Trojaner-Board
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   0access rootkit und Sirefef.D,Bootfähigkeit verloren (https://www.trojaner-board.de/127857-0access-rootkit-sirefef-d-bootfaehigkeit-verloren.html)

Dexteron 06.12.2012 21:18
ich mach einfach nochmal nen backup, aus ner gepackten datei sollten ja trojaner nicht ausbrechen können. kann sein, dass das etwas dauert.

Bis hierher auf jeden Fall schonmal ein ganz herzliches Danke!!

ryder 06.12.2012 21:21
du hast ja jetzt durch den ESET scan gesehen, welche Dateien infiziert sind. Also packe alle deine Nutzdaten zusammen und dann öffenen wir die F-Platte ganz vorsichtig und machen dein Win7 wieder flott.

Dexteron 06.12.2012 21:35
ich hab jetz nen backup mit acronis true image gestartet (auf ne externe platte), beim kopieren der daten selbst kam immer "zugriff verweigert".
Das dauert laut acronis nun noch 9 stunden (usb kann nicht mehr).

Soll doch auch nur zur Sicherheit sein oder werden wir auf jeden fall daten von F verlieren?

ryder 06.12.2012 21:48
du sollst nicht die platte komplett sichern sondern NUR deine nutzdaten zur Sicherheit.

Wir geben uns grosse Mühe, dass du überhaupt keinen Datenverlust (ausser der Malware hast)

Dexteron 06.12.2012 22:00
ok, er sichert jetzt die nutzdaten.
Laut Win Xp dauerts nun nur knapp 3 h :)
ich melde mich dann wenn ich alles hab, wird wohl eher morgen sein.

ryder 06.12.2012 22:05
Kein problem - melde dich dann einfach mit dem FRST-Logfile und dann killen wir die Malware :)

Dexteron 06.12.2012 22:19
Ok, mach ich, danke :)

so hier das scanergebnis:
[CODE]
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2012
Ran by SYSTEM at 07-12-2012 17:06:06
Running from H:\
Windows 7 Professional (X64) OS Language: German Standard
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] C:\Windows\SysWOW64\UMonit.exe [49152 2011-05-25] ()
HKLM\...\Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [391240 2010-12-06] (Acronis)
HKLM-x32\...\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" /s [984576 2011-09-05] (Panda Security, S.L.)
HKLM-x32\...\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe" [68928 2010-06-11] (Panda Security, S.L.)
HKLM-x32\...\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc [280824 2011-04-04] (Filefacts.net)
HKU\Administrator\...\Run: [ICQ] "C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4 [127040 2011-10-10] (ICQ, LLC.)
HKU\Administrator\...\Run: [] [x]
HKU\***\...\Run: [ICQ] "C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4 [127040 2011-10-10] (ICQ, LLC.)
HKU\***\...\Run: [] [x]
HKU\***\...\Run: [Peysyhipca] "C:\Users\***\AppData\Roaming\Ociwci\inyt.exe" [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\avldr: avldr64.dll (On-Access Anti-Malware Scanner Sync)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$6810dbc73758a48a9685b9942ffb4ae1\n. ATTENTION! ====> ZeroAccess
Tcpip\..\Interfaces\{6124B780-E1F5-4C27-8D22-685920D660D1}: [NameServer]192.168.0.10

==================== Services (Whitelisted) ===================

2 AcrSch2Svc; "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe" [1112744 2010-12-06] (Acronis)
2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2011-04-16] (Acronis)
3 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
2 dgdersvc; C:\Windows\system32\dgdersvc.exe [119632 2010-07-30] (Devguru Co., Ltd.)
2 dgdersvc; C:\Windows\SysWow64\dgdersvc.exe [95568 2010-07-30] (Devguru Co., Ltd.)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 Panda Software Controller; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsCtrls.exe" [173312 2009-08-10] (Panda Security, S.L.)
2 PAVFNSVR; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe" [202048 2010-09-13] (Panda Security, S.L.)
2 PavPrSrv; "C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe" [62768 2008-02-04] (Panda Security, S.L.)
2 PAVSRV; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe" [314176 2010-06-04] (Panda Security, S.L.)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-07-30] ()
2 PSHost; "C:\program files (x86)\panda security\panda internet security 2011\firewall\PSHOST.EXE" [226560 2009-11-26] (Panda Security International)
2 PSIMSVC; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsImSvc.exe" [108288 2008-06-19] (Panda Security S.L.)
2 PskSvcRetail; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe" [28992 2010-08-16] (Panda Security, S.L.)
2 TPSrv; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\TPSrvWow.exe" [174400 2010-09-29] (Panda Security, S.L.)
3 DAUpdaterSvc; C:\Spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]

