| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Atraps.gen2 TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.01.2013, 19:57
| #1 |
 |  TR/Atraps.gen2 Trojaner Sehr geehrtes Board, mein Virenscanner erkennt in einem geschützten Ordner den Trojaner Atraps.gen2 und kann diesen leider nicht entfernen.  Ich bitte um Hilfe. Vielen Dank im Voraus mfg |
|
13.01.2013, 20:04
| #2 |
| /// Malware-holic   | TR/Atraps.gen2 Trojaner Hi
__________________avira öffnen, verwaltung, Quarantäne, Fundmeldungen mit Pfadangabe posten
__________________ |
|
13.01.2013, 20:16
| #3 |
| | TR/Atraps.gen2 Trojaner Guten Abend
__________________Hier mal die Eigenschaften vom letzten Fund Code:
ATTFilter
Typ: Datei
Quelle: C:\$Recycle.Bin\S-1-5-18\$79d74d7b994e981d7e19bb4b4151ce3d\U\80000032.@
Status: Infiziert
Quarantäne-Objekt: 5807922b.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.10.230
Virendefinitionsdatei: 7.11.57.24
Meldung: TR/ATRAPS.Gen2
Datum/Uhrzeit: 13.01.2013, 20:10
 mfg |
|
13.01.2013, 21:06
| #4 |
| /// Malware-holic | TR/Atraps.gen2 Trojaner nutzt du das Gerät für oninebanking, zum einkaufen, für sonstige Zahlungsabwicklungen, oder ähnlich wichtigem, wie beruflichem?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.01.2013, 21:10
| #5 |
| | TR/Atraps.gen2 Trojaner nein. ich verstehe jetzt zwar nicht was das mit der beseitigung des trojaners zu tun hat aber ok. ,mfg |
|
14.01.2013, 20:47
| #6 |
| /// Malware-holic | TR/Atraps.gen2 Trojaner es hat was mit den weiteren Arbeitsschritten zu tun. also, nichts von dem genannten? download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ --> TR/Atraps.gen2 Trojaner |
|
14.01.2013, 21:24
| #7 |
| | TR/Atraps.gen2 Trojaner Achso ok. "No threats found" Code:
ATTFilter 21:20:24.0490 5632 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:20:26.0488 5632 ============================================================
21:20:26.0488 5632 Current date / time: 2013/01/14 21:20:26.0488
21:20:26.0488 5632 SystemInfo:
21:20:26.0488 5632
21:20:26.0488 5632 OS Version: 6.1.7600 ServicePack: 0.0
21:20:26.0488 5632 Product type: Workstation
21:20:26.0488 5632 ComputerName: ROY-PC
21:20:26.0488 5632 UserName: Roy
21:20:26.0488 5632 Windows directory: C:\Windows
21:20:26.0488 5632 System windows directory: C:\Windows
21:20:26.0488 5632 Running under WOW64
21:20:26.0488 5632 Processor architecture: Intel x64
21:20:26.0488 5632 Number of processors: 8
21:20:26.0488 5632 Page size: 0x1000
21:20:26.0488 5632 Boot type: Normal boot
21:20:26.0488 5632 ============================================================
21:20:27.0439 5632 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:20:27.0448 5632 ============================================================
21:20:27.0448 5632 \Device\Harddisk0\DR0:
21:20:27.0448 5632 MBR partitions:
21:20:27.0448 5632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:20:27.0448 5632 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6265800
21:20:27.0448 5632 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6298000, BlocksNum 0x445BF800
21:20:27.0448 5632 ============================================================
21:20:27.0479 5632 C: <-> \Device\Harddisk0\DR0\Partition2
21:20:27.0523 5632 D: <-> \Device\Harddisk0\DR0\Partition3
21:20:27.0523 5632 ============================================================
21:20:27.0523 5632 Initialize success
21:20:27.0523 5632 ============================================================
21:22:34.0199 4308 ============================================================
21:22:34.0199 4308 Scan started
21:22:34.0199 4308 Mode: Manual; SigCheck; TDLFS;
21:22:34.0199 4308 ============================================================
21:22:34.0952 4308 ================ Scan system memory ========================
21:22:34.0952 4308 System memory - ok
21:22:34.0952 4308 ================ Scan services =============================
21:22:35.0062 4308 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:22:35.0137 4308 1394ohci - ok
21:22:35.0162 4308 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:22:35.0175 4308 ACPI - ok
21:22:35.0183 4308 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:22:35.0211 4308 AcpiPmi - ok
21:22:35.0317 4308 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:22:35.0326 4308 AdobeARMservice - ok
21:22:35.0368 4308 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:22:35.0388 4308 adp94xx - ok
21:22:35.0406 4308 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:22:35.0424 4308 adpahci - ok
21:22:35.0428 4308 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:22:35.0443 4308 adpu320 - ok
21:22:35.0465 4308 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:22:35.0515 4308 AeLookupSvc - ok
21:22:35.0549 4308 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
21:22:35.0597 4308 AFD - ok
21:22:35.0628 4308 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:22:35.0641 4308 agp440 - ok
21:22:35.0644 4308 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:22:35.0699 4308 ALG - ok
21:22:35.0721 4308 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:22:35.0732 4308 aliide - ok
21:22:35.0745 4308 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:22:35.0756 4308 amdide - ok
21:22:35.0766 4308 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:22:35.0813 4308 AmdK8 - ok
21:22:35.0816 4308 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:22:35.0845 4308 AmdPPM - ok
21:22:35.0879 4308 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
21:22:35.0892 4308 amdsata - ok
21:22:35.0923 4308 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:22:35.0938 4308 amdsbs - ok
21:22:35.0946 4308 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
21:22:35.0954 4308 amdxata - ok
21:22:35.0979 4308 [ D46391F209DE0A98A97D1D1765F53438 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
21:22:36.0018 4308 AMPPAL - ok
21:22:36.0022 4308 [ D46391F209DE0A98A97D1D1765F53438 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
21:22:36.0030 4308 AMPPALP - ok
21:22:36.0103 4308 [ EDFB061F7D553B84731B8263077FD520 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:22:36.0121 4308 AMPPALR3 - ok
21:22:36.0256 4308 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService D:\Programme\avira\Avira\AntiVir Desktop\sched.exe
21:22:36.0264 4308 AntiVirSchedulerService - ok
21:22:36.0278 4308 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService D:\Programme\avira\Avira\AntiVir Desktop\avguard.exe
21:22:36.0286 4308 AntiVirService - ok
21:22:36.0307 4308 [ 255527AB98293EA390352A8C53B0042A ] AntiVirWebService D:\Programme\avira\Avira\AntiVir Desktop\AVWEBGRD.EXE
21:22:36.0320 4308 AntiVirWebService - ok
21:22:36.0363 4308 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
21:22:36.0443 4308 AppID - ok
21:22:36.0468 4308 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:22:36.0511 4308 AppIDSvc - ok
21:22:36.0536 4308 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
21:22:36.0554 4308 Appinfo - ok
21:22:36.0575 4308 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:22:36.0588 4308 arc - ok
21:22:36.0599 4308 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:22:36.0612 4308 arcsas - ok
21:22:36.0633 4308 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:22:36.0674 4308 AsyncMac - ok
21:22:36.0688 4308 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:22:36.0696 4308 atapi - ok
21:22:36.0726 4308 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:22:36.0761 4308 AudioEndpointBuilder - ok
21:22:36.0769 4308 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:22:36.0803 4308 AudioSrv - ok
21:22:36.0852 4308 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:22:36.0860 4308 avgntflt - ok
21:22:36.0871 4308 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:22:36.0884 4308 avipbb - ok
21:22:36.0898 4308 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:22:36.0908 4308 avkmgr - ok
21:22:36.0928 4308 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:22:36.0965 4308 AxInstSV - ok
21:22:37.0008 4308 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:22:37.0060 4308 b06bdrv - ok
