656 WMPNetworkSvc - ok
20:08:09.0449 2656 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:08:09.0449 2656 WPCSvc - ok
20:08:09.0480 2656 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:08:09.0496 2656 WPDBusEnum - ok
20:08:09.0558 2656 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:08:09.0636 2656 ws2ifsl - ok
20:08:09.0667 2656 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
20:08:09.0730 2656 wscsvc - ok
20:08:09.0730 2656 WSearch - ok
20:08:09.0808 2656 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:08:09.0948 2656 wuauserv - ok
20:08:10.0026 2656 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:08:10.0104 2656 WudfPf - ok
20:08:10.0135 2656 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:08:10.0198 2656 WUDFRd - ok
20:08:10.0213 2656 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:08:10.0245 2656 wudfsvc - ok
20:08:10.0291 2656 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:08:10.0354 2656 WwanSvc - ok
20:08:10.0432 2656 ================ Scan global ===============================
20:08:10.0447 2656 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:08:10.0479 2656 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:08:10.0510 2656 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:08:10.0541 2656 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:08:10.0572 2656 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:08:10.0588 2656 [Global] - ok
20:08:10.0588 2656 ================ Scan MBR ==================================
20:08:10.0603 2656 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:08:14.0020 2656 \Device\Harddisk0\DR0 - ok
20:08:14.0020 2656 ================ Scan VBR ==================================
20:08:14.0082 2656 [ FB394E0D70AA2AAF0B46852DDB7B15DE ] \Device\Harddisk0\DR0\Partition1
20:08:14.0113 2656 \Device\Harddisk0\DR0\Partition1 - ok
20:08:14.0238 2656 [ ED331D13EA6F93952D7789A9F35DDB07 ] \Device\Harddisk0\DR0\Partition2
20:08:14.0254 2656 \Device\Harddisk0\DR0\Partition2 - ok
20:08:14.0254 2656 ============================================================
20:08:14.0254 2656 Scan finished
20:08:14.0254 2656 ============================================================
20:08:14.0269 1320 Detected object count: 0
20:08:14.0269 1320 Actual detected object count: 0
20:08:47.0466 2024 Deinitialize success
|
|
25.09.2012, 08:13
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 6 bedrohliche Dateien im Windows Ordner gefunden Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.09.2012, 13:43
| #25 |
| | 6 bedrohliche Dateien im Windows Ordner gefunden GMER hat nichts gefunden und deshalb kein Logfile erstellt, bzw. ich hab kein Logfile gefunden. OSAM: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 14:26:17 on 25.09.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Opera Software Opera Internet Browser 12.02 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Nero BurnRights 10" - "Nero AG" - c:\Program Files (x86)\Nero\Nero 10\Nero BurnRights\NeroBurnRights_10.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys "aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys "aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\System32\Drivers\aswrdr2.sys "aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys "aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys "atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information) "avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information) "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" (ssudmdm) - "DEVGURU Co., LTD.(www.devguru.co.kr)" - C:\Windows\System32\DRIVERS\ssudmdm.sys [Explorer] -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {F764812A-132C-4013-9960-5CBBEB408A0E} "NeroShellExt Class" - "Nero AG" - c:\Program Files (x86)\Common Files\Nero\NeroShellExt\NeroShellExt.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} "Java Plug-in 1.6.0_17" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "avast! WebRep" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll {CC59E0F9-7E43-44FA-9FAA-8377850BF205} "Free Download Manager" - ? - C:\Program Files (x86)\Free Download Manager\iefdm2.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [Known DLLs] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )----- "advapi32" - "Microsoft Corporation" - C:\Windows\system32\advapi32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "clbcatq" - "Microsoft Corporation" - C:\Windows\system32\clbcatq.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "COMDLG32" - "Microsoft Corporation" - C:\Windows\system32\COMDLG32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "DifxApi" - "Microsoft Corporation" - C:\Windows\system32\difxapi.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "gdi32" - "Microsoft Corporation" - C:\Windows\system32\gdi32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IERTUTIL" - "Microsoft Corporation" - C:\Windows\system32\IERTUTIL.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IMAGEHLP" - "Microsoft Corporation" - C:\Windows\system32\IMAGEHLP.