| |
| |||||||
Log-Analyse und Auswertung: Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht startenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.10.2012, 18:47
| #16 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Zum einen ist da eine Ultimate-Version von Windows zum anderen Code:
ATTFilter Drive M: | 1863,01 Gb Total Space | 177,80 Gb Free Space | 9,54% Space Free | Partition Type: NTFS
Drive S: | 913,35 Gb Total Space | 323,04 Gb Free Space | 35,37% Space Free | Partition Type: NTFS
Drive T: | 913,35 Gb Total Space | 323,04 Gb Free Space | 35,37% Space Free | Partition Type: NTFS
Drive U: | 913,35 Gb Total Space | 323,04 Gb Free Space | 35,37% Space Free | Partition Type: NTFS
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.10.2012, 19:06
| #17 |
 | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Das ist ein NAS, auf dem meine Musik, Filme und Datensicherungen liegen. Es sind mehrere Shares eines gespiegelten Speicherlaufwerks. Die Anzeige ist also Redundant. Das Netzwerksegment habe 'frei Schnauze' gewählt. :-)
__________________
__________________ |
|
07.10.2012, 20:21
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Ok dann ist gut
__________________ Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-1170278873-877690166-519136246-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SX Virtual Link.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1170278873-877690166-519136246-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.13 11:52:52 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.09.29 09:26:18 | 000,000,000 | ---D | M] - U:\Auto -- [ NTFS ]
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ |
|
07.10.2012, 21:12
| #19 |
| | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Habe ich gemacht, wenn ich jetzt ein Programm starte, werde ich jedesmal gefragt, ob ich das wirklich will. Ist da jetzt die Sicherheitsstufe der Benutzerkontensteuerung absichtlich hochgesetzt worden?
__________________ Gruß, Michael/SH |
|
07.10.2012, 21:16
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Log vom Fix fehlt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 06:52
| #21 |
| | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht startenCode:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1170278873-877690166-519136246-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MobileDocuments deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
File move failed. C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SX Virtual Link.lnk scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1170278873-877690166-519136246-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
F:\AUTOEXEC.BAT moved successfully.
File not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\********\Desktop\cmd.bat deleted successfully.
C:\Users\********\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
User: ********
->Temp folder emptied: 1055152 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 79449003 bytes
->Flash cache emptied: 1414 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 122569279 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 194,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.69.0 log created on 10072012_215557
Files\Folders moved on Reboot...
File\Folder C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SX Virtual Link.lnk not found!
C:\Users\********\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
__________________ --> Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten |
|
08.10.2012, 11:38
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 17:29
| #23 |
| | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht startenCode:
ATTFilter 18:18:51.0760 3824 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:18:51.0875 3824 ============================================================
18:18:51.0875 3824 Current date / time: 2012/10/08 18:18:51.0875
18:18:51.0875 3824 SystemInfo:
18:18:51.0875 3824
18:18:51.0875 3824 OS Version: 6.1.7601 ServicePack: 1.0
18:18:51.0875 3824 Product type: Workstation
18:18:51.0876 3824 ComputerName: ********
18:18:51.0876 3824 UserName: ********
18:18:51.0876 3824 Windows directory: C:\Windows
18:18:51.0876 3824 System windows directory: C:\Windows
18:18:51.0876 3824 Running under WOW64
18:18:51.0876 3824 Processor architecture: Intel x64
18:18:51.0876 3824 Number of processors: 2
18:18:51.0876 3824 Page size: 0x1000
18:18:51.0876 3824 Boot type: Normal boot
18:18:51.0876 3824 ============================================================
18:18:52.0955 3824 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:18:52.0974 3824 ============================================================
18:18:52.0974 3824 \Device\Harddisk0\DR0:
18:18:52.0981 3824 MBR partitions:
18:18:52.0981 3824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x124F6BF3
18:18:52.0981 3824 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124F7000, BlocksNum 0x124F6800
18:18:52.0981 3824 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x249ED864, BlocksNum 0x4FD1815D
18:18:52.0981 3824 ============================================================
18:18:53.0017 3824 C: <-> \Device\Harddisk0\DR0\Partition2
18:18:53.0104 3824 D: <-> \Device\Harddisk0\DR0\Partition3
18:18:53.0196 3824 F: <-> \Device\Harddisk0\DR0\Partition1
18:18:53.0216 3824 ============================================================
18:18:53.0216 3824 Initialize success
18:18:53.0216 3824 ============================================================
18:19:51.0558 2984 ============================================================
18:19:51.0558 2984 Scan started
18:19:51.0558 2984 Mode: Manual; SigCheck; TDLFS;
18:19:51.0558 2984 ============================================================
18:19:52.0116 2984 ================ Scan system memory ========================
18:19:52.0117 2984 System memory - ok
18:19:52.0118 2984 ================ Scan services =============================
18:19:52.0523 2984 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:19:52.0619 2984 1394ohci - ok
18:19:52.0652 2984 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:19:52.0680 2984 ACPI - ok
18:19:52.0706 2984 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:19:52.0738 2984 AcpiPmi - ok
18:19:52.0777 2984 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:19:52.0797 2984 adp94xx - ok
18:19:52.0815 2984 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:19:52.0832 2984 adpahci - ok
18:19:52.0859 2984 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:19:52.0873 2984 adpu320 - ok
18:19:52.0909 2984 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:19:53.0004 2984 AeLookupSvc - ok
18:19:53.0034 2984 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:19:53.0068 2984 AFD - ok
18:19:53.0109 2984 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:19:53.0122 2984 agp440 - ok
18:19:53.0151 2984 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:19:53.0182 2984 ALG - ok
18:19:53.0199 2984 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:19:53.0211 2984 aliide - ok
18:19:53.0227 2984 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:19:53.0243 2984 amdide - ok
18:19:53.0278 2984 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:19:53.0324 2984 AmdK8 - ok
18:19:53.0339 2984 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:19:53.0359 2984 AmdPPM - ok
18:19:53.0380 2984 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:19:53.0393 2984 amdsata - ok
18:19:53.0406 2984 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:19:53.0421 2984 amdsbs - ok
18:19:53.0441 2984 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:19:53.0453 2984 amdxata - ok
18:19:53.0514 2984 [ D46391F209DE0A98A97D1D1765F53438 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
18:19:53.0550 2984 AMPPAL - ok
18:19:53.0566 2984 [ D46391F209DE0A98A97D1D1765F53438 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
18:19:53.0577 2984 AMPPALP - ok
18:19:53.0693 2984 [ EDFB061F7D553B84731B8263077FD520 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:19:53.0773 2984 AMPPALR3 - ok
18:19:53.0820 2984 [ 616D5100FC96936F78EC7B0745AF31F7 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:19:53.0863 2984 ApfiltrService - ok
18:19:53.0909 2984 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:19:54.0007 2984 AppID - ok
18:19:54.0038 2984 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:19:54.0120 2984 AppIDSvc - ok
18:19:54.0151 2984 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:19:54.0196 2984 Appinfo - ok
18:19:54.0325 2984 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:19:54.0360 2984 Apple Mobile Device - ok
18:19:54.0400 2984 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:19:54.0449 2984 AppMgmt - ok
18:19:54.0486 2984 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:19:54.0504 2984 arc - ok
18:19:54.0512 2984 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:19:54.0529 2984 arcsas - ok
18:19:54.0540 2984 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:19:54.0599 2984 AsyncMac - ok
18:19:54.0638 2984 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:19:54.0650 2984 atapi - ok
18:19:54.0691 2984 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:19:54.0768 2984 AudioEndpointBuilder - ok
18:19:54.0791 2984 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:19:54.0831 2984 AudioSrv - ok
18:19:54.0865 2984 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:19:54.0902 2984 AxInstSV - ok
18:19:54.0936 2984 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:19:54.0960 2984 b06bdrv - ok
18:19:55.0029 2984 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:19:55.0077 2984 b57nd60a - ok
18:19:55.0118 2984 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:19:55.0147 2984 BDESVC - ok