21:22:37.0082 4308 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:22:37.0115 4308 b57nd60a - ok
21:22:37.0148 4308 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:22:37.0182 4308 BDESVC - ok
21:22:37.0203 4308 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:22:37.0263 4308 Beep - ok
21:22:37.0282 4308 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:22:37.0306 4308 blbdrive - ok
21:22:37.0339 4308 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:22:37.0367 4308 bowser - ok
21:22:37.0381 4308 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:22:37.0402 4308 BrFiltLo - ok
21:22:37.0405 4308 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:22:37.0418 4308 BrFiltUp - ok
21:22:37.0431 4308 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
21:22:37.0477 4308 Browser - ok
21:22:37.0492 4308 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:22:37.0550 4308 Brserid - ok
21:22:37.0565 4308 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:22:37.0586 4308 BrSerWdm - ok
21:22:37.0588 4308 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:22:37.0604 4308 BrUsbMdm - ok
21:22:37.0617 4308 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:22:37.0638 4308 BrUsbSer - ok
21:22:37.0641 4308 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:22:37.0656 4308 BTHMODEM - ok
21:22:37.0678 4308 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:22:37.0722 4308 bthserv - ok
21:22:37.0739 4308 [ A3BC030FC526643DFDCA27299F75544B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:22:37.0746 4308 BTHSSecurityMgr - ok
21:22:37.0756 4308 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:22:37.0789 4308 cdfs - ok
21:22:37.0937 4308 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:22:37.0984 4308 cdrom - ok
21:22:38.0006 4308 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
21:22:38.0046 4308 CertPropSvc - ok
21:22:38.0057 4308 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:22:38.0085 4308 circlass - ok
21:22:38.0113 4308 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:22:38.0127 4308 CLFS - ok
21:22:38.0183 4308 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:22:38.0196 4308 clr_optimization_v2.0.50727_32 - ok
21:22:38.0234 4308 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:22:38.0247 4308 clr_optimization_v2.0.50727_64 - ok
21:22:38.0311 4308 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:22:38.0319 4308 clr_optimization_v4.0.30319_32 - ok
21:22:38.0357 4308 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:22:38.0366 4308 clr_optimization_v4.0.30319_64 - ok
21:22:38.0398 4308 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:22:38.0422 4308 CmBatt - ok
21:22:38.0441 4308 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:22:38.0452 4308 cmdide - ok
21:22:38.0481 4308 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
21:22:38.0516 4308 CNG - ok
21:22:38.0538 4308 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:22:38.0546 4308 Compbatt - ok
21:22:38.0567 4308 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:22:38.0591 4308 CompositeBus - ok
21:22:38.0599 4308 COMSysApp - ok
21:22:38.0675 4308 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:22:38.0694 4308 cphs - ok
21:22:38.0715 4308 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:22:38.0727 4308 crcdisk - ok
21:22:38.0767 4308 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:22:38.0794 4308 CryptSvc - ok
21:22:38.0823 4308 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:22:38.0871 4308 DcomLaunch - ok
21:22:38.0897 4308 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:22:38.0928 4308 defragsvc - ok
21:22:38.0960 4308 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:22:38.0982 4308 DfsC - ok
21:22:39.0014 4308 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:22:39.0037 4308 Dhcp - ok
21:22:39.0056 4308 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:22:39.0104 4308 discache - ok
21:22:39.0134 4308 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:22:39.0143 4308 Disk - ok
21:22:39.0165 4308 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:22:39.0193 4308 Dnscache - ok
21:22:39.0212 4308 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
21:22:39.0257 4308 dot3svc - ok
21:22:39.0262 4308 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
21:22:39.0302 4308 DPS - ok
21:22:39.0346 4308 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:22:39.0359 4308 drmkaud - ok
21:22:39.0396 4308 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:22:39.0406 4308 dtsoftbus01 - ok
21:22:39.0446 4308 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:22:39.0475 4308 DXGKrnl - ok
21:22:39.0496 4308 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:22:39.0538 4308 EapHost - ok
21:22:39.0598 4308 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:22:39.0666 4308 ebdrv - ok
21:22:39.0694 4308 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
21:22:39.0719 4308 EFS - ok
21:22:39.0777 4308 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:22:39.0832 4308 ehRecvr - ok
21:22:39.0856 4308 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:22:39.0887 4308 ehSched - ok
21:22:39.0911 4308 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:22:39.0933 4308 elxstor - ok
21:22:39.0949 4308 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:22:39.0996 4308 ErrDev - ok
21:22:40.0027 4308 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:22:40.0071 4308 EventSystem - ok
21:22:40.0145 4308 [ 6EB16C7286FBCD3AB206743BA813EC48 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:22:40.0159 4308 EvtEng - ok
21:22:40.0186 4308 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:22:40.0235 4308 exfat - ok
21:22:40.0239 4308 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:22:40.0290 4308 fastfat - ok
21:22:40.0336 4308 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
21:22:40.0372 4308 Fax - ok
21:22:40.0375 4308 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:22:40.0401 4308 fdc - ok
21:22:40.0422 4308 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:22:40.0457 4308 fdPHost - ok
21:22:40.0459 4308 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:22:40.0495 4308 FDResPub - ok
21:22:40.0514 4308 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:22:40.0523 4308 FileInfo - ok
21:22:40.0537 4308 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:22:40.0576 4308 Filetrace - ok
21:22:40.0604 4308 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:22:40.0616 4308 flpydisk - ok
21:22:40.0621 4308 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:22:40.0632 4308 FltMgr - ok
21:22:40.0670 4308 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
21:22:40.0718 4308 FontCache - ok
21:22:40.0765 4308 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:22:40.0772 4308 FontCache3.0.0.0 - ok
21:22:40.0783 4308 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:22:40.0795 4308 FsDepends - ok
21:22:40.0821 4308 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:22:40.0832 4308 Fs_Rec - ok
21:22:40.0861 4308 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:22:40.0873 4308 fvevol - ok
21:22:40.0904 4308 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:22:40.0917 4308 gagp30kx - ok
21:22:40.0960 4308 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
21:22:40.0991 4308 gpsvc - ok
21:22:40.0993 4308 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:22:41.0032 4308 hcw85cir - ok
21:22:41.0067 4308 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:22:41.0100 4308 HdAudAddService - ok
21:22:41.0130 4308 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:22:41.0155 4308 HDAudBus - ok
21:22:41.0171 4308 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:22:41.0195 4308 HidBatt - ok
21:22:41.0198 4308 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:22:41.0228 4308 HidBth - ok
21:22:41.0238 4308 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:22:41.0270 4308 HidIr - ok
21:22:41.0291 4308 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:22:41.0331 4308 hidserv - ok