==================== Drivers (Whitelisted) =====================

0 1d0c19e5776cf02b; C:\Windows\System32\Drivers\1d0c19e5776cf02b.sys [85432 2012-08-28] () ATTENTION =====> Rootkit?
2 AmFSM; C:\Windows\System32\DRIVERS\amm6460.sys [65608 2010-05-21] (Panda Security, S.L.)
2 APPFLT; \??\C:\Windows\system32\Drivers\APPFLT64.SYS [118280 2010-02-18] (Panda Security, S.L.)
1 AsIO; C:\Windows\SysWow64\Drivers\AsIO.sys [13440 2009-08-04] ()
1 AsUpIO; C:\Windows\SysWow64\Drivers\AsUpIO.sys [13368 2009-07-06] ()
3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] ()
3 avmeject; C:\Windows\System32\Drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
3 BthAvrcp; C:\Windows\System32\Drivers\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
2 ComFiltr; C:\Windows\System32\Drivers\ComFiltr.sys [15928 2010-10-04] ()
3 dgderdrv; C:\Windows\System32\Drivers\dgderdrv.sys [20552 2010-07-30] (Devguru Co., Ltd)
3 dgderdrv; C:\Windows\SysWow64\Drivers\dgderdrv.sys [18120 2010-07-30] (Devguru Co., Ltd)
2 DSAFLT; \??\C:\Windows\system32\Drivers\DSAFLT64.SYS [82952 2009-09-25] (Panda Security, S.L.)
2 FNETMON; \??\C:\Windows\system32\Drivers\fnetm64.SYS [31752 2009-09-25] (Panda Security, S.L.)
3 fwlanusbn; C:\Windows\System32\Drivers\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
3 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
2 IDSFLT; \??\C:\Windows\system32\Drivers\IDSFLT64.SYS [78856 2009-09-25] (Panda Security, S.L.)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
2 NETFLTDI; \??\C:\Windows\system32\Drivers\NETTDI64.SYS [170504 2009-09-25] (Panda Security, S.L.)
3 NETIMFLT01060042; C:\Windows\System32\DRIVERS\n64i1642.sys [214536 2010-02-18] (Panda Security, S.L.)
0 pavboot; C:\Windows\System32\Drivers\pavboot64.sys [30792 2010-06-22] (Panda Security, S.L.)
3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2010-12-02] (Feitian Technologies Co., Ltd.)
1 ShldFlt; C:\Windows\System32\Drivers\ShldFlt.sys [48136 2009-10-27] (Panda Security, S.L.)
0 SI3132; C:\Windows\System32\Drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
0 SiRemFil; C:\Windows\System32\Drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-04-02] (Duplex Secure Ltd.)
2 WNMFLT; \??\C:\Windows\system32\Drivers\WNMFLT64.SYS [74760 2009-09-25] (Panda Security, S.L.)
3 WPN111; C:\Windows\System32\DRIVERS\WPN111vx.sys [1075712 2008-08-05] (Atheros Communications, Inc.)
3 cpuz130; \??\C:\Users\THORST~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
3 GPU-Z; \??\C:\Users\THORST~1\AppData\Local\Temp\GPU-Z.sys [x]
3 PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys [x]
3 Prot6Flt; C:\Windows\System32\DRIVERS\Prot6Flt.sys [x]
3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\WNt500x64\Sandra.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-12-07 17:05 - 2012-12-07 17:05 - 00000000 ____D C:\FRST
2012-12-02 23:49 - 2012-12-03 00:30 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-12-02 18:16 - 2012-12-02 18:16 - 00001174 ____A C:\Windows\PFRO.log
2012-12-02 18:08 - 2012-12-03 20:27 - 00000000 ____D C:\Users\All Users\4AD0184B93A71FBF00004ACFCD852922
2012-12-02 18:06 - 2012-12-03 22:23 - 00000000 ____D C:\Users\***\AppData\Roaming\Ociwci
2012-12-02 18:03 - 2012-12-02 17:52 - 00000504 ____A C:\Users\***\Documents\options.ini
2012-12-02 17:28 - 2012-12-03 20:27 - 00000000 ____D C:\Users\***\Documents\Command and Conquer Generals Zero Hour Data
2012-12-02 16:01 - 2012-12-03 20:27 - 00000000 ____D C:\Users\***\Documents\Stronghold Crusader
2012-12-02 15:52 - 2012-12-03 20:27 - 00000000 ____D C:\Users\***\Documents\Command and Conquer Generals Data
2012-12-02 00:16 - 2012-12-02 17:39 - 00120012 ____A C:\Windows\DirectX.log
2012-12-02 00:04 - 2012-12-02 18:16 - 00000280 ____A C:\Windows\setupact.log
2012-12-02 00:04 - 2012-12-02 00:04 - 00000000 ____A C:\Windows\setuperr.log
2012-11-26 21:52 - 2012-11-26 21:52 - 00001945 ____A C:\Users\Public\Desktop\CDBurnerXP.lnk
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Canneverbe Limited
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Users\All Users\Canneverbe Limited
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2012-11-19 10:50 - 2012-11-19 10:50 - 00076257 ____A C:\Users\***\Desktop\Evaluation Referenten v3.1.odt
2012-11-18 11:23 - 2012-11-18 11:25 - 00001594 ____A C:\Windows\VPNUnInstall.MIF
2012-11-15 23:11 - 2012-11-15 23:11 - 00012180 ____A C:\Users\***\Desktop\Bewertungen PhysikI.xlsx
2012-11-12 20:08 - 2012-11-12 20:26 - 00000000 ____D C:\Users\***\Desktop\Imaginaerum

