| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 100€ PaysafeCard Zahlung wegen UrheberrechtsverletzungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.06.2013, 17:44
| #16 |
| /// Malware-holic   |  100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 17:47
| #17 |
 | 100€ PaysafeCard Zahlung wegen UrheberrechtsverletzungCode:
ATTFilter 23:38:45.0006 2680 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:38:45.0146 2680 ============================================================
23:38:45.0146 2680 Current date / time: 2013/06/08 23:38:45.0146
23:38:45.0146 2680 SystemInfo:
23:38:45.0146 2680
23:38:45.0146 2680 OS Version: 6.1.7601 ServicePack: 1.0
23:38:45.0146 2680 Product type: Workstation
23:38:45.0146 2680 ComputerName: DEEKE-PC
23:38:45.0146 2680 UserName: Deeke
23:38:45.0146 2680 Windows directory: C:\Windows
23:38:45.0146 2680 System windows directory: C:\Windows
23:38:45.0146 2680 Running under WOW64
23:38:45.0146 2680 Processor architecture: Intel x64
23:38:45.0146 2680 Number of processors: 2
23:38:45.0146 2680 Page size: 0x1000
23:38:45.0146 2680 Boot type: Normal boot
23:38:45.0146 2680 ============================================================
23:38:46.0410 2680 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:38:46.0426 2680 ============================================================
23:38:46.0426 2680 \Device\Harddisk0\DR0:
23:38:46.0426 2680 MBR partitions:
23:38:46.0426 2680 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:38:46.0426 2680 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6176000
23:38:46.0426 2680 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0x1F285800
23:38:46.0426 2680 ============================================================
23:38:46.0472 2680 C: <-> \Device\Harddisk0\DR0\Partition2
23:38:46.0613 2680 D: <-> \Device\Harddisk0\DR0\Partition3
23:38:46.0613 2680 ============================================================
23:38:46.0613 2680 Initialize success
23:38:46.0613 2680 ============================================================
23:38:49.0998 3220 ============================================================
23:38:49.0998 3220 Scan started
23:38:49.0998 3220 Mode: Manual;
23:38:49.0998 3220 ============================================================
23:38:50.0872 3220 ================ Scan system memory ========================
23:38:50.0872 3220 System memory - ok
23:38:50.0872 3220 ================ Scan services =============================
23:38:51.0059 3220 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:38:51.0090 3220 1394ohci - ok
23:38:51.0137 3220 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:38:51.0137 3220 ACPI - ok
23:38:51.0199 3220 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:38:51.0215 3220 AcpiPmi - ok
23:38:51.0496 3220 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:38:51.0496 3220 AdobeARMservice - ok
23:38:52.0198 3220 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:38:52.0198 3220 AdobeFlashPlayerUpdateSvc - ok
23:38:52.0338 3220 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:38:52.0385 3220 adp94xx - ok
23:38:52.0447 3220 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:38:53.0024 3220 adpahci - ok
23:38:53.0118 3220 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:38:53.0180 3220 adpu320 - ok
23:38:53.0212 3220 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:38:53.0212 3220 AeLookupSvc - ok
23:38:53.0336 3220 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:38:53.0368 3220 AFD - ok
23:38:53.0446 3220 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:38:53.0492 3220 agp440 - ok
23:38:53.0586 3220 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:38:53.0617 3220 ALG - ok
23:38:53.0695 3220 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:38:53.0695 3220 aliide - ok
23:38:53.0711 3220 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:38:53.0726 3220 amdide - ok
23:38:53.0758 3220 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:38:53.0758 3220 AmdK8 - ok
23:38:53.0773 3220 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:38:53.0789 3220 AmdPPM - ok
23:38:53.0867 3220 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:38:53.0867 3220 amdsata - ok
23:38:53.0929 3220 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:38:53.0960 3220 amdsbs - ok
23:38:53.0992 3220 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:38:53.0992 3220 amdxata - ok
23:38:54.0163 3220 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:38:54.0163 3220 AntiVirSchedulerService - ok
23:38:54.0210 3220 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:38:54.0226 3220 AntiVirService - ok
23:38:54.0319 3220 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:38:54.0319 3220 AppID - ok
23:38:54.0350 3220 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:38:54.0366 3220 AppIDSvc - ok
23:38:54.0413 3220 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
23:38:54.0413 3220 Appinfo - ok
23:38:54.0491 3220 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:38:54.0491 3220 AppMgmt - ok
23:38:54.0522 3220 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:38:54.0538 3220 arc - ok
23:38:54.0553 3220 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:38:54.0569 3220 arcsas - ok
23:38:54.0600 3220 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:38:54.0600 3220 AsyncMac - ok
23:38:54.0694 3220 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:38:54.0694 3220 atapi - ok
23:38:54.0818 3220 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:38:54.0865 3220 AudioEndpointBuilder - ok
23:38:54.0912 3220 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:38:54.0912 3220 AudioSrv - ok
23:38:54.0943 3220 [ B1224E6B086CD6548315B04AB575A23E ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:38:54.0943 3220 avgntflt - ok
23:38:55.0021 3220 [ ED45F12CFA62B83765C9C1496758CC87 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:38:55.0021 3220 avipbb - ok
23:38:55.0068 3220 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:38:55.0084 3220 AxInstSV - ok
23:38:55.0162 3220 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:38:55.0208 3220 b06bdrv - ok
23:38:55.0286 3220 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:38:55.0302 3220 b57nd60a - ok
23:38:55.0474 3220 [ FB4FDA64F2E8552EAEB5986C3F34462C ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
23:38:55.0505 3220 BCM43XX - ok
23:38:55.0552 3220 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:38:55.0567 3220 BDESVC - ok
23:38:55.0614 3220 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:38:55.0630 3220 Beep - ok
23:38:55.0848 3220 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:38:55.0864 3220 BFE - ok
23:38:55.0988 3220 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:38:56.0035 3220 BITS - ok
23:38:56.0113 3220 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:38:56.0113 3220 blbdrive - ok
23:38:56.0191 3220 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:38:56.0207 3220 bowser - ok
23:38:56.0254 3220 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:38:56.0254 3220 BrFiltLo - ok
23:38:56.0285 3220 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:38:56.0300 3220 BrFiltUp - ok
23:38:56.0347 3220 [ C711ED965009BDCFF9AA62CEB6FF1AAD ] Brother XP spl Service C:\Windows\SysWOW64\brsvc01a.exe
23:38:56.0347 3220 Brother XP spl Service - ok
23:38:56.0410 3220 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:38:56.0410 3220 Browser - ok
23:38:56.0472 3220 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:38:56.0550 3220 Brserid - ok
23:38:56.0566 3220 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:38:56.0581 3220 BrSerWdm - ok
23:38:56.0612 3220 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:38:56.0612 3220 BrUsbMdm - ok
23:38:56.0644 3220 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:38:56.0644 3220 BrUsbSer - ok
23:38:56.0800 3220 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:38:56.0815 3220 BthEnum - ok