18:19:55.0181 2984 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:19:55.0245 2984 Beep - ok
18:19:55.0330 2984 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:19:55.0399 2984 BFE - ok
18:19:55.0480 2984 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\Windows\SysWOW64\bgsvcgen.exe
18:19:55.0493 2984 bgsvcgen - ok
18:19:55.0580 2984 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:19:55.0673 2984 BITS - ok
18:19:55.0712 2984 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:19:55.0733 2984 blbdrive - ok
18:19:55.0776 2984 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:19:55.0790 2984 Bonjour Service - ok
18:19:55.0830 2984 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:19:55.0873 2984 bowser - ok
18:19:55.0903 2984 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:19:55.0936 2984 BrFiltLo - ok
18:19:55.0952 2984 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:19:56.0005 2984 BrFiltUp - ok
18:19:56.0052 2984 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:19:56.0087 2984 Browser - ok
18:19:56.0135 2984 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:19:56.0180 2984 Brserid - ok
18:19:56.0200 2984 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:19:56.0235 2984 BrSerWdm - ok
18:19:56.0252 2984 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:19:56.0283 2984 BrUsbMdm - ok
18:19:56.0291 2984 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:19:56.0312 2984 BrUsbSer - ok
18:19:56.0357 2984 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:19:56.0387 2984 BthEnum - ok
18:19:56.0415 2984 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:19:56.0443 2984 BTHMODEM - ok
18:19:56.0474 2984 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:19:56.0513 2984 BthPan - ok
18:19:56.0552 2984 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:19:56.0592 2984 BTHPORT - ok
18:19:56.0618 2984 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:19:56.0672 2984 bthserv - ok
18:19:56.0696 2984 [ A3BC030FC526643DFDCA27299F75544B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:19:56.0707 2984 BTHSSecurityMgr - ok
18:19:56.0737 2984 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:19:56.0783 2984 BTHUSB - ok
18:19:56.0827 2984 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:19:56.0928 2984 cdfs - ok
18:19:56.0987 2984 [ 9EDD76D0800A022AE10B9243D0224E72 ] cdrbsdrv C:\Windows\system32\drivers\cdrbsdrv.sys
18:19:57.0011 2984 cdrbsdrv - ok
18:19:57.0048 2984 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:19:57.0098 2984 cdrom - ok
18:19:57.0133 2984 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:19:57.0182 2984 CertPropSvc - ok
18:19:57.0219 2984 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:19:57.0261 2984 circlass - ok
18:19:57.0300 2984 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:19:57.0317 2984 CLFS - ok
18:19:57.0390 2984 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:19:57.0420 2984 clr_optimization_v2.0.50727_32 - ok
18:19:57.0504 2984 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:19:57.0535 2984 clr_optimization_v2.0.50727_64 - ok
18:19:57.0601 2984 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:19:57.0627 2984 clr_optimization_v4.0.30319_32 - ok
18:19:57.0655 2984 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:19:57.0667 2984 clr_optimization_v4.0.30319_64 - ok
18:19:57.0690 2984 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:19:57.0725 2984 CmBatt - ok
18:19:57.0740 2984 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:19:57.0752 2984 cmdide - ok
18:19:57.0796 2984 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:19:57.0822 2984 CNG - ok
18:19:57.0846 2984 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:19:57.0858 2984 Compbatt - ok
18:19:57.0876 2984 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:19:57.0903 2984 CompositeBus - ok
18:19:57.0913 2984 COMSysApp - ok
18:19:57.0944 2984 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:19:57.0956 2984 crcdisk - ok
18:19:57.0990 2984 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:19:58.0012 2984 CryptSvc - ok
18:19:58.0064 2984 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:19:58.0121 2984 CSC - ok
18:19:58.0150 2984 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:19:58.0182 2984 CscService - ok
18:19:58.0230 2984 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:19:58.0298 2984 DcomLaunch - ok
18:19:58.0332 2984 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:19:58.0427 2984 defragsvc - ok
18:19:58.0463 2984 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:19:58.0506 2984 DfsC - ok
18:19:58.0558 2984 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:19:58.0638 2984 Dhcp - ok
18:19:58.0669 2984 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:19:58.0705 2984 discache - ok
18:19:58.0736 2984 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:19:58.0749 2984 Disk - ok
18:19:58.0767 2984 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:19:58.0784 2984 Dnscache - ok
18:19:58.0838 2984 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:19:58.0907 2984 dot3svc - ok
18:19:58.0931 2984 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:19:58.0977 2984 DPS - ok
18:19:59.0005 2984 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:19:59.0020 2984 drmkaud - ok
18:19:59.0105 2984 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:19:59.0154 2984 DXGKrnl - ok
18:19:59.0177 2984 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:19:59.0238 2984 EapHost - ok
18:19:59.0717 2984 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:19:59.0857 2984 ebdrv - ok
18:19:59.0876 2984 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:19:59.0890 2984 EFS - ok
18:20:00.0028 2984 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:20:00.0098 2984 ehRecvr - ok
18:20:00.0121 2984 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:20:00.0187 2984 ehSched - ok
18:20:00.0224 2984 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:20:00.0245 2984 elxstor - ok
18:20:00.0274 2984 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:20:00.0317 2984 ErrDev - ok
18:20:00.0370 2984 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:20:00.0450 2984 EventSystem - ok
18:20:00.0553 2984 [ 6EB16C7286FBCD3AB206743BA813EC48 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:20:00.0596 2984 EvtEng - ok
18:20:00.0614 2984 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:20:00.0655 2984 exfat - ok
18:20:00.0678 2984 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:20:00.0719 2984 fastfat - ok
18:20:00.0755 2984 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:20:00.0789 2984 Fax - ok
18:20:00.0806 2984 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:20:00.0831 2984 fdc - ok
18:20:00.0856 2984 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:20:00.0905 2984 fdPHost - ok
18:20:00.0920 2984 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:20:00.0977 2984 FDResPub - ok
18:20:01.0001 2984 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:20:01.0017 2984 FileInfo - ok
18:20:01.0023 2984 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:20:01.0076 2984 Filetrace - ok
18:20:01.0086 2984 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:20:01.0098 2984 flpydisk - ok
18:20:01.0131 2984 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:20:01.0147 2984 FltMgr - ok
18:20:01.0209 2984 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:20:01.0267 2984 FontCache - ok
18:20:01.0343 2984 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:20:01.0372 2984 FontCache3.0.0.0 - ok
18:20:01.0402 2984 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:20:01.0420 2984 FsDepends - ok
18:20:01.0454 2984 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:20:01.0467 2984 Fs_Rec - ok
18:20:01.0510 2984 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:20:01.0528 2984 fvevol - ok
18:20:01.0558 2984 [ 5462C481C8F526B63A1A6F3E26014BD5 ] Fwleaf C:\Windows\system32\DRIVERS\fwleaf.sys
18:20:01.0568 2984 Fwleaf - ok
18:20:01.0583 2984 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:20:01.0596 2984 gagp30kx - ok
18:20:01.0622 2984 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:20:01.0639 2984 GEARAspiWDM - ok
18:20:01.0678 2984 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:20:01.0723 2984 gpsvc - ok
18:20:01.0782 2984 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:20:01.0792 2984 gupdate - ok
18:20:01.0798 2984 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:20:01.0807 2984 gupdatem - ok
18:20:01.0831 2984 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:20:01.0855 2984 hcw85cir - ok
18:20:01.0895 2984 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:20:01.0921 2984 HdAudAddService - ok
18:20:01.0953 2984 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:20:01.0975 2984 HDAudBus - ok
18:20:02.0000 2984 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:20:02.0024 2984 HidBatt - ok
18:20:02.0037 2984 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:20:02.0059 2984 HidBth - ok
18:20:02.0065 2984 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:20:02.0081 2984 HidIr - ok
18:20:02.0108 2984 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:20:02.0145 2984 hidserv - ok
18:20:02.0195 2984 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:20:02.0207 2984 HidUsb - ok
18:20:02.0234 2984 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:20:02.0312 2984 hkmsvc - ok
18:20:02.0339 2984 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:20:02.0372 2984 HomeGroupListener - ok
18:20:02.0401 2984 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:20:02.0431 2984 HomeGroupProvider - ok
18:20:02.0456 2984 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:20:02.0472 2984 HpSAMD - ok