21:22:41.0361 4308 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:22:41.0389 4308 HidUsb - ok
21:22:41.0403 4308 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:22:41.0439 4308 hkmsvc - ok
21:22:41.0443 4308 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:22:41.0455 4308 HomeGroupListener - ok
21:22:41.0487 4308 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:22:41.0509 4308 HomeGroupProvider - ok
21:22:41.0531 4308 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:22:41.0543 4308 HpSAMD - ok
21:22:41.0628 4308 [ 1664905CC1F7F176F8A592720D9629B9 ] hshld C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
21:22:41.0641 4308 hshld - ok
21:22:41.0673 4308 [ 37B08E0921417BEB7A39FA80E47D43FC ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
21:22:41.0684 4308 HssDRV6 - ok
21:22:41.0716 4308 [ F01ED33CD4242EDC81E5DE532571F47F ] HssSrv C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
21:22:41.0728 4308 HssSrv - ok
21:22:41.0737 4308 [ 8B20915B82ACFE7108C3BFA45C0383AE ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
21:22:41.0744 4308 HssTrayService - ok
21:22:41.0761 4308 [ 35E91DF99B8CEAA477E0AB86052475D6 ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
21:22:41.0772 4308 HssWd - ok
21:22:41.0807 4308 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:22:41.0861 4308 HTTP - ok
21:22:41.0879 4308 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:22:41.0887 4308 hwpolicy - ok
21:22:41.0891 4308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:22:41.0905 4308 i8042prt - ok
21:22:41.0948 4308 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
21:22:41.0967 4308 iaStorV - ok
21:22:42.0018 4308 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:22:42.0054 4308 idsvc - ok
21:22:42.0154 4308 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:22:42.0251 4308 igfx - ok
21:22:42.0282 4308 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:22:42.0294 4308 iirsp - ok
21:22:42.0343 4308 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
21:22:42.0388 4308 IKEEXT - ok
21:22:42.0399 4308 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:22:42.0409 4308 intelide - ok
21:22:42.0434 4308 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:22:42.0459 4308 intelppm - ok
21:22:42.0470 4308 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:22:42.0508 4308 IPBusEnum - ok
21:22:42.0533 4308 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:22:42.0565 4308 IpFilterDriver - ok
21:22:42.0568 4308 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:22:42.0590 4308 IPMIDRV - ok
21:22:42.0600 4308 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:22:42.0643 4308 IPNAT - ok
21:22:42.0664 4308 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:22:42.0678 4308 IRENUM - ok
21:22:42.0687 4308 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:22:42.0699 4308 isapnp - ok
21:22:42.0703 4308 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:22:42.0719 4308 iScsiPrt - ok
21:22:42.0730 4308 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:22:42.0742 4308 kbdclass - ok
21:22:42.0759 4308 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:22:42.0771 4308 kbdhid - ok
21:22:42.0785 4308 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
21:22:42.0794 4308 KeyIso - ok
21:22:42.0814 4308 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:22:42.0823 4308 KSecDD - ok
21:22:42.0834 4308 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:22:42.0843 4308 KSecPkg - ok
21:22:42.0874 4308 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:22:42.0918 4308 ksthunk - ok
21:22:42.0962 4308 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:22:43.0064 4308 KtmRm - ok
21:22:43.0139 4308 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:22:43.0181 4308 LanmanServer - ok
21:22:43.0205 4308 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:22:43.0246 4308 LanmanWorkstation - ok
21:22:43.0285 4308 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:22:43.0328 4308 lltdio - ok
21:22:43.0360 4308 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:22:43.0396 4308 lltdsvc - ok
21:22:43.0405 4308 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:22:43.0434 4308 lmhosts - ok
21:22:43.0447 4308 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:22:43.0460 4308 LSI_FC - ok
21:22:43.0464 4308 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:22:43.0477 4308 LSI_SAS - ok
21:22:43.0486 4308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:22:43.0499 4308 LSI_SAS2 - ok
21:22:43.0502 4308 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:22:43.0515 4308 LSI_SCSI - ok
21:22:43.0519 4308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:22:43.0562 4308 luafv - ok
21:22:43.0594 4308 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:22:43.0627 4308 Mcx2Svc - ok
21:22:43.0654 4308 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:22:43.0666 4308 megasas - ok
21:22:43.0677 4308 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:22:43.0694 4308 MegaSR - ok
21:22:43.0761 4308 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service D:\Programme\Office12\GrooveAuditService.exe
21:22:43.0769 4308 Microsoft Office Groove Audit Service - ok
21:22:43.0791 4308 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:22:43.0837 4308 MMCSS - ok
21:22:43.0851 4308 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:22:43.0896 4308 Modem - ok
21:22:43.0918 4308 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:22:43.0936 4308 monitor - ok
21:22:43.0968 4308 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:22:43.0980 4308 mouclass - ok
21:22:44.0001 4308 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:22:44.0029 4308 mouhid - ok
21:22:44.0052 4308 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:22:44.0062 4308 mountmgr - ok
21:22:44.0103 4308 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:22:44.0112 4308 MozillaMaintenance - ok
21:22:44.0116 4308 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:22:44.0131 4308 mpio - ok
21:22:44.0134 4308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:22:44.0182 4308 mpsdrv - ok
21:22:44.0194 4308 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:22:44.0226 4308 MRxDAV - ok
21:22:44.0256 4308 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:22:44.0266 4308 mrxsmb - ok
21:22:44.0281 4308 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:22:44.0308 4308 mrxsmb10 - ok
21:22:44.0326 4308 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:22:44.0347 4308 mrxsmb20 - ok
21:22:44.0371 4308 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:22:44.0379 4308 msahci - ok
21:22:44.0393 4308 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:22:44.0408 4308 msdsm - ok
21:22:44.0424 4308 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:22:44.0454 4308 MSDTC - ok
21:22:44.0482 4308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:22:44.0510 4308 Msfs - ok
21:22:44.0517 4308 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:22:44.0554 4308 mshidkmdf - ok
21:22:44.0564 4308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:22:44.0572 4308 msisadrv - ok
21:22:44.0603 4308 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:22:44.0646 4308 MSiSCSI - ok
21:22:44.0648 4308 msiserver - ok
21:22:44.0687 4308 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:22:44.0727 4308 MSKSSRV - ok
21:22:44.0741 4308 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:22:44.0785 4308 MSPCLOCK - ok
21:22:44.0801 4308 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:22:44.0842 4308 MSPQM - ok
21:22:44.0861 4308 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:22:44.0874 4308 MsRPC - ok
21:22:44.0887 4308 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:22:44.0896 4308 mssmbios - ok
21:22:44.0915 4308 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:22:44.0956 4308 MSTEE - ok
21:22:44.0979 4308 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:22:44.0999 4308 MTConfig - ok
21:22:45.0016 4308 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:22:45.0025 4308 Mup - ok