23:38:56.0831 3220 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:38:56.0846 3220 BTHMODEM - ok
23:38:56.0862 3220 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:38:56.0878 3220 BthPan - ok
23:38:56.0940 3220 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:38:56.0987 3220 BTHPORT - ok
23:38:57.0034 3220 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:38:57.0034 3220 bthserv - ok
23:38:57.0049 3220 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:38:57.0065 3220 BTHUSB - ok
23:38:57.0143 3220 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
23:38:57.0174 3220 CAXHWAZL - ok
23:38:57.0221 3220 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:38:57.0221 3220 cdfs - ok
23:38:57.0299 3220 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:38:57.0314 3220 cdrom - ok
23:38:57.0377 3220 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:38:57.0377 3220 CertPropSvc - ok
23:38:57.0408 3220 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:38:57.0408 3220 circlass - ok
23:38:57.0439 3220 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:38:57.0439 3220 CLFS - ok
23:38:57.0517 3220 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:38:57.0533 3220 clr_optimization_v2.0.50727_32 - ok
23:38:57.0595 3220 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:38:57.0595 3220 clr_optimization_v2.0.50727_64 - ok
23:38:57.0751 3220 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:38:57.0751 3220 clr_optimization_v4.0.30319_32 - ok
23:38:57.0829 3220 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:38:57.0829 3220 clr_optimization_v4.0.30319_64 - ok
23:38:57.0860 3220 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:38:57.0860 3220 CmBatt - ok
23:38:57.0923 3220 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:38:57.0938 3220 cmdide - ok
23:38:58.0001 3220 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:38:58.0063 3220 CNG - ok
23:38:58.0110 3220 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:38:58.0126 3220 Compbatt - ok
23:38:58.0188 3220 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:38:58.0188 3220 CompositeBus - ok
23:38:58.0204 3220 COMSysApp - ok
23:38:58.0235 3220 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:38:58.0235 3220 crcdisk - ok
23:38:58.0313 3220 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:38:58.0313 3220 CryptSvc - ok
23:38:58.0406 3220 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
23:38:58.0438 3220 CSC - ok
23:38:58.0484 3220 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
23:38:58.0500 3220 CscService - ok
23:38:58.0594 3220 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:38:58.0625 3220 DcomLaunch - ok
23:38:58.0703 3220 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:38:58.0843 3220 defragsvc - ok
23:38:58.0999 3220 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:38:58.0999 3220 DfsC - ok
23:38:59.0108 3220 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:38:59.0124 3220 Dhcp - ok
23:38:59.0202 3220 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:38:59.0202 3220 discache - ok
23:38:59.0233 3220 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:38:59.0249 3220 Disk - ok
23:38:59.0311 3220 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
23:38:59.0311 3220 DKbFltr - ok
23:38:59.0374 3220 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:38:59.0374 3220 Dnscache - ok
23:38:59.0436 3220 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:38:59.0452 3220 dot3svc - ok
23:38:59.0514 3220 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:38:59.0514 3220 DPS - ok
23:38:59.0576 3220 DritekPortIO - ok
23:38:59.0608 3220 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:38:59.0608 3220 drmkaud - ok
23:38:59.0717 3220 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:38:59.0732 3220 DXGKrnl - ok
23:38:59.0795 3220 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:38:59.0795 3220 EapHost - ok
23:38:59.0966 3220 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:39:00.0076 3220 ebdrv - ok
23:39:00.0154 3220 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:39:00.0154 3220 EFS - ok
23:39:00.0247 3220 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:39:00.0294 3220 ehRecvr - ok
23:39:00.0325 3220 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:39:00.0325 3220 ehSched - ok
23:39:00.0388 3220 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:39:00.0403 3220 elxstor - ok
23:39:00.0434 3220 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:39:00.0434 3220 ErrDev - ok
23:39:00.0497 3220 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:39:00.0497 3220 EventSystem - ok
23:39:00.0528 3220 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:39:00.0528 3220 exfat - ok
23:39:00.0559 3220 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:39:00.0559 3220 fastfat - ok
23:39:00.0653 3220 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:39:00.0668 3220 Fax - ok
23:39:00.0746 3220 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:39:00.0762 3220 fdc - ok
23:39:00.0778 3220 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:39:00.0778 3220 fdPHost - ok
23:39:00.0809 3220 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:39:00.0809 3220 FDResPub - ok
23:39:00.0824 3220 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:39:00.0840 3220 FileInfo - ok
23:39:00.0856 3220 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:39:00.0871 3220 Filetrace - ok
23:39:00.0887 3220 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:39:00.0902 3220 flpydisk - ok
23:39:00.0980 3220 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:39:01.0043 3220 FltMgr - ok
23:39:01.0136 3220 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
23:39:01.0168 3220 FontCache - ok
23:39:01.0277 3220 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:39:01.0292 3220 FontCache3.0.0.0 - ok
23:39:01.0308 3220 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:39:01.0324 3220 FsDepends - ok
23:39:01.0370 3220 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:39:01.0370 3220 Fs_Rec - ok
23:39:01.0448 3220 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:39:01.0448 3220 fvevol - ok
23:39:01.0480 3220 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:39:01.0480 3220 gagp30kx - ok
23:39:01.0526 3220 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:39:01.0542 3220 gpsvc - ok
23:39:01.0636 3220 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:39:01.0636 3220 gupdate - ok
23:39:01.0714 3220 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:39:01.0714 3220 gupdatem - ok
23:39:01.0760 3220 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:39:01.0760 3220 hcw85cir - ok
23:39:01.0823 3220 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:39:01.0838 3220 HdAudAddService - ok
23:39:01.0870 3220 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:39:01.0870 3220 HDAudBus - ok
23:39:01.0885 3220 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:39:01.0901 3220 HidBatt - ok
23:39:01.0916 3220 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:39:01.0932 3220 HidBth - ok
23:39:01.0963 3220 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:39:01.0979 3220 HidIr - ok
23:39:02.0010 3220 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:39:02.0010 3220 hidserv - ok
23:39:02.0088 3220 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:39:02.0088 3220 HidUsb - ok
23:39:02.0135 3220 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:39:02.0150 3220 hkmsvc - ok
23:39:02.0244 3220 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:39:02.0291 3220 HomeGroupListener - ok
23:39:02.0322 3220 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:39:02.0322 3220 HomeGroupProvider - ok
23:39:02.0416 3220 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:39:02.0416 3220 HpSAMD - ok
23:39:02.0478 3220 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
23:39:02.0494 3220 HsfXAudioService - ok