18:20:02.0524 2984 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:20:02.0605 2984 HTTP - ok
18:20:02.0631 2984 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:20:02.0643 2984 hwpolicy - ok
18:20:02.0659 2984 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:20:02.0681 2984 i8042prt - ok
18:20:02.0718 2984 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:20:02.0737 2984 iaStorV - ok
18:20:02.0819 2984 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:20:02.0833 2984 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:20:02.0833 2984 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:20:02.0951 2984 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:20:03.0005 2984 idsvc - ok
18:20:03.0065 2984 [ AC9EBDE25DB39A35E1CEB0441BA7A464 ] IGDCTRL C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
18:20:03.0088 2984 IGDCTRL - ok
18:20:03.0572 2984 [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:20:03.0766 2984 igfx - ok
18:20:03.0803 2984 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:20:03.0815 2984 iirsp - ok
18:20:03.0917 2984 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:20:03.0993 2984 IKEEXT - ok
18:20:04.0023 2984 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:20:04.0035 2984 intelide - ok
18:20:04.0059 2984 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:20:04.0085 2984 intelppm - ok
18:20:04.0104 2984 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:20:04.0150 2984 IPBusEnum - ok
18:20:04.0203 2984 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:20:04.0290 2984 IpFilterDriver - ok
18:20:04.0333 2984 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:20:04.0389 2984 iphlpsvc - ok
18:20:04.0415 2984 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:20:04.0435 2984 IPMIDRV - ok
18:20:04.0456 2984 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:20:04.0501 2984 IPNAT - ok
18:20:04.0595 2984 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:20:04.0655 2984 iPod Service - ok
18:20:04.0681 2984 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:20:04.0715 2984 IRENUM - ok
18:20:04.0747 2984 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:20:04.0759 2984 isapnp - ok
18:20:04.0785 2984 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:20:04.0835 2984 iScsiPrt - ok
18:20:04.0859 2984 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:20:04.0876 2984 kbdclass - ok
18:20:04.0903 2984 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:20:04.0946 2984 kbdhid - ok
18:20:04.0966 2984 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:20:04.0979 2984 KeyIso - ok
18:20:05.0016 2984 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:20:05.0030 2984 KSecDD - ok
18:20:05.0048 2984 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:20:05.0062 2984 KSecPkg - ok
18:20:05.0093 2984 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:20:05.0141 2984 ksthunk - ok
18:20:05.0201 2984 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:20:05.0283 2984 KtmRm - ok
18:20:05.0312 2984 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:20:05.0348 2984 LanmanServer - ok
18:20:05.0373 2984 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:20:05.0418 2984 LanmanWorkstation - ok
18:20:05.0465 2984 [ 83EC58ED3ACA5028919028667BABF490 ] leafnets C:\Windows\system32\DRIVERS\leafnets.sys
18:20:05.0490 2984 leafnets - ok
18:20:05.0527 2984 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:20:05.0603 2984 lltdio - ok
18:20:05.0680 2984 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:20:05.0763 2984 lltdsvc - ok
18:20:05.0780 2984 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:20:05.0862 2984 lmhosts - ok
18:20:05.0907 2984 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:20:05.0938 2984 LSI_FC - ok
18:20:05.0946 2984 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:20:05.0964 2984 LSI_SAS - ok
18:20:05.0971 2984 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:20:05.0984 2984 LSI_SAS2 - ok
18:20:05.0990 2984 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:20:06.0004 2984 LSI_SCSI - ok
18:20:06.0020 2984 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:20:06.0061 2984 luafv - ok
18:20:06.0096 2984 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:20:06.0108 2984 MBAMProtector - ok
18:20:06.0147 2984 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:20:06.0181 2984 MBAMScheduler - ok
18:20:06.0246 2984 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:20:06.0282 2984 MBAMService - ok
18:20:06.0308 2984 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:20:06.0331 2984 Mcx2Svc - ok
18:20:06.0343 2984 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:20:06.0356 2984 megasas - ok
18:20:06.0370 2984 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:20:06.0386 2984 MegaSR - ok
18:20:06.0443 2984 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:20:06.0476 2984 Microsoft Office Groove Audit Service - ok
18:20:06.0499 2984 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:20:06.0545 2984 MMCSS - ok
18:20:06.0560 2984 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:20:06.0606 2984 Modem - ok
18:20:06.0626 2984 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:20:06.0649 2984 monitor - ok
18:20:06.0680 2984 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:20:06.0692 2984 mouclass - ok
18:20:06.0717 2984 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:20:06.0735 2984 mouhid - ok
18:20:06.0767 2984 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:20:06.0781 2984 mountmgr - ok
18:20:06.0838 2984 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:20:06.0866 2984 MozillaMaintenance - ok
18:20:06.0908 2984 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:20:06.0922 2984 mpio - ok
18:20:06.0938 2984 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:20:06.0974 2984 mpsdrv - ok
18:20:07.0004 2984 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:20:07.0060 2984 MpsSvc - ok
18:20:07.0088 2984 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:20:07.0112 2984 MRxDAV - ok
18:20:07.0127 2984 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:20:07.0145 2984 mrxsmb - ok
18:20:07.0169 2984 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:20:07.0184 2984 mrxsmb10 - ok
18:20:07.0202 2984 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:20:07.0249 2984 mrxsmb20 - ok
18:20:07.0267 2984 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:20:07.0279 2984 msahci - ok
18:20:07.0295 2984 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:20:07.0308 2984 msdsm - ok
18:20:07.0321 2984 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:20:07.0347 2984 MSDTC - ok
18:20:07.0372 2984 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:20:07.0418 2984 Msfs - ok
18:20:07.0436 2984 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:20:07.0516 2984 mshidkmdf - ok
18:20:07.0531 2984 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:20:07.0543 2984 msisadrv - ok
18:20:07.0580 2984 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:20:07.0624 2984 MSiSCSI - ok
18:20:07.0631 2984 msiserver - ok
18:20:07.0662 2984 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:20:07.0724 2984 MSKSSRV - ok
18:20:07.0730 2984 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:20:07.0779 2984 MSPCLOCK - ok
18:20:07.0790 2984 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:20:07.0833 2984 MSPQM - ok
18:20:07.0852 2984 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:20:07.0870 2984 MsRPC - ok
18:20:07.0887 2984 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:20:07.0898 2984 mssmbios - ok
18:20:07.0934 2984 MSSQL$SQLEXPRESS - ok
18:20:07.0960 2984 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:20:07.0970 2984 MSSQLServerADHelper - ok
18:20:07.0993 2984 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:20:08.0033 2984 MSTEE - ok
18:20:08.0039 2984 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:20:08.0052 2984 MTConfig - ok
18:20:08.0073 2984 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:20:08.0085 2984 Mup - ok
18:20:08.0164 2984 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:20:08.0230 2984 napagent - ok
18:20:08.0271 2984 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:20:08.0303 2984 NativeWifiP - ok
18:20:08.0363 2984 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:20:08.0393 2984 NDIS - ok
18:20:08.0413 2984 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:20:08.0453 2984 NdisCap - ok
18:20:08.0484 2984 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:20:08.0537 2984 NdisTapi - ok
18:20:08.0562 2984 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:20:08.0602 2984 Ndisuio - ok
18:20:08.0623 2984 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:20:08.0664 2984 NdisWan - ok
18:20:08.0694 2984 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:20:08.0736 2984 NDProxy - ok
18:20:08.0762 2984 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:20:08.0799 2984 NetBIOS - ok
18:20:08.0830 2984 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:20:08.0879 2984 NetBT - ok
18:20:08.0888 2984 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:20:08.0900 2984 Netlogon - ok
18:20:08.0968 2984 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:20:09.0042 2984 Netman - ok
18:20:09.0062 2984 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:20:09.0115 2984 netprofm - ok
18:20:09.0156 2984 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:20:09.0169 2984 NetTcpPortSharing - ok
18:20:09.0618 2984 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
18:20:09.0810 2984 netw5v64 - ok
18:20:10.0170 2984 [ 54762E37F65C20652532DBDAC53698F6 ] NETwLv64 C:\Windows\system32\DRIVERS\NETwLv64.sys
18:20:10.0383 2984 NETwLv64 - ok
18:20:10.0407 2984 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:20:10.0423 2984 nfrd960 - ok