21:22:45.0053 4308 [ 7E11D1788F5B531D49EF0AF97202437B ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:22:45.0062 4308 MyWiFiDHCPDNS - ok
21:22:45.0090 4308 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
21:22:45.0137 4308 napagent - ok
21:22:45.0160 4308 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:22:45.0191 4308 NativeWifiP - ok
21:22:45.0239 4308 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:22:45.0261 4308 NDIS - ok
21:22:45.0287 4308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:22:45.0319 4308 NdisCap - ok
21:22:45.0343 4308 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:22:45.0380 4308 NdisTapi - ok
21:22:45.0397 4308 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:22:45.0438 4308 Ndisuio - ok
21:22:45.0442 4308 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:22:45.0476 4308 NdisWan - ok
21:22:45.0500 4308 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:22:45.0541 4308 NDProxy - ok
21:22:45.0553 4308 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:22:45.0589 4308 NetBIOS - ok
21:22:45.0621 4308 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:22:45.0657 4308 NetBT - ok
21:22:45.0670 4308 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
21:22:45.0679 4308 Netlogon - ok
21:22:45.0701 4308 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:22:45.0748 4308 Netman - ok
21:22:45.0754 4308 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:22:45.0794 4308 netprofm - ok
21:22:45.0825 4308 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:22:45.0838 4308 NetTcpPortSharing - ok
21:22:46.0023 4308 [ 219A40EEEA50D638BA9D08680C354A0C ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
21:22:46.0248 4308 NETwNs64 - ok
21:22:46.0279 4308 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:22:46.0291 4308 nfrd960 - ok
21:22:46.0321 4308 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:22:46.0368 4308 NlaSvc - ok
21:22:46.0381 4308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:22:46.0421 4308 Npfs - ok
21:22:46.0432 4308 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:22:46.0465 4308 nsi - ok
21:22:46.0481 4308 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:22:46.0522 4308 nsiproxy - ok
21:22:46.0566 4308 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:22:46.0600 4308 Ntfs - ok
21:22:46.0619 4308 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:22:46.0664 4308 Null - ok
21:22:46.0688 4308 [ D584ABB6A308933A5F72B46C9E5A783F ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:22:46.0710 4308 nusb3hub - ok
21:22:46.0746 4308 [ 345B9C04E2036DA4346E3249A5BDFD06 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:22:46.0770 4308 nusb3xhc - ok
21:22:46.0798 4308 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:22:46.0813 4308 NVHDA - ok
21:22:46.0842 4308 [ 383DD5C4379181391FE8295DCBDB0842 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
21:22:46.0859 4308 nvkflt - ok
21:22:47.0043 4308 [ 72FE63F6217DCEDF278084998B9546C1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:22:47.0308 4308 nvlddmkm - ok
21:22:47.0334 4308 [ 08C08A879E131077C1F6E1D847A6D8B8 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
21:22:47.0341 4308 nvpciflt - ok
21:22:47.0368 4308 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
21:22:47.0382 4308 nvraid - ok
21:22:47.0407 4308 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
21:22:47.0421 4308 nvstor - ok
21:22:47.0478 4308 [ BD0762F934B869FB069811E230DB901D ] nvsvc C:\Windows\system32\nvvsvc.exe
21:22:47.0497 4308 nvsvc - ok
21:22:47.0556 4308 [ EC3EF0B716516E703BD5B7BC990322D0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:22:47.0590 4308 nvUpdatusService - ok
21:22:47.0614 4308 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
21:22:47.0628 4308 nv_agp - ok
21:22:47.0688 4308 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:22:47.0701 4308 odserv - ok
21:22:47.0717 4308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
21:22:47.0745 4308 ohci1394 - ok
21:22:47.0788 4308 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:22:47.0796 4308 ose - ok
21:22:47.0839 4308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:22:47.0873 4308 p2pimsvc - ok
21:22:47.0890 4308 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:22:47.0903 4308 p2psvc - ok
21:22:47.0932 4308 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:22:47.0946 4308 Parport - ok
21:22:47.0970 4308 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:22:47.0979 4308 partmgr - ok
21:22:47.0990 4308 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:22:48.0015 4308 PcaSvc - ok
21:22:48.0034 4308 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
21:22:48.0044 4308 pci - ok
21:22:48.0055 4308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
21:22:48.0065 4308 pciide - ok
21:22:48.0070 4308 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:22:48.0086 4308 pcmcia - ok
21:22:48.0100 4308 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:22:48.0109 4308 pcw - ok
21:22:48.0117 4308 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:22:48.0193 4308 PEAUTH - ok
21:22:48.0285 4308 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:22:48.0306 4308 PerfHost - ok
21:22:48.0360 4308 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
21:22:48.0412 4308 pla - ok
21:22:48.0442 4308 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:22:48.0481 4308 PlugPlay - ok
21:22:48.0495 4308 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:22:48.0515 4308 PNRPAutoReg - ok
21:22:48.0531 4308 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:22:48.0543 4308 PNRPsvc - ok
21:22:48.0578 4308 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:22:48.0628 4308 PolicyAgent - ok
21:22:48.0660 4308 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:22:48.0703 4308 Power - ok
21:22:48.0737 4308 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:22:48.0780 4308 PptpMiniport - ok
21:22:48.0794 4308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:22:48.0820 4308 Processor - ok
21:22:48.0843 4308 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
21:22:48.0864 4308 ProfSvc - ok
21:22:48.0878 4308 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:22:48.0887 4308 ProtectedStorage - ok
21:22:48.0897 4308 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:22:48.0935 4308 Psched - ok
21:22:48.0973 4308 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:22:49.0012 4308 ql2300 - ok
21:22:49.0035 4308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:22:49.0050 4308 ql40xx - ok
21:22:49.0074 4308 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:22:49.0102 4308 QWAVE - ok
21:22:49.0113 4308 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:22:49.0139 4308 QWAVEdrv - ok
21:22:49.0160 4308 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:22:49.0200 4308 RasAcd - ok
21:22:49.0229 4308 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:22:49.0263 4308 RasAgileVpn - ok
21:22:49.0286 4308 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:22:49.0315 4308 RasAuto - ok
21:22:49.0334 4308 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:22:49.0374 4308 Rasl2tp - ok
21:22:49.0386 4308 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
21:22:49.0432 4308 RasMan - ok
21:22:49.0451 4308 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:22:49.0493 4308 RasPppoe - ok
21:22:49.0508 4308 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:22:49.0550 4308 RasSstp - ok
21:22:49.0570 4308 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:22:49.0609 4308 rdbss - ok
21:22:49.0619 4308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:22:49.0633 4308 rdpbus - ok
21:22:49.0652 4308 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:22:49.0682 4308 RDPCDD - ok
21:22:49.0705 4308 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:22:49.0745 4308 RDPENCDD - ok
21:22:49.0752 4308 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:22:49.0782 4308 RDPREFMP - ok
21:22:49.0806 4308 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:22:49.0840 4308 RDPWD - ok
21:22:49.0863 4308 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:22:49.0873 4308 rdyboost - ok