23:39:02.0572 3220 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
23:39:02.0665 3220 HSF_DPV - ok
23:39:02.0790 3220 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:39:02.0806 3220 HTTP - ok
23:39:02.0852 3220 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:39:02.0852 3220 hwpolicy - ok
23:39:02.0930 3220 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:39:02.0977 3220 i8042prt - ok
23:39:03.0086 3220 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
23:39:03.0086 3220 IAANTMON - ok
23:39:03.0149 3220 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:39:03.0149 3220 iaStor - ok
23:39:03.0196 3220 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:39:03.0227 3220 iaStorV - ok
23:39:03.0320 3220 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:39:03.0461 3220 idsvc - ok
23:39:03.0570 3220 [ E26375BC3510D1AAB88C037221A068B9 ] IGBASVC C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
23:39:03.0601 3220 IGBASVC - ok
23:39:03.0632 3220 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:39:03.0632 3220 iirsp - ok
23:39:03.0695 3220 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:39:03.0710 3220 IKEEXT - ok
23:39:03.0726 3220 [ 91B61589BB2915E81D436EFE07548507 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys
23:39:03.0742 3220 int15 - ok
23:39:03.0835 3220 [ 1A6241B70453A6629A83DB942AA6B08C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:39:03.0866 3220 IntcAzAudAddService - ok
23:39:03.0882 3220 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:39:03.0882 3220 intelide - ok
23:39:03.0991 3220 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:39:03.0991 3220 intelppm - ok
23:39:04.0007 3220 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:39:04.0022 3220 IPBusEnum - ok
23:39:04.0163 3220 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:39:04.0210 3220 IpFilterDriver - ok
23:39:04.0303 3220 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:39:04.0319 3220 iphlpsvc - ok
23:39:04.0366 3220 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:39:04.0444 3220 IPMIDRV - ok
23:39:04.0490 3220 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:39:04.0506 3220 IPNAT - ok
23:39:04.0693 3220 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:39:05.0520 3220 IRENUM - ok
23:39:05.0738 3220 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:39:05.0754 3220 isapnp - ok
23:39:05.0894 3220 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:39:06.0004 3220 iScsiPrt - ok
23:39:06.0097 3220 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:39:06.0160 3220 kbdclass - ok
23:39:06.0628 3220 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:39:06.0674 3220 kbdhid - ok
23:39:06.0737 3220 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:39:06.0737 3220 KeyIso - ok
23:39:06.0986 3220 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:39:07.0049 3220 KSecDD - ok
23:39:07.0158 3220 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:39:07.0189 3220 KSecPkg - ok
23:39:07.0267 3220 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:39:07.0267 3220 ksthunk - ok
23:39:07.0392 3220 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:39:07.0408 3220 KtmRm - ok
23:39:07.0532 3220 [ B8E670D7EF61615FA03104552854FAC9 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
23:39:07.0532 3220 L1E - ok
23:39:07.0642 3220 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:39:07.0642 3220 LanmanServer - ok
23:39:07.0766 3220 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:39:07.0766 3220 LanmanWorkstation - ok
23:39:07.0876 3220 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:39:07.0876 3220 lltdio - ok
23:39:07.0985 3220 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:39:08.0047 3220 lltdsvc - ok
23:39:08.0094 3220 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:39:08.0094 3220 lmhosts - ok
23:39:08.0234 3220 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:39:08.0250 3220 LSI_FC - ok
23:39:08.0281 3220 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:39:08.0281 3220 LSI_SAS - ok
23:39:08.0328 3220 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:39:08.0344 3220 LSI_SAS2 - ok
23:39:08.0437 3220 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:39:08.0437 3220 LSI_SCSI - ok
23:39:08.0515 3220 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:39:08.0515 3220 luafv - ok
23:39:08.0562 3220 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:39:08.0578 3220 Mcx2Svc - ok
23:39:08.0874 3220 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
23:39:08.0874 3220 MDM - ok
23:39:08.0936 3220 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:39:08.0936 3220 mdmxsdk - ok
23:39:08.0968 3220 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:39:09.0124 3220 megasas - ok
23:39:09.0436 3220 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:39:09.0482 3220 MegaSR - ok
23:39:09.0670 3220 [ BA7E071E855D4C502916164A31B05D4D ] MHIKEY10 C:\Windows\system32\Drivers\MHIKEY10x64.sys
23:39:09.0670 3220 MHIKEY10 - ok
23:39:09.0950 3220 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:39:11.0573 3220 MMCSS - ok
23:39:11.0604 3220 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:39:11.0604 3220 Modem - ok
23:39:11.0651 3220 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:39:11.0651 3220 monitor - ok
23:39:11.0760 3220 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:39:11.0760 3220 mouclass - ok
23:39:11.0822 3220 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:39:11.0822 3220 mouhid - ok
23:39:11.0916 3220 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:39:11.0916 3220 mountmgr - ok
23:39:12.0166 3220 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:39:12.0181 3220 MozillaMaintenance - ok
23:39:12.0306 3220 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:39:13.0304 3220 mpio - ok
23:39:13.0414 3220 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:39:13.0460 3220 mpsdrv - ok
23:39:13.0913 3220 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:39:13.0960 3220 MpsSvc - ok
23:39:14.0256 3220 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:39:14.0833 3220 MRxDAV - ok
23:39:14.0896 3220 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:39:15.0052 3220 mrxsmb - ok
23:39:15.0114 3220 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:39:15.0270 3220 mrxsmb10 - ok
23:39:15.0317 3220 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:39:15.0332 3220 mrxsmb20 - ok
23:39:15.0410 3220 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:39:15.0410 3220 msahci - ok
23:39:15.0473 3220 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:39:15.0488 3220 msdsm - ok
23:39:15.0520 3220 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:39:15.0535 3220 MSDTC - ok
23:39:15.0582 3220 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:39:15.0598 3220 Msfs - ok
23:39:15.0613 3220 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:39:15.0613 3220 mshidkmdf - ok
23:39:15.0691 3220 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:39:15.0691 3220 msisadrv - ok
23:39:15.0722 3220 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:39:16.0019 3220 MSiSCSI - ok
23:39:16.0019 3220 msiserver - ok
23:39:16.0097 3220 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:39:16.0112 3220 MSKSSRV - ok
23:39:16.0144 3220 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:39:16.0159 3220 MSPCLOCK - ok
23:39:16.0175 3220 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:39:16.0175 3220 MSPQM - ok
23:39:16.0502 3220 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:39:16.0612 3220 MsRPC - ok
23:39:16.0752 3220 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:39:16.0752 3220 mssmbios - ok
23:39:17.0033 3220 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:39:17.0048 3220 MSTEE - ok
23:39:17.0158 3220 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:39:17.0173 3220 MTConfig - ok
23:39:17.0267 3220 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:39:17.0267 3220 Mup - ok