18:20:10.0501 2984 [ B4B153868698A6BA4ADCF6F08AA55B4F ] nicconfigsvc C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
18:20:10.0526 2984 nicconfigsvc ( UnsignedFile.Multi.Generic ) - warning
18:20:10.0526 2984 nicconfigsvc - detected UnsignedFile.Multi.Generic (1)
18:20:10.0557 2984 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:20:10.0601 2984 NlaSvc - ok
18:20:10.0688 2984 [ 193FA51DDDD0BFFDED1C340F0434999A ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
18:20:10.0731 2984 NMIndexingService - ok
18:20:10.0752 2984 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:20:10.0806 2984 Npfs - ok
18:20:10.0822 2984 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:20:10.0859 2984 nsi - ok
18:20:10.0865 2984 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:20:10.0900 2984 nsiproxy - ok
18:20:11.0044 2984 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:20:11.0121 2984 Ntfs - ok
18:20:11.0143 2984 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:20:11.0186 2984 Null - ok
18:20:11.0209 2984 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:20:11.0228 2984 nvraid - ok
18:20:11.0249 2984 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:20:11.0271 2984 nvstor - ok
18:20:11.0310 2984 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:20:11.0324 2984 nv_agp - ok
18:20:11.0433 2984 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:20:11.0488 2984 odserv - ok
18:20:11.0512 2984 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:20:11.0544 2984 ohci1394 - ok
18:20:11.0576 2984 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:20:11.0591 2984 ose - ok
18:20:11.0645 2984 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:20:11.0685 2984 p2pimsvc - ok
18:20:11.0709 2984 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:20:11.0744 2984 p2psvc - ok
18:20:11.0782 2984 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:20:11.0802 2984 Parport - ok
18:20:11.0831 2984 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:20:11.0876 2984 partmgr - ok
18:20:11.0906 2984 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:20:11.0934 2984 PcaSvc - ok
18:20:11.0980 2984 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:20:12.0003 2984 pci - ok
18:20:12.0030 2984 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:20:12.0041 2984 pciide - ok
18:20:12.0066 2984 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:20:12.0081 2984 pcmcia - ok
18:20:12.0088 2984 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:20:12.0100 2984 pcw - ok
18:20:12.0121 2984 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:20:12.0168 2984 PEAUTH - ok
18:20:12.0224 2984 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:20:12.0284 2984 PeerDistSvc - ok
18:20:12.0480 2984 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:20:12.0538 2984 PerfHost - ok
18:20:12.0595 2984 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:20:12.0669 2984 pla - ok
18:20:12.0707 2984 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:20:12.0743 2984 PlugPlay - ok
18:20:12.0767 2984 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:20:12.0781 2984 PNRPAutoReg - ok
18:20:12.0809 2984 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:20:12.0825 2984 PNRPsvc - ok
18:20:12.0901 2984 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:20:12.0982 2984 PolicyAgent - ok
18:20:13.0012 2984 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:20:13.0056 2984 Power - ok
18:20:13.0081 2984 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:20:13.0123 2984 PptpMiniport - ok
18:20:13.0143 2984 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:20:13.0161 2984 Processor - ok
18:20:13.0194 2984 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:20:13.0213 2984 ProfSvc - ok
18:20:13.0221 2984 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:20:13.0233 2984 ProtectedStorage - ok
18:20:13.0268 2984 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
18:20:13.0287 2984 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
18:20:13.0287 2984 ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
18:20:13.0316 2984 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:20:13.0365 2984 Psched - ok
18:20:13.0420 2984 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:20:13.0432 2984 PSI_SVC_2 - ok
18:20:13.0467 2984 [ DC2E1374677402BDDB7FA4C51C8C7A8B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:20:13.0471 2984 PxHlpa64 ( UnsignedFile.Multi.Generic ) - warning
18:20:13.0471 2984 PxHlpa64 - detected UnsignedFile.Multi.Generic (1)
18:20:13.0519 2984 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:20:13.0561 2984 ql2300 - ok
18:20:13.0568 2984 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:20:13.0581 2984 ql40xx - ok
18:20:13.0605 2984 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:20:13.0633 2984 QWAVE - ok
18:20:13.0648 2984 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:20:13.0673 2984 QWAVEdrv - ok
18:20:13.0710 2984 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:20:13.0749 2984 RasAcd - ok
18:20:13.0771 2984 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:20:13.0806 2984 RasAgileVpn - ok
18:20:13.0858 2984 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:20:13.0942 2984 RasAuto - ok
18:20:13.0982 2984 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:20:14.0030 2984 Rasl2tp - ok
18:20:14.0062 2984 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:20:14.0109 2984 RasMan - ok
18:20:14.0151 2984 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:20:14.0248 2984 RasPppoe - ok
18:20:14.0285 2984 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:20:14.0326 2984 RasSstp - ok
18:20:14.0357 2984 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:20:14.0429 2984 rdbss - ok
18:20:14.0454 2984 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:20:14.0474 2984 rdpbus - ok
18:20:14.0486 2984 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:20:14.0521 2984 RDPCDD - ok
18:20:14.0548 2984 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:20:14.0562 2984 RDPDR - ok
18:20:14.0583 2984 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:20:14.0628 2984 RDPENCDD - ok
18:20:14.0648 2984 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:20:14.0694 2984 RDPREFMP - ok
18:20:14.0741 2984 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:20:14.0781 2984 RdpVideoMiniport - ok
18:20:14.0810 2984 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:20:14.0833 2984 RDPWD - ok
18:20:14.0868 2984 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:20:14.0884 2984 rdyboost - ok
18:20:14.0941 2984 [ F09087C51C6AE42AE7DABE1EB3E44C17 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:20:14.0966 2984 RegSrvc - ok
18:20:15.0005 2984 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:20:15.0059 2984 RemoteAccess - ok
18:20:15.0095 2984 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:20:15.0134 2984 RemoteRegistry - ok
18:20:15.0172 2984 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:20:15.0189 2984 RFCOMM - ok
18:20:15.0230 2984 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:20:15.0274 2984 RpcEptMapper - ok
18:20:15.0311 2984 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:20:15.0364 2984 RpcLocator - ok
18:20:15.0407 2984 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:20:15.0456 2984 RpcSs - ok
18:20:15.0497 2984 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:20:15.0541 2984 rspndr - ok
18:20:15.0590 2984 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:20:15.0628 2984 s3cap - ok
18:20:15.0643 2984 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:20:15.0656 2984 SamSs - ok
18:20:15.0762 2984 [ F444EBA4C58AD1D6D1DA9850C2B5D829 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
18:20:15.0806 2984 SbieDrv - ok
18:20:15.0854 2984 [ 9E92ABAE6F6A63C4307FE7CC4AC95831 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
18:20:15.0882 2984 SbieSvc - ok
18:20:15.0913 2984 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:20:15.0931 2984 sbp2port - ok
18:20:15.0951 2984 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:20:16.0001 2984 SCardSvr - ok
18:20:16.0023 2984 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:20:16.0072 2984 scfilter - ok
18:20:16.0158 2984 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:20:16.0264 2984 Schedule - ok
18:20:16.0289 2984 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:20:16.0323 2984 SCPolicySvc - ok
18:20:16.0363 2984 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:20:16.0399 2984 SDRSVC - ok
18:20:16.0430 2984 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:20:16.0478 2984 secdrv - ok
18:20:16.0507 2984 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:20:16.0542 2984 seclogon - ok
18:20:16.0565 2984 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:20:16.0626 2984 SENS - ok
18:20:16.0635 2984 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:20:16.0648 2984 SensrSvc - ok
18:20:16.0675 2984 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:20:16.0698 2984 Serenum - ok
18:20:16.0710 2984 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:20:16.0737 2984 Serial - ok
18:20:16.0761 2984 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:20:16.0774 2984 sermouse - ok
18:20:16.0814 2984 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:20:16.0864 2984 SessionEnv - ok
18:20:16.0893 2984 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:20:16.0919 2984 sffdisk - ok
18:20:16.0937 2984 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:20:16.0953 2984 sffp_mmc - ok
18:20:16.0964 2984 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:20:16.0992 2984 sffp_sd - ok
18:20:17.0012 2984 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:20:17.0032 2984 sfloppy - ok