21:22:49.0942 4308 [ F09087C51C6AE42AE7DABE1EB3E44C17 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:22:49.0950 4308 RegSrvc - ok
21:22:49.0983 4308 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:22:50.0019 4308 RemoteAccess - ok
21:22:50.0042 4308 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:22:50.0078 4308 RemoteRegistry - ok
21:22:50.0081 4308 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:22:50.0123 4308 RpcEptMapper - ok
21:22:50.0142 4308 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:22:50.0151 4308 RpcLocator - ok
21:22:50.0166 4308 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
21:22:50.0199 4308 RpcSs - ok
21:22:50.0221 4308 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:22:50.0261 4308 rspndr - ok
21:22:50.0331 4308 [ 7F7B8CDE26C4943C9465E412ADBB790F ] RTCore64 D:\MSI Afterburner\RTCore64.sys
21:22:50.0339 4308 RTCore64 - ok
21:22:50.0353 4308 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
21:22:50.0364 4308 SamSs - ok
21:22:50.0367 4308 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
21:22:50.0381 4308 sbp2port - ok
21:22:50.0404 4308 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:22:50.0445 4308 SCardSvr - ok
21:22:50.0468 4308 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:22:50.0513 4308 scfilter - ok
21:22:50.0550 4308 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
21:22:50.0597 4308 Schedule - ok
21:22:50.0615 4308 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:22:50.0643 4308 SCPolicySvc - ok
21:22:50.0666 4308 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:22:50.0700 4308 SDRSVC - ok
21:22:50.0733 4308 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:22:50.0779 4308 secdrv - ok
21:22:50.0791 4308 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
21:22:50.0827 4308 seclogon - ok
21:22:50.0851 4308 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:22:50.0892 4308 SENS - ok
21:22:50.0911 4308 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:22:50.0942 4308 SensrSvc - ok
21:22:50.0952 4308 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:22:50.0972 4308 Serenum - ok
21:22:50.0991 4308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:22:51.0006 4308 Serial - ok
21:22:51.0022 4308 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:22:51.0044 4308 sermouse - ok
21:22:51.0059 4308 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
21:22:51.0089 4308 SessionEnv - ok
21:22:51.0091 4308 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
21:22:51.0116 4308 sffdisk - ok
21:22:51.0119 4308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:22:51.0133 4308 sffp_mmc - ok
21:22:51.0135 4308 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
21:22:51.0161 4308 sffp_sd - ok
21:22:51.0164 4308 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:22:51.0186 4308 sfloppy - ok
21:22:51.0214 4308 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:22:51.0244 4308 ShellHWDetection - ok
21:22:51.0268 4308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:22:51.0280 4308 SiSRaid2 - ok
21:22:51.0292 4308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:22:51.0304 4308 SiSRaid4 - ok
21:22:51.0329 4308 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:22:51.0371 4308 Smb - ok
21:22:51.0405 4308 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:22:51.0421 4308 SNMPTRAP - ok
21:22:51.0432 4308 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:22:51.0440 4308 spldr - ok
21:22:51.0470 4308 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
21:22:51.0507 4308 Spooler - ok
21:22:51.0569 4308 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
21:22:51.0635 4308 sppsvc - ok
21:22:51.0661 4308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:22:51.0704 4308 sppuinotify - ok
21:22:51.0729 4308 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:22:51.0748 4308 srv - ok
21:22:51.0760 4308 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:22:51.0773 4308 srv2 - ok
21:22:51.0790 4308 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:22:51.0800 4308 srvnet - ok
21:22:51.0838 4308 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:22:51.0881 4308 SSDPSRV - ok
21:22:51.0884 4308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:22:51.0913 4308 SstpSvc - ok
21:22:51.0935 4308 Steam Client Service - ok
21:22:51.0964 4308 [ 5B88F25C65FFA399FF91D9595A274255 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:22:51.0975 4308 Stereo Service - ok
21:22:51.0994 4308 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:22:52.0005 4308 stexstor - ok
21:22:52.0034 4308 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
21:22:52.0055 4308 stisvc - ok
21:22:52.0064 4308 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:22:52.0075 4308 swenum - ok
21:22:52.0104 4308 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:22:52.0139 4308 swprv - ok
21:22:52.0178 4308 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
21:22:52.0222 4308 SysMain - ok
21:22:52.0235 4308 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:22:52.0256 4308 TabletInputService - ok
21:22:52.0293 4308 [ 8B9FD32C71F29DF235A27CE9FF4F19DC ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
21:22:52.0304 4308 taphss6 - ok
21:22:52.0332 4308 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
21:22:52.0388 4308 TapiSrv - ok
21:22:52.0403 4308 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:22:52.0432 4308 TBS - ok
21:22:52.0496 4308 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:22:52.0533 4308 Tcpip - ok
21:22:52.0554 4308 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:22:52.0585 4308 TCPIP6 - ok
21:22:52.0613 4308 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:22:52.0644 4308 tcpipreg - ok
21:22:52.0662 4308 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:22:52.0691 4308 TDPIPE - ok
21:22:52.0712 4308 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:22:52.0751 4308 TDTCP - ok
21:22:52.0766 4308 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:22:52.0807 4308 tdx - ok
21:22:52.0839 4308 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:22:52.0852 4308 TermDD - ok
21:22:52.0878 4308 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
21:22:52.0918 4308 TermService - ok
21:22:52.0929 4308 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:22:52.0956 4308 Themes - ok
21:22:52.0967 4308 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:22:52.0997 4308 THREADORDER - ok
21:22:53.0007 4308 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:22:53.0050 4308 TrkWks - ok
21:22:53.0088 4308 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:22:53.0099 4308 TrustedInstaller - ok
21:22:53.0114 4308 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:22:53.0165 4308 tssecsrv - ok
21:22:53.0241 4308 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:22:53.0345 4308 tunnel - ok
21:22:53.0379 4308 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:22:53.0392 4308 uagp35 - ok
21:22:53.0412 4308 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:22:53.0462 4308 udfs - ok
21:22:53.0487 4308 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:22:53.0507 4308 UI0Detect - ok
21:22:53.0519 4308 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
21:22:53.0531 4308 uliagpkx - ok
21:22:53.0546 4308 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:22:53.0570 4308 umbus - ok
21:22:53.0604 4308 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:22:53.0627 4308 UmPass - ok
21:22:53.0646 4308 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:22:53.0678 4308 upnphost - ok
21:22:53.0703 4308 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:22:53.0738 4308 usbccgp - ok
21:22:53.0742 4308 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
21:22:53.0771 4308 usbcir - ok
21:22:53.0786 4308 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:22:53.0800 4308 usbehci - ok
21:22:53.0821 4308 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:22:53.0853 4308 usbhub - ok
21:22:53.0867 4308 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:22:53.0892 4308 usbohci - ok