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "IMM32" - "Microsoft Corporation" - C:\Windows\system32\IMM32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "kernel32" - "Microsoft Corporation" - C:\Windows\system32\kernel32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "LPK" - "Microsoft Corporation" - C:\Windows\system32\LPK.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "MSCTF" - "Microsoft Corporation" - C:\Windows\system32\MSCTF.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "MSVCRT" - "Microsoft Corporation" - C:\Windows\system32\MSVCRT.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "NORMALIZ" - "Microsoft Corporation" - C:\Windows\system32\NORMALIZ.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "NSI" - "Microsoft Corporation" - C:\Windows\system32\NSI.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "ole32" - "Microsoft Corporation" - C:\Windows\system32\ole32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "OLEAUT32" - "Microsoft Corporation" - C:\Windows\system32\OLEAUT32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "PSAPI" - "Microsoft Corporation" - C:\Windows\system32\PSAPI.DLL (Hidden registry entry, rootkit activity | File signed by Microsoft) "rpcrt4" - "Microsoft Corporation" - C:\Windows\system32\rpcrt4.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "sechost" - "Microsoft Corporation" - C:\Windows\system32\sechost.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "Setupapi" - "Microsoft Corporation" - C:\Windows\system32\Setupapi.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "SHELL32" - "Microsoft Corporation" - C:\Windows\system32\SHELL32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "SHLWAPI" - "Microsoft Corporation" - C:\Windows\system32\SHLWAPI.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "URLMON" - "Microsoft Corporation" - C:\Windows\system32\URLMON.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "user32" - "Microsoft Corporation" - C:\Windows\system32\user32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "USP10" - "Microsoft Corporation" - C:\Windows\system32\USP10.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WININET" - "Microsoft Corporation" - C:\Windows\system32\WININET.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WLDAP32" - "Microsoft Corporation" - C:\Windows\system32\WLDAP32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) "WS2_32" - "Microsoft Corporation" - C:\Windows\system32\WS2_32.dll (Hidden registry entry, rootkit activity | File signed by Microsoft) [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Alexei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "KiesPDLR" - ? - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "TWebCamera" - "TOSHIBA CORPORATION." - "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200" (NAUpdate) - "Nero AG" - c:\Program Files (x86)\Nero\Update\NASvc.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe "Dragon Age: Origins - Inhaltsupdater" (DAUpdaterSvc) - "BioWare" - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe "TOSHIBA Optical Disc Drive Service" (TODDSrv) - "TOSHIBA Corporation" - C:\Windows\system32\TODDSrv.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "NWLink IPX/SPX/NetBIOS Compatible Transport Protocol" - ? - C:\Windows\System32\nwprovau.dll (File not found) "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "RSVP TCP Service Provider" - ? - C:\Windows\system32\rsvpsp.dll (File not found) "RSVP UDP Service Provider" - ? - C:\Windows\system32\rsvpsp.dll (File not found) ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-25 14:29:51
-----------------------------
14:29:51.978 OS Version: Windows x64 6.1.7601 Service Pack 1
14:29:51.978 Number of processors: 2 586 0x603
14:29:51.978 ComputerName: ***TOSH UserName: ***
14:29:52.805 Initialize success
14:29:52.883 AVAST engine defs: 12092500
14:31:19.651 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:31:19.651 Disk 0 Vendor: ST9500325AS 0002SDM1 Size: 476940MB BusType: 11
14:31:20.041 Disk 0 MBR read successfully
14:31:20.041 Disk 0 MBR scan
14:31:20.041 Disk 0 Windows 7 default MBR code
14:31:20.056 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
14:31:20.072 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238000 MB offset 821248
14:31:20.103 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 238538 MB offset 488245248
14:31:20.212 Disk 0 scanning C:\Windows\system32\drivers
14:31:30.773 Service scanning
14:31:47.996 Modules scanning
14:31:48.011 Disk 0 trace - called modules:
14:31:48.074 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
14:31:48.089 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005e64060]
14:31:48.105 3 CLASSPNP.SYS[fffff880018a643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005db5060]
14:31:48.885 AVAST engine scan C:\Windows
14:31:51.256 AVAST engine scan C:\Windows\system32
14:34:37.880 AVAST engine scan C:\Windows\system32\drivers
14:34:49.580 AVAST engine scan C:\Users***
14:36:07.861 AVAST engine scan C:\ProgramData
14:37:09.107 Scan finished successfully
14:39:30.349 Disk 0 MBR has been saved successfully to "C:\Users***\Desktop\MBR.dat"
14:39:30.349 The log file has been saved successfully to "C:\Users***\Desktop\aswMBR.txt"