==================== One Month Modified Files and Folders =======

2012-12-07 17:05 - 2012-12-07 17:05 - 00000000 ____D C:\FRST
2012-12-03 22:23 - 2012-12-02 18:06 - 00000000 ____D C:\Users\***\AppData\Roaming\Ociwci
2012-12-03 20:27 - 2012-12-02 18:08 - 00000000 ____D C:\Users\All Users\4AD0184B93A71FBF00004ACFCD852922
2012-12-03 20:27 - 2012-12-02 17:28 - 00000000 ____D C:\Users\***\Documents\Command and Conquer Generals Zero Hour Data
2012-12-03 20:27 - 2012-12-02 16:01 - 00000000 ____D C:\Users\***\Documents\Stronghold Crusader
2012-12-03 20:27 - 2012-12-02 15:52 - 00000000 ____D C:\Users\***\Documents\Command and Conquer Generals Data
2012-12-03 20:27 - 2012-10-21 15:16 - 00000000 ____D C:\users\Administrator
2012-12-03 20:27 - 2010-12-08 22:17 - 00000000 ____D C:\Users\***\AppData\Roaming\JGsoft
2012-12-03 20:27 - 2010-10-02 15:56 - 00000000 ____D C:\users\***
2012-12-03 20:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\NDF
2012-12-03 20:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2012-12-03 20:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2012-12-03 20:26 - 2010-10-04 14:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-12-03 00:30 - 2012-12-02 23:49 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-12-03 00:12 - 2010-10-04 17:40 - 00000000 ____D C:\Users\***\AppData\Roaming\ICQ
2012-12-02 23:29 - 2010-10-04 15:47 - 00146520 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-02 23:23 - 2010-10-23 13:08 - 00743936 __ASH C:\Users\***\Desktop\Thumbs.db
2012-12-02 18:20 - 2009-07-14 18:58 - 00709726 ____A C:\Windows\System32\perfh007.dat
2012-12-02 18:20 - 2009-07-14 18:58 - 00154078 ____A C:\Windows\System32\perfc007.dat
2012-12-02 18:20 - 2009-07-14 06:13 - 01643640 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-02 18:17 - 2012-01-15 13:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2012-12-02 18:17 - 2010-10-04 14:21 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetFlt.cfg.bck
2012-12-02 18:17 - 2010-10-04 14:21 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetFlt.cfg
2012-12-02 18:17 - 2010-10-04 14:20 - 00000152 ____A C:\Windows\System32\Drivers\etc\NetAdapt.cfg.bck
2012-12-02 18:17 - 2010-10-04 14:20 - 00000152 ____A C:\Windows\System32\Drivers\etc\NetAdapt.cfg
2012-12-02 18:16 - 2012-12-02 18:16 - 00001174 ____A C:\Windows\PFRO.log
2012-12-02 18:16 - 2012-12-02 00:04 - 00000280 ____A C:\Windows\setupact.log
2012-12-02 18:16 - 2010-11-16 01:19 - 00001126 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-12-02 18:16 - 2010-10-04 14:22 - 00000320 ____A C:\Windows\System32\Drivers\etc\NetLoc.wlt
2012-12-02 18:16 - 2010-10-04 14:20 - 00000064 ____A C:\Windows\System32\Drivers\etc\NetAR.wlt.bck
2012-12-02 18:16 - 2010-10-04 14:20 - 00000064 ____A C:\Windows\System32\Drivers\etc\NetAR.wlt
2012-12-02 18:16 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-02 18:12 - 2009-07-14 05:45 - 00513136 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-02 18:07 - 2010-10-04 14:17 - 01032256 ____A C:\Windows\System32\Drivers\APPFCONT.DAT.bck
2012-12-02 18:07 - 2010-10-04 14:17 - 01032256 ____A C:\Windows\System32\Drivers\APPFCONT.DAT
2012-12-02 17:52 - 2012-12-02 18:03 - 00000504 ____A C:\Users\***\Documents\options.ini