21:22:53.0930 4308 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:22:53.0946 4308 usbprint - ok
21:22:53.0971 4308 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:22:53.0987 4308 usbscan - ok
21:22:54.0003 4308 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:22:54.0027 4308 USBSTOR - ok
21:22:54.0029 4308 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:22:54.0051 4308 usbuhci - ok
21:22:54.0093 4308 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:22:54.0116 4308 usbvideo - ok
21:22:54.0135 4308 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:22:54.0164 4308 UxSms - ok
21:22:54.0178 4308 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
21:22:54.0187 4308 VaultSvc - ok
21:22:54.0226 4308 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
21:22:54.0234 4308 vdrvroot - ok
21:22:54.0256 4308 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
21:22:54.0283 4308 vds - ok
21:22:54.0297 4308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:22:54.0312 4308 vga - ok
21:22:54.0325 4308 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:22:54.0364 4308 VgaSave - ok
21:22:54.0369 4308 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
21:22:54.0386 4308 vhdmp - ok
21:22:54.0396 4308 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
21:22:54.0407 4308 viaide - ok
21:22:54.0417 4308 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
21:22:54.0426 4308 volmgr - ok
21:22:54.0442 4308 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:22:54.0456 4308 volmgrx - ok
21:22:54.0476 4308 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:22:54.0489 4308 volsnap - ok
21:22:54.0564 4308 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:22:54.0579 4308 vsmraid - ok
21:22:54.0682 4308 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
21:22:54.0735 4308 VSS - ok
21:22:54.0746 4308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:22:54.0776 4308 vwifibus - ok
21:22:54.0794 4308 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:22:54.0826 4308 vwififlt - ok
21:22:54.0846 4308 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:22:54.0861 4308 vwifimp - ok
21:22:54.0897 4308 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:22:54.0931 4308 W32Time - ok
21:22:54.0957 4308 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:22:54.0977 4308 WacomPen - ok
21:22:55.0030 4308 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:22:55.0074 4308 WANARP - ok
21:22:55.0077 4308 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:22:55.0106 4308 Wanarpv6 - ok
21:22:55.0136 4308 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
21:22:55.0192 4308 wbengine - ok
21:22:55.0197 4308 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:22:55.0212 4308 WbioSrvc - ok
21:22:55.0305 4308 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:22:55.0342 4308 wcncsvc - ok
21:22:55.0363 4308 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:22:55.0384 4308 WcsPlugInService - ok
21:22:55.0412 4308 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:22:55.0424 4308 Wd - ok
21:22:55.0442 4308 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:22:55.0464 4308 Wdf01000 - ok
21:22:55.0476 4308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:22:55.0490 4308 WdiServiceHost - ok
21:22:55.0492 4308 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:22:55.0507 4308 WdiSystemHost - ok
21:22:55.0533 4308 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
21:22:55.0578 4308 WebClient - ok
21:22:55.0602 4308 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:22:55.0634 4308 Wecsvc - ok
21:22:55.0649 4308 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:22:55.0678 4308 wercplsupport - ok
21:22:55.0695 4308 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:22:55.0727 4308 WerSvc - ok
21:22:55.0752 4308 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:22:55.0781 4308 WfpLwf - ok
21:22:55.0791 4308 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:22:55.0802 4308 WIMMount - ok
21:22:55.0804 4308 WinHttpAutoProxySvc - ok
21:22:55.0846 4308 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:22:55.0891 4308 Winmgmt - ok
21:22:55.0945 4308 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
21:22:56.0015 4308 WinRM - ok
21:22:56.0077 4308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:22:56.0115 4308 Wlansvc - ok
21:22:56.0147 4308 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:22:56.0170 4308 WmiAcpi - ok
21:22:56.0194 4308 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:22:56.0218 4308 wmiApSrv - ok
21:22:56.0242 4308 WMPNetworkSvc - ok
21:22:56.0260 4308 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:22:56.0283 4308 WPCSvc - ok
21:22:56.0294 4308 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:22:56.0307 4308 WPDBusEnum - ok
21:22:56.0328 4308 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:22:56.0372 4308 ws2ifsl - ok
21:22:56.0374 4308 WSearch - ok
21:22:56.0392 4308 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:22:56.0414 4308 WudfPf - ok
21:22:56.0450 4308 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:22:56.0474 4308 WUDFRd - ok
21:22:56.0493 4308 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:22:56.0514 4308 wudfsvc - ok
21:22:56.0657 4308 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:22:56.0701 4308 WwanSvc - ok
21:22:56.0794 4308 [ 5BCB1F6CB749B6826BE1C0F16FF2F600 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:22:56.0853 4308 ZeroConfigService - ok
21:22:56.0860 4308 ================ Scan global ===============================
21:22:56.0886 4308 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:22:56.0907 4308 [ C4C551E6AB333C0EB812A3A4672E89DB ] C:\Windows\system32\winsrv.dll
21:22:56.0914 4308 [ C4C551E6AB333C0EB812A3A4672E89DB ] C:\Windows\system32\winsrv.dll
21:22:56.0941 4308 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:22:56.0975 4308 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:22:56.0978 4308 [Global] - ok
21:22:56.0978 4308 ================ Scan MBR ==================================
21:22:56.0991 4308 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:22:57.0910 4308 \Device\Harddisk0\DR0 - ok
21:22:57.0911 4308 ================ Scan VBR ==================================
21:22:57.0940 4308 [ BD8AA5CDC1A9A17840F57DE9F93803C6 ] \Device\Harddisk0\DR0\Partition1
21:22:57.0941 4308 \Device\Harddisk0\DR0\Partition1 - ok
21:22:57.0962 4308 [ 5A7E2CC1D340B357904A0F99FB76C1A2 ] \Device\Harddisk0\DR0\Partition2
21:22:58.0038 4308 \Device\Harddisk0\DR0\Partition2 - ok
21:22:58.0048 4308 [ 0F048A51C925D6207AC06C195CE9147D ] \Device\Harddisk0\DR0\Partition3
21:22:58.0049 4308 \Device\Harddisk0\DR0\Partition3 - ok
21:22:58.0050 4308 ============================================================
21:22:58.0050 4308 Scan finished
21:22:58.0050 4308 ============================================================
21:22:58.0056 5860 Detected object count: 0
21:22:58.0056 5860 Actual detected object count: 0
hallo, also der Trojaner geistert jetzt schon 3 Tage bei mir rum und ich glaube dadurch wird es nicht besser oder? Deswegen würde ich es angebracht finden, dass sich ein anderer Moderator mit einklinkt und mir eventuell helfen könnte, da es markusg zeitlich meiner Meinung nach nicht gelöst bekommt. ( jeden Tag ein Reply?) mfg |
|
15.01.2013, 21:17
| #8 | |
| /// Malware-holic | TR/Atraps.gen2 Trojaner sehr gut. combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.01.2013, 23:20
| #9 |
| | TR/Atraps.gen2 TrojanerCode:
ATTFilter ComboFix 13-01-15.02 - Roy 15.01.2013 23:08:10.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.8086.5969 [GMT 1:00]
ausgeführt von:: c:\users\Roy\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-18\$79d74d7b994e981d7e19bb4b4151ce3d\@
c:\$recycle.bin\S-1-5-18\$79d74d7b994e981d7e19bb4b4151ce3d\n
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\Roaming
c:\users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
c:\users\Roy\wgsdgsdgdsgsd.dll
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-15 bis 2013-01-15 ))))))))))))))))))))))))))))))
.
.