18:20:17.0065 2984 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:20:17.0107 2984 SharedAccess - ok
18:20:17.0145 2984 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:20:17.0195 2984 ShellHWDetection - ok
18:20:17.0221 2984 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:20:17.0236 2984 SiSRaid2 - ok
18:20:17.0255 2984 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:20:17.0267 2984 SiSRaid4 - ok
18:20:17.0283 2984 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:20:17.0331 2984 Smb - ok
18:20:17.0372 2984 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:20:17.0393 2984 SNMPTRAP - ok
18:20:17.0410 2984 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:20:17.0422 2984 spldr - ok
18:20:17.0458 2984 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:20:17.0489 2984 Spooler - ok
18:20:17.0758 2984 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:20:17.0889 2984 sppsvc - ok
18:20:17.0905 2984 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:20:17.0948 2984 sppuinotify - ok
18:20:17.0974 2984 [ 3612108D36EA74F6F9FC5005E88E353B ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:20:17.0987 2984 SQLBrowser - ok
18:20:18.0041 2984 [ 27A547B061C44D72AFA6C1E71665D4A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:20:18.0084 2984 SQLWriter - ok
18:20:18.0141 2984 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:20:18.0202 2984 srv - ok
18:20:18.0240 2984 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:20:18.0270 2984 srv2 - ok
18:20:18.0300 2984 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:20:18.0316 2984 SrvHsfHDA - ok
18:20:18.0377 2984 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:20:18.0440 2984 SrvHsfV92 - ok
18:20:18.0471 2984 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:20:18.0495 2984 SrvHsfWinac - ok
18:20:18.0532 2984 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:20:18.0558 2984 srvnet - ok
18:20:18.0587 2984 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:20:18.0637 2984 SSDPSRV - ok
18:20:18.0656 2984 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:20:18.0695 2984 SstpSvc - ok
18:20:18.0733 2984 [ 012DA05A75A03A5109C6DC0157541337 ] STacSV C:\Windows\system32\STacSV64.exe
18:20:18.0756 2984 STacSV - ok
18:20:18.0782 2984 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:20:18.0795 2984 stexstor - ok
18:20:18.0819 2984 [ 8435ED937F36AB0715E217C382C96A2B ] STHDA C:\Windows\system32\drivers\stwrt64.sys
18:20:18.0848 2984 STHDA - ok
18:20:18.0890 2984 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:20:18.0948 2984 stisvc - ok
18:20:18.0980 2984 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:20:18.0993 2984 storflt - ok
18:20:19.0013 2984 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:20:19.0026 2984 storvsc - ok
18:20:19.0045 2984 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:20:19.0057 2984 swenum - ok
18:20:19.0092 2984 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:20:19.0135 2984 swprv - ok
18:20:19.0170 2984 [ 297E20B8030B1D8670A3AA775F4FBF36 ] sxuptp C:\Windows\system32\DRIVERS\sxuptp.sys
18:20:19.0186 2984 sxuptp - ok
18:20:19.0202 2984 Synth3dVsc - ok
18:20:19.0266 2984 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:20:19.0327 2984 SysMain - ok
18:20:19.0367 2984 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:20:19.0395 2984 TabletInputService - ok
18:20:19.0424 2984 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:20:19.0467 2984 TapiSrv - ok
18:20:19.0498 2984 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:20:19.0575 2984 TBS - ok
18:20:19.0675 2984 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:20:19.0793 2984 Tcpip - ok
18:20:19.0852 2984 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:20:19.0891 2984 TCPIP6 - ok
18:20:19.0935 2984 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:20:20.0015 2984 tcpipreg - ok
18:20:20.0093 2984 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:20:20.0129 2984 TDPIPE - ok
18:20:20.0172 2984 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:20:20.0202 2984 TDTCP - ok
18:20:20.0232 2984 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:20:20.0286 2984 tdx - ok
18:20:20.0302 2984 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:20:20.0315 2984 TermDD - ok
18:20:20.0351 2984 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:20:20.0403 2984 TermService - ok
18:20:20.0428 2984 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:20:20.0450 2984 Themes - ok
18:20:20.0477 2984 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:20:20.0513 2984 THREADORDER - ok
18:20:20.0568 2984 [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:20:20.0599 2984 TOSHIBA Bluetooth Service - ok
18:20:20.0642 2984 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
18:20:20.0651 2984 tosporte - ok
18:20:20.0668 2984 [ 71BB669BFCADE1580FDCE010ABC76310 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
18:20:20.0680 2984 tosrfbd - ok
18:20:20.0701 2984 [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
18:20:20.0710 2984 tosrfbnp - ok
18:20:20.0736 2984 [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
18:20:20.0745 2984 Tosrfcom - ok
18:20:20.0781 2984 [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
18:20:20.0799 2984 Tosrfhid - ok
18:20:20.0821 2984 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
18:20:20.0829 2984 tosrfnds - ok
18:20:20.0857 2984 [ 463785C39F247580E16DAEF760E7EA86 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
18:20:20.0866 2984 Tosrfusb - ok
18:20:20.0893 2984 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:20:20.0937 2984 TrkWks - ok
18:20:20.0984 2984 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:20:21.0033 2984 TrustedInstaller - ok
18:20:21.0053 2984 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:20:21.0088 2984 tssecsrv - ok
18:20:21.0107 2984 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:20:21.0171 2984 TsUsbFlt - ok
18:20:21.0178 2984 tsusbhub - ok
18:20:21.0213 2984 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:20:21.0249 2984 tunnel - ok
18:20:21.0279 2984 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:20:21.0291 2984 uagp35 - ok
18:20:21.0307 2984 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:20:21.0352 2984 udfs - ok
18:20:21.0402 2984 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:20:21.0419 2984 UI0Detect - ok
18:20:21.0447 2984 [ C2AFA30CDB1B11FDAD055FD03A1064B0 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
18:20:21.0456 2984 UleadBurningHelper - ok
18:20:21.0470 2984 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:20:21.0483 2984 uliagpkx - ok
18:20:21.0518 2984 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:20:21.0531 2984 umbus - ok
18:20:21.0555 2984 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:20:21.0567 2984 UmPass - ok
18:20:21.0596 2984 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:20:21.0620 2984 UmRdpService - ok
18:20:21.0649 2984 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:20:21.0689 2984 upnphost - ok
18:20:21.0726 2984 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:20:21.0749 2984 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
18:20:21.0749 2984 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
18:20:21.0785 2984 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:20:21.0837 2984 usbaudio - ok
18:20:21.0857 2984 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:20:21.0872 2984 usbccgp - ok
18:20:21.0901 2984 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:20:21.0917 2984 usbcir - ok
18:20:21.0933 2984 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:20:21.0945 2984 usbehci - ok
18:20:21.0964 2984 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:20:21.0981 2984 usbhub - ok
18:20:22.0006 2984 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:20:22.0037 2984 usbohci - ok
18:20:22.0066 2984 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:20:22.0100 2984 usbprint - ok
18:20:22.0127 2984 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
18:20:22.0166 2984 USBSTOR - ok
18:20:22.0180 2984 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:20:22.0217 2984 usbuhci - ok
18:20:22.0386 2984 [ AC5E6B891A09D5A41EA7F72A5DF0A905 ] uvnc_service C:\Program Files (x86)\uvnc bvba\UltraVnc\winvnc.exe
18:20:22.0495 2984 uvnc_service - ok
18:20:22.0523 2984 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:20:22.0568 2984 UxSms - ok
18:20:22.0578 2984 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:20:22.0590 2984 VaultSvc - ok
18:20:22.0625 2984 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:20:22.0637 2984 vdrvroot - ok
18:20:22.0660 2984 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:20:22.0700 2984 vds - ok
18:20:22.0737 2984 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:20:22.0771 2984 vga - ok
18:20:22.0783 2984 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:20:22.0840 2984 VgaSave - ok
18:20:22.0862 2984 VGPU - ok
18:20:22.0912 2984 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:20:22.0950 2984 vhdmp - ok
18:20:22.0981 2984 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:20:22.0999 2984 viaide - ok
18:20:23.0027 2984 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:20:23.0041 2984 vmbus - ok
18:20:23.0051 2984 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:20:23.0073 2984 VMBusHID - ok
18:20:23.0091 2984 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:20:23.0104 2984 volmgr - ok
18:20:23.0121 2984 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:20:23.0139 2984 volmgrx - ok
18:20:23.0180 2984 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:20:23.0219 2984 volsnap - ok
18:20:23.0260 2984 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:20:23.0279 2984 vsmraid - ok