2012-12-02 17:44 - 2012-04-10 21:48 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-12-02 17:39 - 2012-12-02 00:16 - 00120012 ____A C:\Windows\DirectX.log
2012-12-02 17:16 - 2010-11-16 01:19 - 00001130 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-12-02 16:39 - 2009-07-14 05:45 - 00016928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-12-02 16:39 - 2009-07-14 05:45 - 00016928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-12-02 00:04 - 2012-12-02 00:04 - 00000000 ____A C:\Windows\setuperr.log
2012-12-01 23:59 - 2011-04-02 11:09 - 00000000 ____D C:\Users\***\AppData\Roaming\DAEMON Tools Lite
2012-12-01 23:58 - 2010-10-06 20:14 - 00000000 ____D C:\Windows\Minidump
2012-12-01 15:11 - 2012-10-28 22:24 - 00000000 ____D C:\Users\***\Desktop\Protokolle PIA2
2012-12-01 14:02 - 2010-10-04 14:22 - 00000056 ____A C:\Windows\System32\Drivers\etc\WnmFlt.cfg.bck
2012-12-01 14:02 - 2010-10-04 14:22 - 00000056 ____A C:\Windows\System32\Drivers\etc\WnmFlt.cfg
2012-12-01 14:02 - 2010-10-04 14:22 - 00000056 ____A C:\Windows\System32\Drivers\etc\DsaFlt.cfg.bck
2012-12-01 14:02 - 2010-10-04 14:22 - 00000056 ____A C:\Windows\System32\Drivers\etc\DsaFlt.cfg
2012-12-01 14:02 - 2010-10-04 14:21 - 00000252 ____A C:\Windows\System32\Drivers\etc\IdsFlt.cfg.bck
2012-12-01 14:02 - 2010-10-04 14:21 - 00000252 ____A C:\Windows\System32\Drivers\etc\IdsFlt.cfg
2012-12-01 14:02 - 2010-10-04 14:17 - 00001132 ____A C:\Windows\System32\Drivers\APPFLTR.CFG.bck
2012-12-01 14:02 - 2010-10-04 14:17 - 00001132 ____A C:\Windows\System32\Drivers\APPFLTR.CFG
2012-11-28 21:40 - 2010-10-04 20:36 - 00000000 ____D C:\Users\***\Desktop\Dateien
2012-11-26 21:52 - 2012-11-26 21:52 - 00001945 ____A C:\Users\Public\Desktop\CDBurnerXP.lnk
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Canneverbe Limited
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Users\All Users\Canneverbe Limited
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2012-11-26 20:56 - 2012-09-14 13:45 - 00000000 ____D C:\Program Files\Recuva
2012-11-26 11:14 - 2010-10-07 17:39 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-26 11:13 - 2012-04-10 21:48 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-26 11:13 - 2011-05-29 10:00 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-11-24 13:49 - 2012-10-01 21:52 - 00000141 ____A C:\Windows\spwdrhag.INI
2012-11-24 13:49 - 2012-10-01 21:52 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2012-11-21 21:27 - 2012-02-17 15:04 - 00000150 ____A C:\Users\***\.Xauthority
2012-11-21 21:27 - 2012-02-17 15:04 - 00000000 ____D C:\Users\***\.nx
2012-11-19 10:50 - 2012-11-19 10:50 - 00076257 ____A C:\Users\***\Desktop\Evaluation Referenten v3.1.odt
2012-11-18 12:20 - 2012-02-17 15:05 - 00000000 ____D C:\Users\***\.ssh
2012-11-18 12:19 - 2010-11-20 15:55 - 00001615 ____A C:\Windows\VPNInstall.MIF
2012-11-18 11:25 - 2012-11-18 11:23 - 00001594 ____A C:\Windows\VPNUnInstall.MIF
2012-11-15 23:11 - 2012-11-15 23:11 - 00012180 ____A C:\Users\***\Desktop\Bewertungen PhysikI.xlsx
2012-11-15 21:18 - 2012-01-22 17:09 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2012-11-14 10:25 - 2009-07-14 06:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-11-12 20:26 - 2012-11-12 20:08 - 00000000 ____D C:\Users\***\Desktop\Imaginaerum
2012-11-10 17:50 - 2012-11-03 16:01 - 00076054 ____A C:\Users\***\Desktop\Evaluation Referenten v3.0.odt


ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-765039588-535241434-544004008-1000\$6810dbc73758a48a9685b9942ffb4ae1

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$6810dbc73758a48a9685b9942ffb4ae1

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8190.18 MB
Available physical RAM: 7369.67 MB
Total Pagefile: 8188.33 MB
Available Pagefile: 7369.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:450 GB) (Free:212.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: () (Fixed) (Total:250 GB) (Free:147.48 GB) NTFS
3 Drive e: () (Fixed) (Total:231.5 GB) (Free:93.2 GB) NTFS
4 Drive f: (MEDIIGOLD_DISC1) (CDROM) (Total:7.4 GB) (Free:0 GB) UDF
5 Drive g: (GRMCPRXFRER_DE_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
6 Drive h: (USB DISK) (Removable) (Total:0.24 GB) (Free:0.14 GB) FAT
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 931 GB 0 B
Datentr„ger 1 Online 246 MB 0 B

Partitions of Disk 0:
===============

Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 450 GB 31 KB
Partition 2 Prim„r 250 GB 450 GB
Partition 3 Prim„r 231 GB 700 GB

==================================================================================

Disk: 0
Partition 1
Typ : 07
Versteckt: Nein
Aktiv : Ja

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 450 GB Fehlerfre

=========================================================

Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Nein

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D NTFS Partition 250 GB Fehlerfre

=========================================================

Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E NTFS Partition 231 GB Fehlerfre

=========================================================

Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E NTFS Partition 231 GB Fehlerfre

=========================================================

Partitions of Disk 1:
===============

Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 245 MB 16 KB

==================================================================================

Disk: 1
Partition 1
Typ : 06
Versteckt: Nein
Aktiv : Ja

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H USB DISK FAT Wechselmed 245 MB Fehlerfre

=========================================================

Disk: 1
Partition 1
Typ : 06
Versteckt: Nein
Aktiv : Ja

Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H USB DISK FAT Wechselmed 245 MB Fehlerfre