2013-01-15 14:23 . 2007-07-12 23:00 83968 ----a-w- c:\windows\system32\esxcwiad.dll
2013-01-15 14:23 . 2013-01-15 14:23 -------- d-----w- c:\program files (x86)\epson
2013-01-13 18:48 . 2013-01-13 18:48 -------- d-----w- c:\users\Roy\AppData\Roaming\Avira
2013-01-13 18:43 . 2013-01-13 18:43 -------- d-----w- c:\program files (x86)\Ask.com
2013-01-13 18:42 . 2012-12-03 14:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-01-13 18:42 . 2012-12-03 14:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-01-13 18:42 . 2012-11-16 19:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-01-13 18:42 . 2013-01-13 18:43 -------- d-----w- c:\programdata\Avira
2013-01-13 17:37 . 2013-01-13 17:39 -------- d-----w- c:\windows\rescache
2013-01-12 18:12 . 2013-01-12 18:12 -------- d-----w- c:\programdata\REVOLT
2013-01-12 01:18 . 2013-01-12 01:18 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2013-01-11 14:13 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9CEE454-450E-4E3B-88D3-2262CA6EDC7C}\mpengine.dll
2013-01-09 13:50 . 2012-11-02 05:30 2001408 ----a-w- c:\windows\system32\msxml6.dll
2013-01-06 17:19 . 2013-01-06 17:19 -------- d-----w- c:\users\Roy\AppData\Roaming\Command and Conquer 4
2013-01-04 23:49 . 2013-01-04 23:49 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-01-02 16:04 . 2013-01-03 22:54 -------- d-----w- c:\users\Roy\AppData\Roaming\Command & Conquer 3 Kanes Rache
2013-01-02 15:54 . 2013-01-02 15:54 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-31 09:47 . 2012-12-31 09:47 -------- d-----w- c:\users\Roy\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2012-12-31 09:28 . 2012-12-31 09:28 -------- d--h--r- c:\users\Roy\AppData\Roaming\SecuROM
2012-12-30 20:13 . 2012-12-30 20:13 -------- d-----w- c:\users\Roy\AppData\Local\SKIDROW
2012-12-30 20:10 . 2012-12-30 20:10 -------- d-----w- c:\users\Roy\AppData\Local\My Games
2012-12-24 14:35 . 2012-12-24 14:35 -------- d-----w- c:\program files (x86)\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 10:52 . 2012-11-24 04:20 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-12 10:52 . 2012-11-24 04:20 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-30 04:56 . 2013-01-09 13:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-24 10:06 . 2012-11-24 10:06 319488 ----a-w- c:\windows\HideWin.exe
2012-11-24 10:06 . 2012-11-24 10:06 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-24 09:16 . 2012-11-24 09:16 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-24 09:16 . 2012-11-24 09:16 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-24 09:16 . 2012-11-24 09:16 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-11-24 09:16 . 2012-11-24 09:16 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-11-24 09:16 . 2012-11-24 09:16 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-11-24 09:16 . 2012-11-24 09:16 82432 ----a-w- c:\windows\system32\icardie.dll
2012-11-24 09:16 . 2012-11-24 09:16 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-11-24 09:16 . 2012-11-24 09:16 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-11-24 09:16 . 2012-11-24 09:16 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-11-24 09:16 . 2012-11-24 09:16 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-11-24 09:16 . 2012-11-24 09:16 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-11-24 09:16 . 2012-11-24 09:16 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-11-24 09:16 . 2012-11-24 09:16 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-11-24 09:16 . 2012-11-24 09:16 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-11-24 09:16 . 2012-11-24 09:16 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-11-24 09:16 . 2012-11-24 09:16 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-11-24 09:16 . 2012-11-24 09:16 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-24 09:16 . 2012-11-24 09:16 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-11-24 09:16 . 2012-11-24 09:16 448512 ----a-w- c:\windows\system32\html.iec
2012-11-24 09:16 . 2012-11-24 09:16 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-11-24 09:16 . 2012-11-24 09:16 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-11-24 09:16 . 2012-11-24 09:16 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-11-24 09:16 . 2012-11-24 09:16 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-11-24 09:16 . 2012-11-24 09:16 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-11-24 09:16 . 2012-11-24 09:16 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-24 09:16 . 2012-11-24 09:16 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-11-24 09:16 . 2012-11-24 09:16 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-11-24 09:16 . 2012-11-24 09:16 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-11-24 09:16 . 2012-11-24 09:16 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-11-24 09:16 . 2012-11-24 09:16 222208 ----a-w- c:\windows\system32\msls31.dll
2012-11-24 09:16 . 2012-11-24 09:16 197120 ----a-w- c:\windows\system32\msrating.dll
2012-11-24 09:16 . 2012-11-24 09:16 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-11-24 09:16 . 2012-11-24 09:16 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-11-24 09:16 . 2012-11-24 09:16 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-11-24 09:16 . 2012-11-24 09:16 160256 ----a-w- c:\windows\system32\wextract.exe
2012-11-24 09:16 . 2012-11-24 09:16 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-11-24 09:16 . 2012-11-24 09:16 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-11-24 09:16 . 2012-11-24 09:16 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-11-24 09:16 . 2012-11-24 09:16 149504 ----a-w- c:\windows\system32\occache.dll
2012-11-24 09:16 . 2012-11-24 09:16 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-11-24 09:16 . 2012-11-24 09:16 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-11-24 09:16 . 2012-11-24 09:16 12288 ----a-w- c:\windows\system32\mshta.exe
2012-11-24 09:16 . 2012-11-24 09:16 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-11-24 09:16 . 2012-11-24 09:16 114176 ----a-w- c:\windows\system32\admparse.dll
2012-11-24 09:16 . 2012-11-24 09:16 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-24 09:16 . 2012-11-24 09:16 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-11-24 09:16 . 2012-11-24 09:16 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-11-24 09:16 . 2012-11-24 09:16 103936 ----a-w- c:\windows\system32\inseng.dll
2012-11-24 09:16 . 2012-11-24 09:16 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-11-24 04:08 . 2012-11-24 04:08 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-24 04:07 . 2012-11-24 04:08 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-24 04:07 . 2012-11-24 04:08 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-18 16:26 . 2012-11-24 12:13 9271352 ----a-w- c:\windows\system32\nvcuda.dll
2012-11-18 16:26 . 2012-11-24 12:13 7819016 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-11-18 16:26 . 2012-11-24 12:13 7446192 ----a-w- c:\windows\system32\nvopencl.dll
2012-11-18 16:26 . 2012-11-24 12:13 6149904 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-11-18 16:26 . 2012-11-24 12:13 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-11-18 16:26 . 2012-11-24 12:13 284008 ----a-w- c:\windows\system32\drivers\nvkflt.sys
2012-11-18 16:26 . 2012-11-24 12:13 2784104 ----a-w- c:\windows\system32\nvcuvid.dll
2012-11-18 16:26 . 2012-11-24 12:13 26811240 ----a-w- c:\windows\system32\nvoglv64.dll