18:20:23.0328 2984 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:20:23.0396 2984 VSS - ok
18:20:23.0410 2984 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:20:23.0458 2984 vwifibus - ok
18:20:23.0483 2984 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:20:23.0529 2984 W32Time - ok
18:20:23.0564 2984 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:20:23.0577 2984 WacomPen - ok
18:20:23.0616 2984 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:20:23.0650 2984 WANARP - ok
18:20:23.0654 2984 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:20:23.0688 2984 Wanarpv6 - ok
18:20:23.0827 2984 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:20:23.0908 2984 wbengine - ok
18:20:23.0939 2984 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:20:23.0966 2984 WbioSrvc - ok
18:20:24.0016 2984 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:20:24.0049 2984 wcncsvc - ok
18:20:24.0065 2984 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:20:24.0085 2984 WcsPlugInService - ok
18:20:24.0110 2984 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:20:24.0122 2984 Wd - ok
18:20:24.0134 2984 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:20:24.0156 2984 Wdf01000 - ok
18:20:24.0189 2984 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:20:24.0243 2984 WdiServiceHost - ok
18:20:24.0258 2984 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:20:24.0286 2984 WdiSystemHost - ok
18:20:24.0301 2984 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:20:24.0341 2984 WebClient - ok
18:20:24.0376 2984 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:20:24.0425 2984 Wecsvc - ok
18:20:24.0432 2984 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:20:24.0469 2984 wercplsupport - ok
18:20:24.0490 2984 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:20:24.0533 2984 WerSvc - ok
18:20:24.0573 2984 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:20:24.0607 2984 WfpLwf - ok
18:20:24.0620 2984 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:20:24.0632 2984 WIMMount - ok
18:20:24.0651 2984 WinDefend - ok
18:20:24.0658 2984 WinHttpAutoProxySvc - ok
18:20:24.0700 2984 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:20:24.0747 2984 Winmgmt - ok
18:20:24.0992 2984 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:20:25.0112 2984 WinRM - ok
18:20:25.0180 2984 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:20:25.0195 2984 WinUsb - ok
18:20:25.0239 2984 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:20:25.0289 2984 Wlansvc - ok
18:20:25.0313 2984 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:20:25.0330 2984 WmiAcpi - ok
18:20:25.0365 2984 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:20:25.0414 2984 wmiApSrv - ok
18:20:25.0448 2984 WMPNetworkSvc - ok
18:20:25.0472 2984 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:20:25.0486 2984 WPCSvc - ok
18:20:25.0506 2984 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:20:25.0522 2984 WPDBusEnum - ok
18:20:25.0532 2984 WPRO_41_1742 - ok
18:20:25.0551 2984 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:20:25.0595 2984 ws2ifsl - ok
18:20:25.0633 2984 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:20:25.0669 2984 wscsvc - ok
18:20:25.0674 2984 WSearch - ok
18:20:25.0884 2984 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:20:26.0004 2984 wuauserv - ok
18:20:26.0036 2984 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:20:26.0073 2984 WudfPf - ok
18:20:26.0095 2984 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:20:26.0140 2984 WUDFRd - ok
18:20:26.0158 2984 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:20:26.0204 2984 wudfsvc - ok
18:20:26.0229 2984 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:20:26.0265 2984 WwanSvc - ok
18:20:26.0697 2984 [ 5BCB1F6CB749B6826BE1C0F16FF2F600 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:20:26.0768 2984 ZeroConfigService - ok
18:20:26.0806 2984 ================ Scan global ===============================
18:20:26.0834 2984 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:20:26.0855 2984 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:20:26.0864 2984 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:20:26.0891 2984 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:20:26.0905 2984 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:20:26.0909 2984 [Global] - ok
18:20:26.0910 2984 ================ Scan MBR ==================================
18:20:26.0927 2984 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:20:28.0268 2984 \Device\Harddisk0\DR0 - ok
18:20:28.0269 2984 ================ Scan VBR ==================================
18:20:28.0293 2984 [ A988BD9382E3CF5E1E24EEC39E68DD4A ] \Device\Harddisk0\DR0\Partition1
18:20:28.0298 2984 \Device\Harddisk0\DR0\Partition1 - ok
18:20:28.0329 2984 [ ED4C91B109CDAD564028595EDE935F88 ] \Device\Harddisk0\DR0\Partition2
18:20:28.0344 2984 \Device\Harddisk0\DR0\Partition2 - ok
18:20:28.0373 2984 [ 3BC2645A991EEACA5DF8661423A57DB1 ] \Device\Harddisk0\DR0\Partition3
18:20:28.0394 2984 \Device\Harddisk0\DR0\Partition3 - ok
18:20:28.0399 2984 ============================================================
18:20:28.0399 2984 Scan finished
18:20:28.0399 2984 ============================================================
18:20:28.0444 3484 Detected object count: 5
18:20:28.0444 3484 Actual detected object count: 5
18:22:12.0918 3484 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:22:12.0918 3484 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:22:12.0919 3484 nicconfigsvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:22:12.0919 3484 nicconfigsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:22:12.0925 3484 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
18:22:12.0925 3484 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:22:12.0928 3484 PxHlpa64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:22:12.0929 3484 PxHlpa64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:22:12.0931 3484 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:22:12.0931 3484 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________ Gruß, Michael/SH |
|
08.10.2012, 18:46
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.10.2012, 19:09
| #25 |
| | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Ging ohne Warnungen usw. Combofix Logfile: Code:
ATTFilter ComboFix 12-10-08.02 - ******** 08.10.2012 19:57:03.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.4086.2760 [GMT 2:00]
ausgeführt von:: c:\users\********\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
c:\programdata\C87E9B68C8.sys
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-08 bis 2012-10-08 ))))))))))))))))))))))))))))))
.
.
2012-10-08 18:02 . 2012-10-08 18:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-07 19:55 . 2012-10-07 19:55 -------- d-----w- C:\_OTL
2012-10-06 16:35 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-10-06 16:34 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7F351BEC-947D-4056-A290-61AEB92CCB71}\mpengine.dll
2012-10-06 15:40 . 2012-10-06 15:40 -------- d-----w- c:\program files\7-Zip
2012-10-06 15:28 . 2012-10-06 15:28 -------- d-----r- C:\Sandbox
2012-10-06 15:26 . 2012-10-06 15:26 -------- d-----w- c:\program files\Sandboxie
2012-10-05 17:43 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-10-05 17:42 . 2012-10-05 17:42 -------- d-----w- c:\program files\iPod
2012-10-05 17:42 . 2012-10-05 17:43 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-05 17:42 . 2012-10-05 17:43 -------- d-----w- c:\program files\iTunes
2012-10-05 17:39 . 2012-10-05 17:39 1409 ----a-w- c:\windows\QTFont.for
2012-10-05 15:54 . 2012-10-05 15:54 -------- d-----w- c:\program files (x86)\T-Online
2012-10-04 18:43 . 2012-10-04 18:43 -------- d-----w- c:\program files (x86)\ESET
2012-10-04 16:37 . 2012-10-04 16:37 -------- d-----w- c:\users\********\AppData\Roaming\Malwarebytes
2012-10-04 16:36 . 2012-10-04 16:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-04 16:36 . 2012-10-04 16:36 -------- d-----w- c:\programdata\Malwarebytes
2012-10-04 16:36 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-03 18:49 . 2012-10-04 07:09 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2012-10-03 18:44 . 2012-10-03 18:46 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-09-24 20:30 . 2012-09-24 20:30 -------- d-----w- c:\users\********\AppData\Roaming\AVM
2012-09-24 20:28 . 2012-09-24 20:30 -------- d-----w- c:\program files (x86)\FRITZ!Fernzugang einrichten
2012-09-23 14:54 . 2012-09-23 14:54 -------- d--h--w- c:\windows\system32\WLANProfiles
2012-09-23 14:51 . 2012-09-23 14:51 -------- d-----w- c:\users\********\AppData\Roaming\Intel
2012-09-23 14:51 . 2012-09-23 14:51 -------- d-----w- c:\users\Public\Roaming
2012-09-23 14:51 . 2012-09-23 14:51 -------- d-----w- c:\users\********\Roaming
2012-09-23 14:51 . 2012-09-23 14:51 -------- d-----w- c:\users\Default\Roaming
2012-09-23 14:50 . 2012-09-23 14:52 -------- d-----w- c:\program files\Intel
2012-09-23 14:50 . 2012-09-23 14:50 -------- d-----w- c:\programdata\Intel
2012-09-23 14:50 . 2012-09-23 14:50 -------- d-----w- c:\program files\Common Files\Intel
2012-09-23 14:50 . 2012-09-23 14:50 -------- d-----w- c:\program files (x86)\Cisco
2012-09-22 18:37 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-22 18:37 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-22 18:37 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-22 18:37 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-22 18:37 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-22 18:37 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-22 18:37 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-09 10:54 . 2012-09-09 10:58 -------- d-----w- c:\users\********\AppData\Roaming\UltraVNC
2012-09-09 10:53 . 2012-09-09 10:53 -------- d-----w- c:\program files (x86)\uvnc bvba