|
|
25.09.2012, 14:54
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 6 bedrohliche Dateien im Windows Ordner gefunden Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.09.2012, 21:53
| #27 |
| | 6 bedrohliche Dateien im Windows Ordner gefundenCode:
ATTFilter Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.09.25.13 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ***:: ***TOSH [Administrator] 26.09.2012 21:54:04 mbam-log-2012-09-26 (22-47-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 387404 Laufzeit: 52 Minute(n), 48 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 10 C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir (Rootkit.0Access) -> Keine Aktion durchgeführt. C:\TDSSKiller_Quarantine\22.09.2012_17.58.07\zasubsys0001\file0000\tsk0000.dta (Rootkit.0Access) -> Keine Aktion durchgeführt. C:\TDSSKiller_Quarantine\22.09.2012_17.58.07\zasubsys0002\file0000\tsk0000.dta (Rootkit.0Access) -> Keine Aktion durchgeführt. C:\TDSSKiller_Quarantine\22.09.2012_18.03.28\zasubsys0000\file0000\tsk0000.dta (Rootkit.0Access) -> Keine Aktion durchgeführt. C:\TDSSKiller_Quarantine\22.09.2012_18.03.28\zasubsys0002\file0000\tsk0000.dta (Rootkit.0Access) -> Keine Aktion durchgeführt. C:\TDSSKiller_Quarantine\22.09.2012_21.06.39\zasubsys0000\file0000\tsk0000.dta (Rootkit.0Access) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\09212012_181127\C_Windows\Installer\{2b5237e0-566b-3a54-ddb3-1cdd0045d9b7}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\09212012_181127\C_Windows\Installer\{2b5237e0-566b-3a54-ddb3-1cdd0045d9b7}\U\000000cb.@ (Rootkit.0Access) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\09212012_181127\C_Windows\Installer\{2b5237e0-566b-3a54-ddb3-1cdd0045d9b7}\U\80000000.@ (Rootkit.0Access.64) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\09212012_181127\C_Windows\Installer\{2b5237e0-566b-3a54-ddb3-1cdd0045d9b7}\U\80000032.@ (Rootkit.0Access) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 09/26/2012 at 05:41 PM
Application Version : 5.5.1022
Core Rules Database Version : 9286
Trace Rules Database Version: 7098
Scan type : Complete Scan
Total Scan Time : 02:34:32
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 642
Memory threats detected : 0
Registry items scanned : 65673
Registry threats detected : 0
File items scanned : 200119
File threats detected : 132
Adware.Tracking Cookie
C:\USERS***\AppData\Roaming\Microsoft\Windows\Cookies\TREOXVYZ.txt [ Cookie:alexei@clkads.com/adServe/banners ]
C:\USERS***\AppData\Roaming\Microsoft\Windows\Cookies\AQVMEJ36.txt [ Cookie:alexei@clkads.com/adServe ]
C:\USERS***\Cookies\TREOXVYZ.txt [ Cookie:alexei@clkads.com/adServe/banners ]
C:\USERS***\Cookies\AQVMEJ36.txt [ Cookie:alexei@clkads.com/adServe ]
secure-uk.imrworldwide.com [ C:\USERS\ALEXEI\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\PE2DUWXM ]
.revsci.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.ad.mlnadvertising.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\ALEXEI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
server.adformdsp.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adformdsp.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
track.effiliation.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
adx2.chip.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.tracker.vinsight.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\ALEX*EI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\ALEXEI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS*\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38G8Y0T0.DEFAULT\COOKIES.SQLITE ]
|
|
27.09.2012, 15:46
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 6 bedrohliche Dateien im Windows Ordner gefunden Sieht ok aus, da wurden nur Cookies und isolierte (nicht aktive) Schädlinge gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.09.2012, 16:35
| #29 |
| | 6 bedrohliche Dateien im Windows Ordner gefunden Zunächst einmal vielen Dank, dass du keine Zeit und Mühe gescheut hast mir bei meinem Problem zu helfen. Besonders klasse finde ich, wie schnell du immer auf meine Postings reagiert hast. Mein System scheint ganz normal zu laufen, keine Probleme mehr. Was Cookies und Werbung betrifft habe ich in Opera die Erweiterungen AdBlock und Ghostery (blockiert Skripte, die Browse-Verhalten ausspionieren) installiert. Cookies sind standartmäßig aus, ansonsten nur seitenspezifisch erlaubt. Geh ich recht in der Annahme, das MVPS Hosts File was ähnliches macht wie Ghostery? |
|
27.09.2012, 16:39
| #30 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | 6 bedrohliche Dateien im Windows Ordner gefundenZitat:
Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks => Adobe Flash Player Distribution | Adobe Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu 6 bedrohliche Dateien im Windows Ordner gefunden |
| adobe, adobe flash player, angezeigt, anhang, avast, befallen, blockiert, datei, dateien, dateiname, dateinamen, dropper, flash, flash player, gelöscht, löschen, malware, ordner, player, reparieren, richtig, rootkit, trojaner, virus, windows |
Linear-Darstellung