23:39:17.0548 3220 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:39:17.0548 3220 napagent - ok
23:39:17.0641 3220 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:39:17.0657 3220 NativeWifiP - ok
23:39:17.0938 3220 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:39:18.0016 3220 NDIS - ok
23:39:18.0094 3220 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:39:18.0312 3220 NdisCap - ok
23:39:18.0468 3220 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:39:18.0468 3220 NdisTapi - ok
23:39:18.0577 3220 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:39:18.0593 3220 Ndisuio - ok
23:39:18.0640 3220 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:39:18.0640 3220 NdisWan - ok
23:39:18.0686 3220 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:39:18.0702 3220 NDProxy - ok
23:39:18.0749 3220 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:39:18.0764 3220 NetBIOS - ok
23:39:18.0796 3220 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:39:18.0811 3220 NetBT - ok
23:39:18.0874 3220 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:39:18.0874 3220 Netlogon - ok
23:39:18.0952 3220 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:39:18.0998 3220 Netman - ok
23:39:19.0014 3220 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:39:19.0014 3220 netprofm - ok
23:39:19.0108 3220 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:39:19.0123 3220 NetTcpPortSharing - ok
23:39:20.0527 3220 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
23:39:21.0167 3220 NETw5s64 - ok
23:39:21.0775 3220 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
23:39:22.0430 3220 netw5v64 - ok
23:39:24.0193 3220 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
23:39:25.0036 3220 NETwNs64 - ok
23:39:25.0129 3220 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:39:25.0145 3220 nfrd960 - ok
23:39:25.0379 3220 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:39:25.0379 3220 NlaSvc - ok
23:39:25.0504 3220 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
23:39:25.0519 3220 NMSAccess - ok
23:39:25.0597 3220 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:39:25.0597 3220 Npfs - ok
23:39:25.0660 3220 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:39:25.0660 3220 nsi - ok
23:39:25.0691 3220 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:39:25.0691 3220 nsiproxy - ok
23:39:26.0003 3220 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:39:26.0486 3220 Ntfs - ok
23:39:26.0502 3220 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:39:26.0518 3220 Null - ok
23:39:26.0642 3220 [ 6E41A4DF26340A07A489B721F9721EC1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:39:26.0658 3220 NVHDA - ok
23:39:27.0812 3220 [ 24F526274353FF7BB93D99D238E582DA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:39:28.0202 3220 nvlddmkm - ok
23:39:28.0468 3220 [ E48AA1A7AB20EDC9397622FE1EEA8777 ] NvnUsbAudio C:\Windows\system32\DRIVERS\nvnusbaudio.sys
23:39:28.0483 3220 NvnUsbAudio - ok
23:39:28.0624 3220 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:39:28.0639 3220 nvraid - ok
23:39:28.0670 3220 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:39:28.0670 3220 nvstor - ok
23:39:28.0780 3220 [ AAD3B6F3E5B9FE1D29BF627904F6120F ] nvsvc C:\Windows\system32\nvvsvc.exe
23:39:28.0795 3220 nvsvc - ok
23:39:28.0826 3220 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:39:28.0842 3220 nv_agp - ok
23:39:28.0889 3220 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:39:28.0904 3220 ohci1394 - ok
23:39:29.0029 3220 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:39:29.0045 3220 ose - ok
23:39:29.0700 3220 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:39:30.0043 3220 osppsvc - ok
23:39:30.0184 3220 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:39:30.0199 3220 p2pimsvc - ok
23:39:30.0402 3220 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:39:30.0527 3220 p2psvc - ok
23:39:30.0574 3220 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:39:30.0574 3220 Parport - ok
23:39:30.0636 3220 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:39:30.0652 3220 partmgr - ok
23:39:30.0698 3220 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:39:30.0698 3220 PcaSvc - ok
23:39:30.0730 3220 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:39:30.0745 3220 pci - ok
23:39:30.0854 3220 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:39:30.0870 3220 pciide - ok
23:39:30.0979 3220 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:39:31.0026 3220 pcmcia - ok
23:39:31.0073 3220 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:39:31.0073 3220 pcw - ok
23:39:31.0307 3220 [ A1688A4FB2EC49D040C027EF6DC7A87B ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
23:39:31.0322 3220 PDF Architect Helper Service - ok
23:39:31.0385 3220 [ E23FF9B2F8EEAB2BDDA681C21C48E843 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
23:39:31.0385 3220 PDF Architect Service - ok
23:39:31.0416 3220 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:39:31.0432 3220 PEAUTH - ok
23:39:31.0510 3220 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:39:31.0556 3220 PeerDistSvc - ok
23:39:31.0572 3220 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:39:31.0603 3220 PerfHost - ok
23:39:31.0759 3220 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:39:31.0806 3220 pla - ok
23:39:31.0853 3220 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:39:31.0868 3220 PlugPlay - ok
23:39:31.0915 3220 PnkBstrA - ok
23:39:31.0946 3220 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:39:31.0946 3220 PNRPAutoReg - ok
23:39:31.0978 3220 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:39:31.0978 3220 PNRPsvc - ok
23:39:32.0056 3220 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:39:32.0087 3220 PolicyAgent - ok
23:39:32.0165 3220 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:39:32.0165 3220 Power - ok
23:39:32.0352 3220 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:39:32.0352 3220 PptpMiniport - ok
23:39:32.0414 3220 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:39:32.0430 3220 Processor - ok
23:39:32.0508 3220 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:39:32.0508 3220 ProfSvc - ok
23:39:32.0539 3220 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:39:32.0539 3220 ProtectedStorage - ok
23:39:32.0586 3220 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:39:32.0586 3220 Psched - ok
23:39:32.0648 3220 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:39:32.0773 3220 ql2300 - ok
23:39:32.0820 3220 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:39:32.0836 3220 ql40xx - ok
23:39:32.0851 3220 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:39:32.0882 3220 QWAVE - ok
23:39:32.0898 3220 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:39:32.0898 3220 QWAVEdrv - ok
23:39:32.0976 3220 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
23:39:32.0976 3220 RapiMgr - ok
23:39:32.0992 3220 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:39:32.0992 3220 RasAcd - ok
23:39:33.0023 3220 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:39:33.0038 3220 RasAgileVpn - ok
23:39:33.0054 3220 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:39:33.0054 3220 RasAuto - ok
23:39:33.0085 3220 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:39:33.0085 3220 Rasl2tp - ok
23:39:33.0148 3220 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:39:33.0163 3220 RasMan - ok
23:39:33.0194 3220 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:39:33.0210 3220 RasPppoe - ok
23:39:33.0226 3220 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:39:33.0226 3220 RasSstp - ok
23:39:33.0241 3220 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:39:33.0257 3220 rdbss - ok
23:39:33.0288 3220 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:39:33.0288 3220 rdpbus - ok
23:39:33.0304 3220 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:39:33.0304 3220 RDPCDD - ok