=========================================================

Last Boot: 2012-11-27 10:15

==================== End Of Log =============================
[CODE]

oh sorry, da ist mir wohl ein / abhanden gekommen. hier nochmal:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2012
Ran by SYSTEM at 07-12-2012 17:06:06
Running from H:\
Windows 7 Professional  (X64) OS Language: German Standard
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] C:\Windows\SysWOW64\UMonit.exe [49152 2011-05-25] ()
HKLM\...\Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [391240 2010-12-06] (Acronis)
HKLM-x32\...\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" /s [984576 2011-09-05] (Panda Security, S.L.)
HKLM-x32\...\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe" [68928 2010-06-11] (Panda Security, S.L.)
HKLM-x32\...\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc [280824 2011-04-04] (Filefacts.net)
HKU\Administrator\...\Run: [ICQ] "C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4 [127040 2011-10-10] (ICQ, LLC.)
HKU\Administrator\...\Run: []  [x]
HKU\***\...\Run: [ICQ] "C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4 [127040 2011-10-10] (ICQ, LLC.)
HKU\***\...\Run: []  [x]
HKU\***\...\Run: [Peysyhipca] "C:\Users\***\AppData\Roaming\Ociwci\inyt.exe" [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\avldr: avldr64.dll (On-Access Anti-Malware Scanner Sync)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$6810dbc73758a48a9685b9942ffb4ae1\n. ATTENTION! ====> ZeroAccess
Tcpip\..\Interfaces\{6124B780-E1F5-4C27-8D22-685920D660D1}: [NameServer]192.168.0.10

==================== Services (Whitelisted) ===================

2 AcrSch2Svc; "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe" [1112744 2010-12-06] (Acronis)
2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2011-04-16] (Acronis)
3 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
2 dgdersvc; C:\Windows\system32\dgdersvc.exe [119632 2010-07-30] (Devguru Co., Ltd.)
2 dgdersvc; C:\Windows\SysWow64\dgdersvc.exe [95568 2010-07-30] (Devguru Co., Ltd.)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 Panda Software Controller; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsCtrls.exe" [173312 2009-08-10] (Panda Security, S.L.)
2 PAVFNSVR; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe" [202048 2010-09-13] (Panda Security, S.L.)
2 PavPrSrv; "C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe" [62768 2008-02-04] (Panda Security, S.L.)
2 PAVSRV; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe" [314176 2010-06-04] (Panda Security, S.L.)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-07-30] ()
2 PSHost; "C:\program files (x86)\panda security\panda internet security 2011\firewall\PSHOST.EXE" [226560 2009-11-26] (Panda Security International)
2 PSIMSVC; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsImSvc.exe" [108288 2008-06-19] (Panda Security S.L.)
2 PskSvcRetail; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe" [28992 2010-08-16] (Panda Security, S.L.)
2 TPSrv; "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\TPSrvWow.exe" [174400 2010-09-29] (Panda Security, S.L.)
3 DAUpdaterSvc; C:\Spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]