2012-11-18 16:26 . 2012-11-24 12:13 2606440 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-11-18 16:26 . 2012-11-24 12:13 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-11-18 16:26 . 2012-11-24 12:13 2226024 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-18 16:26 . 2012-11-24 12:13 20335976 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-11-18 16:26 . 2012-11-24 12:13 1874280 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-11-18 16:26 . 2012-11-24 12:13 18045968 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-11-18 16:26 . 2012-11-24 12:13 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-11-18 16:26 . 2012-11-24 12:13 14953920 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-11-18 16:26 . 2012-11-24 12:13 12542672 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-11-18 16:26 . 2012-11-24 12:13 11528040 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-11-18 16:26 . 2012-10-08 10:42 841272 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-11-18 16:26 . 2012-10-08 10:42 1504104 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-11-18 16:26 . 2012-10-08 10:42 2496976 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-11-18 16:26 . 2012-10-08 10:42 983936 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-11-18 16:26 . 2012-10-08 10:42 15122280 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-11-18 16:26 . 2012-10-08 10:42 245432 ----a-w- c:\windows\system32\nvinitx.dll
2012-11-18 16:26 . 2012-10-08 10:42 201136 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-11-18 16:26 . 2012-10-08 10:42 2816824 ----a-w- c:\windows\system32\nvapi64.dll
2012-11-18 16:26 . 2012-10-08 10:42 1805672 ----a-w- c:\windows\system32\nvdispco64.dll
2012-11-18 13:09 . 2012-11-24 04:32 890216 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-18 13:09 . 2012-11-24 04:32 877928 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-11-18 13:09 . 2012-11-24 04:32 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-18 13:09 . 2012-11-24 04:32 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-11-18 13:09 . 2012-11-24 04:32 3603786 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-18 13:09 . 2012-11-24 04:32 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-18 13:09 . 2012-11-24 04:32 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-18 13:09 . 2012-11-24 04:32 3311464 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-18 13:09 . 2012-11-24 04:32 6223208 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-18 04:49 . 2012-11-18 04:49 438632 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-11-15 01:38 . 2012-11-15 01:38 40712 ----a-w- c:\windows\system32\drivers\taphss6.sys
2012-11-15 01:33 . 2012-11-15 01:33 42248 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-11-09 05:34 . 2012-12-12 02:44 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:49 . 2012-12-12 02:44 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:27 . 2012-12-12 02:43 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 04:48 . 2012-12-12 02:43 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{991D97B8-F0D8-4EA1-9100-7A65EA2D3A63}]
2012-08-28 06:53 84840 ----a-w- c:\users\Roy\AppData\Roaming\SenselessTV\bho.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-12-20 20:56 1521952 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-11-08 17:29 233288 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Roy\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"WirelessManager"="c:\program files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2010-07-28 194600]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Spotify Web Helper"="c:\users\Roy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-30 1199576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"GrooveMonitor"="d:\programme\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-12-20 1574176]
"avgnt"="d:\programme\avira\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-25 272688]
R3 RTCore64;RTCore64;d:\msi afterburner\RTCore64.sys [2012-11-19 13368]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-11-18 30056]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-24 283200]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-11-15 42248]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-11-18 284008]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
S2 AntiVirSchedulerService;Avira Planer;d:\programme\avira\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
S2 AntiVirWebService;Avira Browser-Schutz;d:\programme\avira\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-12-04 565024]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-11-15 527728]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-11-15 389488]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-18 382824]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-13 95744]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-13 212992]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-15 40712]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2012-06-25 4802864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Nach Microsoft E&xel exportieren - d:\progra~1\Office12\EXCEL.EXE/3000
LSP: d:\programme\avira\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Roy\AppData\Roaming\Mozilla\Firefox\Profiles\50atw7lq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://de-de.facebook.com/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=56bce785-82cd-4f6e-9383-4d8af298bcf8&apn_ptnrs=%5EAGS&apn_sauid=980322AE-BC2F-4FA0-BE19-2A22F04C6253&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=
FF - ExtSQL: 2012-12-09 03:44; afurladvisor@anchorfree.com; d:\programme\extensions\afurladvisor@anchorfree.com
FF - ExtSQL: 2012-12-09 23:50; support@Senseless.TV; c:\users\Roy\AppData\Roaming\SenselessTV\ffextension
FF - ExtSQL: 2013-01-13 19:43; toolbar@ask.com; c:\users\Roy\AppData\Roaming\Mozilla\Firefox\Profiles\50atw7lq.default\extensions\toolbar@ask.com
FF - ExtSQL: !HIDDEN! 2012-12-09 23:50; support@Senseless.TV; c:\users\Roy\AppData\Roaming\SenselessTV\ffextension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3912144494-1747458312-3632173641-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:16,81,ea,54,29,56,57,d5,a1,1c,04,b4,90,92,05,67,8a,81,38,e2,2f,dc,8b,
a4,34,7c,96,b4,f0,ff,15,ca,09,2d,e2,30,9f,ef,f3,9a,14,1b,14,61,e9,0b,1b,06,\
"??"=hex:b4,d0,75,48,79,14,2d,d9,dd,ea,e5,3f,40,40,a8,e9
.
[HKEY_USERS\S-1-5-21-3912144494-1747458312-3632173641-1000\Software\SecuROM\License information*]
"datasecu"=hex:a7,f4,c8,37,b8,fa,da,42,e5,44,63,d9,02,3f,54,a2,36,5b,bb,f5,3b,
bf,5b,ac,65,79,60,39,ea,8f,2e,94,f4,12,13,fb,ae,b9,ec,cb,aa,a8,ae,c9,09,1c,\
"rkeysecu"=hex:95,f4,20,b2,ec,e2,c2,c8,f6,1d,42,f4,aa,93,66,36
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\programme\avira\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Hotspot Shield\bin\openvpntray.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-15 23:18:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-01-15 22:18
.
Vor Suchlauf: 7.025.311.744 Bytes frei
Nach Suchlauf: 7.680.811.008 Bytes frei
.
- - End Of File - - 9739C03671317F38868E37B5E4B78D46
|
|
16.01.2013, 19:16
| #10 |
| /// Malware-holic | TR/Atraps.gen2 Trojaner malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.01.2013, 15:26
| #11 |
| | TR/Atraps.gen2 TrojanerCode:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.17.04 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Roy :: ROY-PC [Administrator] 17.01.2013 14:19:46 mbam-log-2013-01-17 (14-19-46).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 472354 Laufzeit: 55 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende)  |
|
17.01.2013, 17:10
| #12 |
| /// Malware-holic | TR/Atraps.gen2 Trojaner und welche Meldung, wenn du sie nicht postest, mit samt Fundort, kann ich sie nicht auswerten...
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.01.2013, 17:55
| #13 |
| | TR/Atraps.gen2 Trojaner reicht der screenshot nicht aus? hier nochmal einer mit den pfaden:  |
|
17.01.2013, 18:06
| #14 |
| /// Malware-holic | TR/Atraps.gen2 Trojaner hi avira öffnen, verwaltung, quarantäne, aktuellen Fund mit Pfadangabe als Text posten, danke.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.01.2013, 18:45
| #15 |
| | TR/Atraps.gen2 Trojaner C:\Users\Roy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\1ede2ede-12e09c1e C:\Qoobox\Quarantine\C\Windows\assembly\GAC_32\Desktop.ini.vir C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-18\$79d74d7b994e981d7e19bb4b4151ce3d\n.vir C:\Qoobox\Quarantine\C\Windows\assembly\GAC_64\Desktop.ini.vir C:\Qoobox\Quarantine\C\Users\Roy\wgsdgsdgdsgsd.dll.vir mfg |
|
| Themen zu TR/Atraps.gen2 Trojaner |
| atraps.gen, atraps.gen2, board, entferne, erkenn, erkennt, geschützte, ordner, scan, scanner, tr/atraps.gen, tr/atraps.gen2, troja, trojane, trojaner, trojaner atraps.gen2, virenscan, virenscanner |
Linear-Darstellung