23:39:33.0350 3220 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:39:33.0366 3220 RDPDR - ok
23:39:33.0397 3220 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:39:33.0397 3220 RDPENCDD - ok
23:39:33.0444 3220 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:39:33.0444 3220 RDPREFMP - ok
23:39:33.0694 3220 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:39:33.0772 3220 RDPWD - ok
23:39:33.0896 3220 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:39:33.0912 3220 rdyboost - ok
23:39:33.0943 3220 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:39:33.0943 3220 RemoteAccess - ok
23:39:33.0974 3220 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:39:33.0990 3220 RemoteRegistry - ok
23:39:34.0021 3220 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:39:34.0068 3220 RFCOMM - ok
23:39:34.0255 3220 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:39:34.0255 3220 RpcEptMapper - ok
23:39:34.0286 3220 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:39:34.0302 3220 RpcLocator - ok
23:39:34.0442 3220 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:39:34.0442 3220 RpcSs - ok
23:39:34.0489 3220 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:39:34.0489 3220 rspndr - ok
23:39:34.0536 3220 [ FB39AF63D6617F028BA0EBC21B83360D ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
23:39:34.0536 3220 RSUSBSTOR - ok
23:39:34.0583 3220 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:39:34.0598 3220 s3cap - ok
23:39:34.0614 3220 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:39:34.0614 3220 SamSs - ok
23:39:34.0661 3220 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:39:34.0676 3220 sbp2port - ok
23:39:34.0832 3220 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
23:39:34.0864 3220 SBSDWSCService - ok
23:39:34.0895 3220 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:39:34.0910 3220 SCardSvr - ok
23:39:34.0957 3220 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:39:34.0973 3220 scfilter - ok
23:39:35.0051 3220 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:39:35.0066 3220 Schedule - ok
23:39:35.0082 3220 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:39:35.0082 3220 SCPolicySvc - ok
23:39:35.0129 3220 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:39:35.0129 3220 SDRSVC - ok
23:39:35.0176 3220 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:39:35.0176 3220 secdrv - ok
23:39:35.0191 3220 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:39:35.0207 3220 seclogon - ok
23:39:35.0222 3220 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:39:35.0222 3220 SENS - ok
23:39:35.0254 3220 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:39:35.0254 3220 SensrSvc - ok
23:39:35.0269 3220 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:39:35.0269 3220 Serenum - ok
23:39:35.0285 3220 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:39:35.0300 3220 Serial - ok
23:39:35.0316 3220 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:39:35.0316 3220 sermouse - ok
23:39:35.0410 3220 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:39:35.0410 3220 SessionEnv - ok
23:39:35.0456 3220 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:39:35.0456 3220 sffdisk - ok
23:39:35.0488 3220 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:39:35.0503 3220 sffp_mmc - ok
23:39:35.0519 3220 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:39:35.0519 3220 sffp_sd - ok
23:39:35.0534 3220 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:39:35.0534 3220 sfloppy - ok
23:39:35.0581 3220 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:39:35.0597 3220 SharedAccess - ok
23:39:35.0722 3220 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:39:35.0737 3220 ShellHWDetection - ok
23:39:35.0768 3220 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:39:35.0768 3220 SiSRaid2 - ok
23:39:35.0800 3220 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:39:35.0815 3220 SiSRaid4 - ok
23:39:36.0237 3220 [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:39:36.0346 3220 Skype C2C Service - ok
23:39:36.0502 3220 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:39:36.0549 3220 SkypeUpdate - ok
23:39:36.0595 3220 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:39:36.0595 3220 Smb - ok
23:39:36.0642 3220 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:39:36.0658 3220 SNMPTRAP - ok
23:39:36.0720 3220 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:39:36.0720 3220 spldr - ok
23:39:36.0767 3220 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:39:36.0783 3220 Spooler - ok
23:39:37.0095 3220 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:39:37.0173 3220 sppsvc - ok
23:39:37.0204 3220 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:39:37.0219 3220 sppuinotify - ok
23:39:37.0282 3220 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:39:37.0297 3220 srv - ok
23:39:37.0329 3220 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:39:37.0344 3220 srv2 - ok
23:39:37.0407 3220 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:39:37.0453 3220 SrvHsfHDA - ok
23:39:37.0578 3220 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:39:37.0719 3220 SrvHsfV92 - ok
23:39:37.0968 3220 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:39:38.0031 3220 SrvHsfWinac - ok
23:39:38.0062 3220 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:39:38.0218 3220 srvnet - ok
23:39:38.0374 3220 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:39:38.0374 3220 SSDPSRV - ok
23:39:38.0389 3220 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:39:38.0405 3220 SstpSvc - ok
23:39:38.0530 3220 [ EF806D212D34B0E173BAEB3564D53E37 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
23:39:38.0545 3220 ss_bbus - ok
23:39:38.0561 3220 [ 08B1B34ABEBEB6AC2DEA06900C56411E ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
23:39:38.0561 3220 ss_bmdfl - ok
23:39:38.0608 3220 [ 71A9DA6BEAA4CB54DFB827FB78600A5D ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
23:39:38.0608 3220 ss_bmdm - ok
23:39:38.0717 3220 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
23:39:38.0733 3220 StarOpen - ok
23:39:38.0779 3220 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:39:38.0779 3220 stexstor - ok
23:39:39.0045 3220 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:39:39.0045 3220 stisvc - ok
23:39:39.0154 3220 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:39:39.0169 3220 storflt - ok
23:39:39.0201 3220 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
23:39:39.0201 3220 StorSvc - ok
23:39:39.0232 3220 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:39:39.0232 3220 storvsc - ok
23:39:39.0279 3220 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:39:39.0279 3220 swenum - ok
23:39:39.0341 3220 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:39:39.0357 3220 swprv - ok
23:39:39.0388 3220 [ 0F2E5EFDF6730780AFEA6EC6BF8AACB0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:39:39.0403 3220 SynTP - ok
23:39:39.0466 3220 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:39:39.0513 3220 SysMain - ok
23:39:39.0622 3220 [ 9D40AC2003DCA9F045181241C2BF47A2 ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
23:39:39.0622 3220 SystemStoreService - ok
23:39:39.0653 3220 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:39:39.0669 3220 TabletInputService - ok
23:39:39.0731 3220 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:39:39.0747 3220 TapiSrv - ok
23:39:39.0778 3220 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:39:39.0778 3220 TBS - ok
23:39:39.0918 3220 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:39:40.0043 3220 Tcpip - ok
23:39:40.0464 3220 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:39:40.0480 3220 TCPIP6 - ok
23:39:40.0589 3220 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:39:40.0589 3220 tcpipreg - ok
23:39:40.0620 3220 [ 951F59AF0B707415F9E567D17FF2A7C0 ] TcUsb C:\Windows\system32\Drivers\tcusb.sys
23:39:40.0651 3220 TcUsb - ok