2012-09-08 20:16 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-09-08 19:32 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2012-09-08 19:32 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2012-09-08 18:07 . 2012-09-08 18:07 -------- d-----w- c:\users\********\AppData\Roaming\elsterformular
2012-09-08 18:07 . 2012-09-08 18:07 -------- d-----w- c:\programdata\elsterformular
2012-09-08 18:07 . 2012-09-08 18:07 -------- d-----w- c:\program files (x86)\ElsterFormular
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-22 18:37 . 2012-08-16 06:39 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-08 12:03 . 2012-09-08 12:03 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-08 12:03 . 2012-09-08 12:03 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-06 17:28 . 2012-09-06 17:28 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-06 17:28 . 2012-08-17 18:12 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-06 17:28 . 2012-08-17 18:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-21 11:01 . 2012-09-06 17:18 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-09-06 17:18 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-19 09:23 . 2012-08-17 17:12 5226 --sha-w- c:\programdata\KGyGaAvL.sys
2012-08-17 16:54 . 2012-08-17 16:54 80896 ----a-r- c:\users\********\AppData\Roaming\Microsoft\Installer\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}\Icon8CF9C550.exe
2012-08-16 18:25 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-08-16 18:25 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-08-16 06:54 . 2012-08-16 06:54 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-08-16 06:54 . 2012-08-16 06:54 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-08-16 06:54 . 2012-08-16 06:54 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-08-16 06:54 . 2012-08-16 06:54 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-08-16 06:54 . 2012-08-16 06:54 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-08-16 06:54 . 2012-08-16 06:54 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-08-16 06:54 . 2012-08-16 06:54 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-08-16 06:54 . 2012-08-16 06:54 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-08-16 06:54 . 2012-08-16 06:54 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-08-16 06:54 . 2012-08-16 06:54 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-08-16 06:54 . 2012-08-16 06:54 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-08-16 06:54 . 2012-08-16 06:54 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-08-16 06:54 . 2012-08-16 06:54 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-08-16 06:54 . 2012-08-16 06:54 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-08-16 06:54 . 2012-08-16 06:54 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-16 06:54 . 2012-08-16 06:54 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-08-16 06:54 . 2012-08-16 06:54 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-08-16 06:54 . 2012-08-16 06:54 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-08-16 06:54 . 2012-08-16 06:54 222208 ----a-w- c:\windows\system32\msls31.dll
2012-08-16 06:54 . 2012-08-16 06:54 197120 ----a-w- c:\windows\system32\msrating.dll
2012-08-16 06:54 . 2012-08-16 06:54 149504 ----a-w- c:\windows\system32\occache.dll
2012-08-16 06:54 . 2012-08-16 06:54 12288 ----a-w- c:\windows\system32\mshta.exe
2012-08-16 06:54 . 2012-08-16 06:54 114176 ----a-w- c:\windows\system32\admparse.dll
2012-08-16 06:54 . 2012-08-16 06:54 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-08-16 06:54 . 2012-08-16 06:54 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-08-16 06:54 . 2012-08-16 06:54 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-08-16 06:54 . 2012-08-16 06:54 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-08-16 06:54 . 2012-08-16 06:54 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-08-16 06:54 . 2012-08-16 06:54 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-08-16 06:54 . 2012-08-16 06:54 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-08-16 06:54 . 2012-08-16 06:54 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-08-16 06:54 . 2012-08-16 06:54 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-08-16 06:54 . 2012-08-16 06:54 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-08-16 06:54 . 2012-08-16 06:54 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-08-16 06:54 . 2012-08-16 06:54 82432 ----a-w- c:\windows\system32\icardie.dll
2012-08-16 06:54 . 2012-08-16 06:54 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-08-16 06:54 . 2012-08-16 06:54 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-08-16 06:54 . 2012-08-16 06:54 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-08-16 06:54 . 2012-08-16 06:54 448512 ----a-w- c:\windows\system32\html.iec
2012-08-16 06:54 . 2012-08-16 06:54 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-08-16 06:54 . 2012-08-16 06:54 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-08-16 06:54 . 2012-08-16 06:54 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-08-16 06:54 . 2012-08-16 06:54 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-16 06:54 . 2012-08-16 06:54 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-08-16 06:54 . 2012-08-16 06:54 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-08-16 06:54 . 2012-08-16 06:54 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-08-16 06:54 . 2012-08-16 06:54 160256 ----a-w- c:\windows\system32\wextract.exe
2012-08-16 06:54 . 2012-08-16 06:54 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-08-16 06:54 . 2012-08-16 06:54 103936 ----a-w- c:\windows\system32\inseng.dll
2012-07-18 18:15 . 2012-08-16 06:30 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-08-25 765200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Standby"="c:\program files (x86)\Common Files\Corel\Standby\Standby.exe" [2010-06-26 105632]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"FineReader7NewsReaderPro"="c:\program files (x86)\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe" [2004-01-19 278528]
"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808]
"Ulead Quick-Drop"="c:\program files (x86)\Ulead Systems\Ulead DVD MovieFactory 5\Ulead DVD MovieFactory 5\Quick-Drop.exe" [2006-10-27 118784]
"Corel Photo Downloader"="c:\program files (x86)\Corel\Corel Photo Album 6\MediaDetect.exe" [2007-02-21 112208]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-27 81920]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-06-08 128560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
c:\users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SX Virtual Link.lnk - c:\program files\silex technology\SX Virtual Link\Connect.exe [2012-8-17 437600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-7-31 2680160]
HD Writer.lnk - c:\program files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe [2012-8-23 308640]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1556560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 116648]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 116648]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-03 114144]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WPRO_41_1742;WinPcap Packet Driver (WPRO_41_1742);c:\windows\system32\drivers\WPRO_41_1742.sys [x]
R4 PxHlpa64;PxHlpa64;c:\windows\system32\Drivers\PxHlpa64.sys [2005-04-25 26720]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE [2009-07-28 88888]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2011-07-21 302904]
S2 uvnc_service;uvnc_service;c:\program files (x86)\uvnc bvba\UltraVnc\winvnc.exe [2012-02-14 2015968]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
S3 Fwleaf;NETGEAR Firewall Driver;c:\windows\system32\DRIVERS\fwleaf.sys [2011-04-07 27200]
S3 leafnets;Leaf Networks Adapter;c:\windows\system32\DRIVERS\leafnets.sys [2011-05-26 29696]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 NETwLv64; Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows Vista 64-Bit;c:\windows\system32\DRIVERS\NETwLv64.sys [2010-10-07 7533568]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 15208608
*Deregistered* - 15208608
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 19:57]
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 19:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-19 342528]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 363544]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.142.253
Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - c:\windows\System32\mscoree.dll
FF - ProfilePath - c:\users\********\AppData\Roaming\Mozilla\Firefox\Profiles\jz5n7wsu.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ISUSPM Startup - c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
Wow6432Node-HKLM-Run-ISUSPM - c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
HKLM-Run-SigmatelSysTrayApp - c:\program files (x86)\SigmaTel\C-Major Audio\WDM\sttray64.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:de,eb,19,8a,b1,7c,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,58,3b,40,5a,72,d2,1f,47,97,57,70,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,58,3b,40,5a,72,d2,1f,47,97,57,70,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrustedInstaller\Security]
@DACL=(02 0000)
@SACL=
"Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,
00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\
.
Zeit der Fertigstellung: 2012-10-08 20:05:51
ComboFix-quarantined-files.txt 2012-10-08 18:05
.
Vor Suchlauf: 13 Verzeichnis(se), 113.113.997.312 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 113.363.132.416 Bytes frei
.
- - End Of File - - 61B8F8A78A05E01D626B2BF6BEAF9A46
Kann man eigentlich bis jetzt schon erkennen ob der Rechner befallen war/ist?