23:39:40.0683 3220 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:39:40.0714 3220 TDPIPE - ok
23:39:40.0776 3220 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:39:40.0776 3220 TDTCP - ok
23:39:40.0854 3220 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:39:40.0854 3220 tdx - ok
23:39:41.0182 3220 [ 851C5080261DFC1FCDC21DF0E5EA3BCB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
23:39:41.0213 3220 TeamViewer8 - ok
23:39:41.0244 3220 [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
23:39:41.0244 3220 teamviewervpn - ok
23:39:41.0275 3220 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:39:41.0291 3220 TermDD - ok
23:39:41.0338 3220 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:39:41.0353 3220 TermService - ok
23:39:41.0369 3220 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:39:41.0369 3220 Themes - ok
23:39:41.0400 3220 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:39:41.0400 3220 THREADORDER - ok
23:39:41.0509 3220 [ EFEF22B9577E5051057FDE1AE381B50C ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
23:39:41.0509 3220 TomTomHOMEService - ok
23:39:41.0541 3220 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:39:41.0541 3220 TrkWks - ok
23:39:41.0587 3220 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:39:41.0603 3220 TrustedInstaller - ok
23:39:41.0634 3220 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:39:41.0665 3220 tssecsrv - ok
23:39:41.0775 3220 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:39:41.0775 3220 TsUsbFlt - ok
23:39:41.0806 3220 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:39:41.0806 3220 tunnel - ok
23:39:41.0853 3220 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:39:41.0853 3220 uagp35 - ok
23:39:41.0884 3220 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:39:41.0899 3220 udfs - ok
23:39:41.0946 3220 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:39:41.0946 3220 UI0Detect - ok
23:39:42.0009 3220 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:39:42.0024 3220 uliagpkx - ok
23:39:42.0149 3220 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:39:42.0149 3220 umbus - ok
23:39:42.0243 3220 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:39:42.0258 3220 UmPass - ok
23:39:42.0321 3220 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
23:39:42.0336 3220 UmRdpService - ok
23:39:42.0367 3220 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:39:42.0367 3220 upnphost - ok
23:39:42.0399 3220 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:39:42.0399 3220 usbccgp - ok
23:39:42.0477 3220 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:39:42.0477 3220 usbcir - ok
23:39:42.0508 3220 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:39:42.0508 3220 usbehci - ok
23:39:42.0539 3220 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:39:42.0555 3220 usbhub - ok
23:39:42.0601 3220 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:39:42.0601 3220 usbohci - ok
23:39:42.0633 3220 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:39:42.0711 3220 usbprint - ok
23:39:42.0742 3220 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:39:42.0742 3220 usbscan - ok
23:39:42.0789 3220 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:39:42.0789 3220 USBSTOR - ok
23:39:42.0804 3220 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:39:42.0804 3220 usbuhci - ok
23:39:42.0882 3220 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:39:42.0882 3220 usbvideo - ok
23:39:42.0913 3220 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:39:42.0913 3220 UxSms - ok
23:39:42.0929 3220 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:39:42.0929 3220 VaultSvc - ok
23:39:42.0960 3220 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:39:42.0960 3220 vdrvroot - ok
23:39:43.0054 3220 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:39:43.0085 3220 vds - ok
23:39:43.0116 3220 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:39:43.0132 3220 vga - ok
23:39:43.0147 3220 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:39:43.0147 3220 VgaSave - ok
23:39:43.0210 3220 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:39:43.0225 3220 vhdmp - ok
23:39:43.0241 3220 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:39:43.0257 3220 viaide - ok
23:39:43.0272 3220 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:39:43.0288 3220 vmbus - ok
23:39:43.0303 3220 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:39:43.0303 3220 VMBusHID - ok
23:39:43.0319 3220 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:39:43.0335 3220 volmgr - ok
23:39:43.0428 3220 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:39:43.0428 3220 volmgrx - ok
23:39:43.0444 3220 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:39:43.0459 3220 volsnap - ok
23:39:43.0491 3220 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:39:43.0506 3220 vsmraid - ok
23:39:43.0569 3220 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:39:43.0600 3220 VSS - ok
23:39:43.0615 3220 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:39:43.0631 3220 vwifibus - ok
23:39:43.0631 3220 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:39:43.0709 3220 vwififlt - ok
23:39:43.0756 3220 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:39:43.0771 3220 W32Time - ok
23:39:43.0803 3220 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:39:43.0803 3220 WacomPen - ok
23:39:43.0881 3220 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:39:43.0896 3220 WANARP - ok
23:39:43.0912 3220 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:39:43.0912 3220 Wanarpv6 - ok
23:39:44.0239 3220 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:39:44.0349 3220 wbengine - ok
23:39:44.0395 3220 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:39:44.0411 3220 WbioSrvc - ok
23:39:44.0473 3220 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
23:39:44.0489 3220 WcesComm - ok
23:39:44.0551 3220 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:39:44.0583 3220 wcncsvc - ok
23:39:44.0598 3220 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:39:44.0614 3220 WcsPlugInService - ok
23:39:44.0645 3220 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:39:44.0661 3220 Wd - ok
23:39:44.0739 3220 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:39:44.0770 3220 Wdf01000 - ok
23:39:44.0785 3220 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:39:44.0785 3220 WdiServiceHost - ok
23:39:44.0801 3220 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:39:44.0801 3220 WdiSystemHost - ok
23:39:44.0848 3220 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:39:44.0863 3220 WebClient - ok
23:39:44.0895 3220 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:39:44.0910 3220 Wecsvc - ok
23:39:44.0926 3220 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:39:44.0926 3220 wercplsupport - ok
23:39:44.0957 3220 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:39:44.0957 3220 WerSvc - ok
23:39:44.0988 3220 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:39:45.0004 3220 WfpLwf - ok
23:39:45.0035 3220 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:39:45.0035 3220 WIMMount - ok
23:39:45.0066 3220 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
23:39:45.0113 3220 winachsf - ok
23:39:45.0160 3220 [ 54D68B92DC59FBBA95919C804A7C3E07 ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
23:39:45.0175 3220 winbondcir - ok
23:39:45.0191 3220 WinDefend - ok
23:39:45.0238 3220 WinHttpAutoProxySvc - ok
23:39:45.0285 3220 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:39:45.0285 3220 Winmgmt - ok
23:39:45.0347 3220 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\BatteryCare\WinRing0x64.sys
23:39:45.0347 3220 WinRing0_1_2_0 - ok
23:39:45.0550 3220 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:39:45.0628 3220 WinRM - ok
23:39:45.0753 3220 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
23:39:45.0768 3220 WinUsb - ok
23:39:45.0815 3220 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:39:45.0831 3220 Wlansvc - ok
23:39:46.0252 3220 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:39:46.0314 3220 wlidsvc - ok
23:39:46.0377 3220 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:39:46.0377 3220 WmiAcpi - ok
23:39:46.0423 3220 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:39:46.0439 3220 wmiApSrv - ok
23:39:46.0486 3220 WMPNetworkSvc - ok
23:39:46.0501 3220 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:39:46.0517 3220 WPCSvc - ok
23:39:46.0548 3220 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:39:46.0548 3220 WPDBusEnum - ok
23:39:46.0579 3220 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:39:46.0595 3220 ws2ifsl - ok
23:39:46.0611 3220 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:39:46.0611 3220 wscsvc - ok
23:39:46.0611 3220 WSearch - ok
23:39:46.0907 3220 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:39:46.0969 3220 wuauserv - ok
23:39:47.0032 3220 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:39:47.0047 3220 WudfPf - ok
23:39:47.0063 3220 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:39:47.0079 3220 WUDFRd - ok
23:39:47.0110 3220 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:39:47.0110 3220 wudfsvc - ok
23:39:47.0141 3220 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:39:47.0157 3220 WwanSvc - ok
23:39:47.0172 3220 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
23:39:47.0188 3220 XAudio - ok
23:39:47.0235 3220 ================ Scan global ===============================
23:39:47.0250 3220 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:39:47.0297 3220 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:39:47.0313 3220 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:39:47.0328 3220 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:39:47.0391 3220 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:39:47.0391 3220 [Global] - ok
23:39:47.0391 3220 ================ Scan MBR ==================================
23:39:47.0406 3220 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:39:48.0280 3220 \Device\Harddisk0\DR0 - ok
23:39:48.0280 3220 ================ Scan VBR ==================================
23:39:48.0295 3220 [ 744D8E1D5BD6DA3AC2E0BFC1F9327DA6 ] \Device\Harddisk0\DR0\Partition1
23:39:48.0311 3220 \Device\Harddisk0\DR0\Partition1 - ok
23:39:48.0342 3220 [ 4FD979126BD73C00573965716D687842 ] \Device\Harddisk0\DR0\Partition2
23:39:48.0342 3220 \Device\Harddisk0\DR0\Partition2 - ok
23:39:48.0358 3220 [ DBBC3B2EBE37D6525656ECE8BBF27094 ] \Device\Harddisk0\DR0\Partition3
23:39:48.0358 3220 \Device\Harddisk0\DR0\Partition3 - ok
23:39:48.0358 3220 ============================================================
23:39:48.0358 3220 Scan finished
23:39:48.0358 3220 ============================================================
23:39:48.0405 4068 Detected object count: 0
23:39:48.0405 4068 Actual detected object count: 0
|
|
08.06.2013, 17:48
| #18 |
| /// Malware-holic | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung tdss killer nach Anleitung konfigurieren, laufen lassen, Log posten
__________________
__________________ |
|
08.06.2013, 18:21
| #19 |
| | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung logfile im Anhang |
|
08.06.2013, 18:24
| #20 |
| /// Malware-holic | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung tdss killer nach oben stehener Anleitung konfigurieren. Scannen, folgenen Fund auswählen: TDSS File System wähle cure, bzw delete. Neustarten, TDSS Killer nach Anleitung konfigurieren, neues Log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 18:39
| #21 |
| | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung hier ist die zweite Logfile! Beim Start kommt immer das eine .dll nicht gefunden/gestartet werden kann! Was kann man dagegen tun? |
|
08.06.2013, 18:41
| #22 |
| /// Malware-holic | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung tdss killer nach anleitung konfigurieren, log erneut erstellen, danke
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 18:44
| #23 |
| | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung 3ter versuch  |
|
08.06.2013, 18:46
| #24 |
| /// Malware-holic | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung wieso hast du alle Funde vom tdss killer gelöscht? nutzt du den PC fürs onlinebanking, zum einkaufen, für sonstige Zahlungsabwicklungen, oder ähnlich wichtigem, wie beruflichem
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 18:51
| #25 |
| | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung ähm sollte ich die funde nicht deleten?? oder meinst du die log datei? nein online-banking nutze ich nicht oder ähnliches! |
|
08.06.2013, 18:56
| #26 |
| /// Malware-holic | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung was habe ich denn oben geschrieben, welchen Fund du löschen sollst, alle steht da nicht oder? bitte update nachher mal alle treiber und hilfsprogramme die dein Hersteller anbietet. Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 19:38
| #27 |
| | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung Combofix Logfile: Code:
ATTFilter ComboFix 13-06-08.01 - Deeke 08.06.2013 20:01:18.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4091.2484 [GMT 2:00]
ausgeführt von:: c:\users\Deeke\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Acer Bio Protection\PwdFilterV64.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Protected Search
c:\programdata\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk
c:\programdata\rundll32.exe
c:\users\Deeke\3043141.dll
c:\users\Deeke\AppData\Local\Temp\RtkBtMnt.exe
c:\users\Deeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
c:\users\Deeke\AppData\Roaming\skype.dat
c:\users\Deeke\AppData\Roaming\skype.ini
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-08 bis 2013-06-08 ))))))))))))))))))))))))))))))
.
.
2013-06-09 03:11 . 2013-06-09 03:11 -------- dc----w- C:\_OTL
2013-06-08 21:39 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92228151-FF11-439D-A2E4-67A425293145}\mpengine.dll
2013-06-08 17:31 . 2013-06-08 17:31 -------- dc----w- C:\TDSSKiller_Quarantine
2013-06-06 18:08 . 2013-06-06 19:02 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 17:20 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-16 17:02 . 2010-10-11 12:09 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 13:43 . 2012-04-05 09:36 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 13:43 . 2011-09-01 18:31 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-13 03:52 . 2013-04-30 17:49 23624 ----a-w- c:\windows\Launcher.exe
2013-05-02 00:06 . 2010-10-11 12:12 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-15 13:44 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 13:44 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 13:44 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 13:44 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 13:44 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 13:44 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-23 17:35 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-19 06:04 . 2013-04-10 19:54 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 19:54 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 19:54 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 19:54 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 19:54 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 19:54 112640 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4DF4AC8C-FFA8-40FF-91F0-EB8389314B78}]
2010-06-09 13:28 269312 ----a-w- c:\users\Deeke\AppData\LocalLow\FoxTab\IE\FoxTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{96edaac7-6183-4cb5-8823-b8b12d94f967}]
2013-05-25 01:50 1038920 ----a-w- c:\users\Deeke\AppData\Roaming\HomeTab\HomeTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-05-11 21:59 194928 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{96edaac7-6183-4cb5-8823-b8b12d94f967}"= "c:\users\Deeke\AppData\Roaming\HomeTab\HomeTab.dll" [2013-05-25 1038920]
.