__________________ Gruß, Michael/SH |
|
09.10.2012, 10:38
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.10.2012, 17:49
| #27 |
| | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten GMER erzeugte keinen Log, meldete nur in einer Dialogbox, dass keine Modifikationen gefunden wurden. OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:44:11 on 09.10.2012 OS: Windows 7 Ultimate Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Mozilla Corporation Firefox 15.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLCFG32.CPL "Nero BurnRights" - "Nero AG" - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%SystemRoot%\system32\drivers\tsusbhub.sys,-1" (tsusbhub) - ? - C:\Windows\System32\drivers\tsusbhub.sys (File not found) "Apple Mobile USB Driver" (USBAAPL64) - "Apple, Inc." - C:\Windows\System32\Drivers\usbaapl64.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "cdrbsdrv" (cdrbsdrv) - "B.H.A Corporation" - C:\Windows\system32\drivers\cdrbsdrv.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "SbieDrv" (SbieDrv) - "SANDBOXIE L.T.D" - C:\Program Files\Sandboxie\SbieDrv.sys "Synth3dVsc" (Synth3dVsc) - ? - C:\Windows\System32\drivers\synth3dvsc.sys (File not found) "VGPU" (VGPU) - ? - C:\Windows\System32\drivers\rdvgkmd.sys (File not found) "WinPcap Packet Driver (WPRO_41_1742)" (WPRO_41_1742) - ? - C:\Windows\System32\drivers\WPRO_41_1742.sys (File not found) [Explorer] -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL {DBD8E168-244D-448C-9922-25508950D1DC} "USIShellExt Class" - "Ulead Systems, Inc." - c:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "SX Virtual Link.lnk" - ? - C:\Program Files (x86)\silex technology\SX Virtual Link\Connect.exe (Shortcut exists | File not found) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Bluetooth Manager.lnk" - "TOSHIBA CORPORATION." - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HD Writer.lnk" - ? - C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Shortcut exists | File exists) "QuickSet.lnk" - ? - C:\Program Files (x86)\Dell\QuickSet\quickset.exe (Shortcut exists | File not found) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" "SandboxieControl" - "SANDBOXIE L.T.D" - "C:\Program Files\Sandboxie\SbieCtrl.exe" -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Corel Photo Downloader" - "Corel, Inc." - C:\Program Files (x86)\Corel\Corel Photo Album 6\MediaDetect.exe "FineReader7NewsReaderPro" - "ABBYY (BIT Software)" - "C:\Program Files (x86)\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe" "FreePDF Assistant" - "shbox.de" - "C:\Program Files (x86)\FreePDF_XP\fpassist.exe" "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "ISUSScheduler" - "Macrovision Corporation" - "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start "ITSecMng" - "TOSHIBA CORPORATION" - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START "iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "LexwareInfoService" - "Haufe-Lexware GmbH & Co. KG" - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart "PDVDDXSrv" - "CyberLink Corp." - "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" "QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "Standby" - "Corel" - "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Ulead Quick-Drop" - "Ulead Systems, Inc." - "C:\Program Files (x86)\Ulead Systems\Ulead DVD MovieFactory 5\Ulead DVD MovieFactory 5\Quick-Drop.exe" WINDOWCALL [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Redirected Port" - ? - C:\Windows\system32\redmonnt.dll (File found, but it contains no detailed information) "Toshiba Bluetooth Monitor" - "TOSHIBA CORPORATION." - C:\Windows\system32\tbtmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "AVM IGD CTRL Service" (IGDCTRL) - "AVM Berlin" - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE "B's Recorder GOLD Library General Service" (bgsvcgen) - "B.H.A Corporation" - C:\Windows\SysWOW64\bgsvcgen.exe "Dell Energieverwaltung der internen Netzwerkkarte" (nicconfigsvc) - "Dell Inc." - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service" (BTHSSecurityMgr) - "Intel(R) Corporation" - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe "Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe "Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe "Intel(R) PROSet/Wireless Zero Configuration Service" (ZeroConfigService) - "Intel® Corporation" - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe "Intel® Centrino® Wireless Bluetooth® + High Speed Service" (AMPPALR3) - "Intel Corporation" - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe "ProtexisLicensing" (ProtexisLicensing) - ? - C:\Windows\SysWOW64\PSIService.exe "Sandboxie Service" (SbieSvc) - "SANDBOXIE L.T.D" - C:\Program Files\Sandboxie\SbieSvc.exe "SQL Server (SQLEXPRESS)" (MSSQL$SQLEXPRESS) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe "SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe "TOSHIBA Bluetooth Service" (TOSHIBA Bluetooth Service) - "TOSHIBA CORPORATION" - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe "Ulead Burning Helper" (UleadBurningHelper) - "Ulead Systems, Inc." - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe "uvnc_service" (uvnc_service) - "UltraVNC" - C:\Program Files (x86)\uvnc bvba\UltraVnc\winvnc.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-09 18:57:08
-----------------------------
18:57:08.854 OS Version: Windows x64 6.1.7601 Service Pack 1
18:57:08.854 Number of processors: 2 586 0xF0A
18:57:08.855 ComputerName: ********* UserName: *********
18:57:09.392 Initialize success
18:58:31.490 AVAST engine defs: 12100900
19:04:03.729 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
19:04:03.749 Disk 0 Vendor: Hitachi_HTS541010A9E680 JA0OA480 Size: 953869MB BusType: 11
19:04:03.784 Disk 0 MBR read successfully
19:04:03.789 Disk 0 MBR scan
19:04:03.797 Disk 0 Windows 7 default MBR code
19:04:03.804 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149997 MB offset 63
19:04:03.819 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 149997 MB offset 307195904
19:04:03.841 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 653872 MB offset 614389860
19:04:03.861 Disk 0 scanning C:\Windows\system32\drivers
19:04:12.546 Service scanning
19:04:55.839 Modules scanning
19:04:55.873 Disk 0 trace - called modules:
19:04:55.897 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:04:55.910 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004235060]
19:04:55.920 3 CLASSPNP.SYS[fffff880013ab43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0xfffffa800409f060]
19:04:56.486 AVAST engine scan C:\Windows
19:04:58.897 AVAST engine scan C:\Windows\system32
19:07:42.695 AVAST engine scan C:\Windows\system32\drivers
19:07:54.507 AVAST engine scan C:\Users\*********
19:09:08.355 AVAST engine scan C:\ProgramData
19:10:12.705 Scan finished successfully
19:24:36.954 Disk 0 MBR has been saved successfully to "C:\Users\*********\Desktop\MBR.dat"
19:24:36.971 The log file has been saved successfully to "C:\Users\*********\Desktop\aswMBR.txt"
__________________ Gruß, Michael/SH Geändert von mash3010 (09.10.2012 um 17:56 Uhr) |
|
09.10.2012, 19:01
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2012, 06:47
| #29 |
| | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht startenCode:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.10.09.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Michael :: SUH-D830-W7 [Administrator] Schutz: Aktiviert 09.10.2012 21:11:35 mbam-log-2012-10-09 (21-11-35).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 724043 Laufzeit: 1 Stunde(n), 45 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/10/2012 at 07:25 PM
Application Version : 5.6.1008
Core Rules Database Version : 9373
Trace Rules Database Version: 7185
Scan type : Complete Scan
Total Scan Time : 11:35:08
Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 636
Memory threats detected : 0
Registry items scanned : 74982
Registry threats detected : 0
File items scanned : 154233
File threats detected : 324
Adware.Tracking Cookie
318 Cookies ****************
Heur.Agent/Gen-WhiteBox
D:\USERS\*********\DOWNLOADS\DIVERSES\AUDIOSOFTWARE\MEDIACODER-UPDATE-4590.EXE
Trojan.Agent/Gen-Small
D:\USERS\*********\DOWNLOADS\DIVERSES\AUDIOSOFTWARE\MP3DC207.EXE
Trojan.Agent/Gen-Cryptor[Egun]
ZIP ARCHIVE( D:\USERS\*********\DOWNLOADS\MESSSOFTWARE\DWLFREQPLOTTER.ZIP )/FA5000.EXE
D:\USERS\*********\DOWNLOADS\MESSSOFTWARE\DWLFREQPLOTTER.ZIP
C:\USERS\*********\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\DWLFREQPLOTTER.ZIP.LNK
Trojan.Unclassified/Dropper
D:\USERS\*********\PROJEKTE\IECUPDNEW\TESTUMGEBUNG\MSDLIB\CVTM990.EXE
Die Unmengen an Cookies, die angemahnt wurden, habe ich entfernt. Ein bisschen habe ich schon zu verbergen
__________________ Gruß, Michael/SH |
|
15.10.2012, 11:17
| #30 |
| | Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten Hallo cosinus, muss ich noch was tun?
__________________ Gruß, Michael/SH |
|
| Themen zu Unbekannte Datei im startup, Mozilla-Programme lassen sich nicht starten |
| appdata, datei, exe, firefox, laufen, melde, neu, neuinstallation, nicht mehr, plötzlich, probleme, problemlos, rechners, roaming, starten, startup, stelle, thunderbird, trojaner, unbekannte, unbekanntes, verzeichnis, viren, windows, windows 7, windows 7 x64 |
Linear-Darstellung