[HKEY_CLASSES_ROOT\clsid\{96edaac7-6183-4cb5-8823-b8b12d94f967}]
[HKEY_CLASSES_ROOT\wtb.Band.1]
[HKEY_CLASSES_ROOT\TypeLib\{b7dc94d1-a06f-411b-9396-70cc757a9133}]
[HKEY_CLASSES_ROOT\wtb.Band]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Deeke\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Deeke\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Deeke\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Deeke\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"BatteryCare"="c:\program files (x86)\BatteryCare\BatteryCare.exe" [2012-12-03 740864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-04 281768]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-09-02 296096]
.
c:\users\Deeke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Deeke\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAPower"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="c:\progra~3\tolg.bat"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys;c:\windows\SYSNATIVE\Drivers\MHIKEY10x64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NvnUsbAudio;Novation USB Audio Driver;c:\windows\system32\DRIVERS\nvnusbaudio.sys;c:\windows\SYSNATIVE\DRIVERS\nvnusbaudio.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\BatteryCare\WinRing0x64.sys;c:\program files (x86)\BatteryCare\WinRing0x64.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys;c:\windows\SYSNATIVE\DRIVERS\winbondcir.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 13:43]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-11 12:17]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-11 12:17]
.
2013-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4142259043-113316378-2562792309-1000Core.job
- c:\users\Deeke\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 21:11]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4142259043-113316378-2562792309-1000UA.job
- c:\users\Deeke\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 21:11]
.
2013-06-08 c:\windows\Tasks\{C6688CF8-E8EC-479A-B410-D0D5CAC32B21}.job
- c:\programdata\BetterSoft\SaveByClick\SaveByClick.exe [2013-01-20 18:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Deeke\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Deeke\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Deeke\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Deeke\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-28 16334880]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1237288]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-23 7981600]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
mSearch Bar = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=fb9c5ef6-ae1c-446f-ba3e-c6393e9d6741&searchtype=ds&q={searchTerms}
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Deeke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Mit dem LeechGet Wizard laden - file://c:\program files (x86)\LeechGet 2009\\Wizard.html
IE: Mit LeechGet herunterladen - file://c:\program files (x86)\LeechGet 2009\\AddUrl.html
IE: Mit LeechGet parsen - file://c:\program files (x86)\LeechGet 2009\\Parser.html
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{6e80943c-847c-4447-b830-f94e7dcbbd4e} - {96edaac7-6183-4cb5-8823-b8b12d94f967} - c:\users\Deeke\AppData\Roaming\HomeTab\HomeTab.dll
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Deeke\AppData\Roaming\Mozilla\Firefox\Profiles\qzthdcb2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
FF - ExtSQL: 2013-05-27 17:50; {aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}; c:\users\Deeke\AppData\Roaming\Mozilla\Firefox\Profiles\qzthdcb2.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);FF - user.js: extentions.y2layers.installId - 895752e9-4369-4a17-87be-95d37f16d463
FF - user.js: extentions.y2layers.defaultEnableAppsList - pagerage,ezlooker,dropdowndeals,twittube,toprelatedtopics,buzzdock
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1QzutDtDtBtAzz0BtCyCtAtAyByD0FtBtAtDtN0D0TzutBtDtCtBtDyBtDyE&cr=208842956
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=softpb&chnl=softpb&cd=2XzutAtN2Y1L1QzutDtDtBtAzz0BtCyCtAtAyByD0FtBtAtDtN0D0TzutBtDtCtBtDyBtDyE&cr=208842956
FF - user.js: extensions.funmoods.tlbrSrchUrl -
FF - user.js: extensions.funmoods.id - 48edf230000000000000001a73981c98
FF - user.js: extensions.funmoods.instlDay - 15525
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2220:35:7
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - softpb
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - softpb
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{31ad400d-1b06-4e33-a59a-90c2c140cba0} - (no file)
Toolbar-{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file)
Wow6432Node-HKCU-Run-LeechGet - (no file)
Wow6432Node-HKCU-Run-ctfmon32.exe - c:\progra~3\rundll32.exe
Notify-spba - (no file)
SafeBoot-16751971.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\Acer Bio Protection\CompPtcVUI.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files (x86)\Protected Search\ProtectedSearch.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-08 20:36:28 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-06-08 18:36
.
Vor Suchlauf: 3.898.429.440 Bytes frei
Nach Suchlauf: 3.916.165.120 Bytes frei
.
- - End Of File - - 48CBD0EE831A1DD61F266D2204BC0C44
|
|
08.06.2013, 19:42
| #28 |
| /// Malware-holic | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 21:17
| #29 |
| | 100€ PaysafeCard Zahlung wegen UrheberrechtsverletzungCode:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.08.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 Deeke :: DEEKE-PC [Administrator] Schutz: Aktiviert 08.06.2013 20:46:12 MBAM-log-2013-06-08 (22-10-47).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 399359 Laufzeit: 1 Stunde(n), 17 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 5 HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Keine Aktion durchgeführt. HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 2 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Daten: -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Daten: Funmoods Toolbar -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 6 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=) Gut: (hxxp://www.google.com/) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.1&ts=1368292697806&tguid=43169-3580-1368292697806-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=) Gut: (hxxp://www.google.com/) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 2 C:\Users\Deeke\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Keine Aktion durchgeführt. C:\Users\Deeke\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Keine Aktion durchgeführt. Infizierte Dateien: 7 C:\Program Files (x86)\Image-Line\Toxic Biohazard\Toxic Biohazard.dll (Trojan.Backdoor) -> Keine Aktion durchgeführt. C:\Qoobox\Quarantine\C\Users\Deeke\3043141.dll.vir (Trojan.FakeMS) -> Keine Aktion durchgeführt. C:\Qoobox\Quarantine\C\Users\Deeke\AppData\Roaming\skype.dat.vir (Trojan.Agent.rf) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\06082013_231131\F_ProgramData\glot.dat (Trojan.FakeMS) -> Keine Aktion durchgeführt. D:\Microsoft Office 2010 Pro\licence.exe (Riskware.Crk) -> Keine Aktion durchgeführt. C:\Users\Deeke\AppData\Local\funmoods.crx (PUP.Funmoods) -> Keine Aktion durchgeführt. C:\Users\Deeke\Local Settings\Application Data\funmoods.crx (PUP.Funmoods) -> Keine Aktion durchgeführt. (Ende) |
|
08.06.2013, 21:18
| #30 |
| /// Malware-holic | 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung D:\Microsoft Office 2010 Pro\licence.exe (Riskware.Crk) -> Keine Aktion durchgeführt. das ist ein keygen, da das illegal ist, bekommst du hier nur hilfe beim neu aufsetzen 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu 100€ PaysafeCard Zahlung wegen Urheberrechtsverletzung |
| 100€ paysafecard, andere, anderen, anzeige, bekämpft, bezahlen, einzige, hijack.searchpage, hilfe!, miteinander, paysafecard, pup.funmoods, riskware.crk, schnelle, schnelle hilfe, troja, trojan.agent.rf, trojan.backdoor, trojan.fakems, trojaner, urheberrechtsverletzung, wirklich, zahlung |
WARNUNG an die MITLESER: 
Linear-Darstellung