==================== Drivers (Whitelisted) =====================

0 1d0c19e5776cf02b; C:\Windows\System32\Drivers\1d0c19e5776cf02b.sys [85432 2012-08-28] () ATTENTION =====> Rootkit?
2 AmFSM; C:\Windows\System32\DRIVERS\amm6460.sys [65608 2010-05-21] (Panda Security, S.L.)
2 APPFLT; \??\C:\Windows\system32\Drivers\APPFLT64.SYS [118280 2010-02-18] (Panda Security, S.L.)
1 AsIO; C:\Windows\SysWow64\Drivers\AsIO.sys [13440 2009-08-04] ()
1 AsUpIO; C:\Windows\SysWow64\Drivers\AsUpIO.sys [13368 2009-07-06] ()
3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] ()
3 avmeject; C:\Windows\System32\Drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
3 BthAvrcp; C:\Windows\System32\Drivers\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
2 ComFiltr; C:\Windows\System32\Drivers\ComFiltr.sys [15928 2010-10-04] ()
3 dgderdrv; C:\Windows\System32\Drivers\dgderdrv.sys [20552 2010-07-30] (Devguru Co., Ltd)
3 dgderdrv; C:\Windows\SysWow64\Drivers\dgderdrv.sys [18120 2010-07-30] (Devguru Co., Ltd)
2 DSAFLT; \??\C:\Windows\system32\Drivers\DSAFLT64.SYS [82952 2009-09-25] (Panda Security, S.L.)
2 FNETMON; \??\C:\Windows\system32\Drivers\fnetm64.SYS [31752 2009-09-25] (Panda Security, S.L.)
3 fwlanusbn; C:\Windows\System32\Drivers\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
3 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
2 IDSFLT; \??\C:\Windows\system32\Drivers\IDSFLT64.SYS [78856 2009-09-25] (Panda Security, S.L.)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
2 NETFLTDI; \??\C:\Windows\system32\Drivers\NETTDI64.SYS [170504 2009-09-25] (Panda Security, S.L.)
3 NETIMFLT01060042; C:\Windows\System32\DRIVERS\n64i1642.sys [214536 2010-02-18] (Panda Security, S.L.)
0 pavboot; C:\Windows\System32\Drivers\pavboot64.sys [30792 2010-06-22] (Panda Security, S.L.)
3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2010-12-02] (Feitian Technologies Co., Ltd.)
1 ShldFlt; C:\Windows\System32\Drivers\ShldFlt.sys [48136 2009-10-27] (Panda Security, S.L.)
0 SI3132; C:\Windows\System32\Drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
0 SiRemFil; C:\Windows\System32\Drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-04-02] (Duplex Secure Ltd.)
2 WNMFLT; \??\C:\Windows\system32\Drivers\WNMFLT64.SYS [74760 2009-09-25] (Panda Security, S.L.)
3 WPN111; C:\Windows\System32\DRIVERS\WPN111vx.sys [1075712 2008-08-05] (Atheros Communications, Inc.)
3 cpuz130; \??\C:\Users\THORST~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
3 GPU-Z; \??\C:\Users\THORST~1\AppData\Local\Temp\GPU-Z.sys [x]
3 PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys [x]
3 Prot6Flt; C:\Windows\System32\DRIVERS\Prot6Flt.sys [x]
3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\WNt500x64\Sandra.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-12-07 17:05 - 2012-12-07 17:05 - 00000000 ____D C:\FRST
2012-12-02 23:49 - 2012-12-03 00:30 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-12-02 18:16 - 2012-12-02 18:16 - 00001174 ____A C:\Windows\PFRO.log
2012-12-02 18:08 - 2012-12-03 20:27 - 00000000 ____D C:\Users\All Users\4AD0184B93A71FBF00004ACFCD852922
2012-12-02 18:06 - 2012-12-03 22:23 - 00000000 ____D C:\Users\***\AppData\Roaming\Ociwci
2012-12-02 18:03 - 2012-12-02 17:52 - 00000504 ____A C:\Users\***\Documents\options.ini
2012-12-02 17:28 - 2012-12-03 20:27 - 00000000 ____D C:\Users\***\Documents\Command and Conquer Generals Zero Hour Data
2012-12-02 16:01 - 2012-12-03 20:27 - 00000000 ____D C:\Users\***\Documents\Stronghold Crusader
2012-12-02 15:52 - 2012-12-03 20:27 - 00000000 ____D C:\Users\***\Documents\Command and Conquer Generals Data
2012-12-02 00:16 - 2012-12-02 17:39 - 00120012 ____A C:\Windows\DirectX.log
2012-12-02 00:04 - 2012-12-02 18:16 - 00000280 ____A C:\Windows\setupact.log
2012-12-02 00:04 - 2012-12-02 00:04 - 00000000 ____A C:\Windows\setuperr.log
2012-11-26 21:52 - 2012-11-26 21:52 - 00001945 ____A C:\Users\Public\Desktop\CDBurnerXP.lnk
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Canneverbe Limited
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Users\All Users\Canneverbe Limited
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2012-11-19 10:50 - 2012-11-19 10:50 - 00076257 ____A C:\Users\***\Desktop\Evaluation Referenten v3.1.odt
2012-11-18 11:23 - 2012-11-18 11:25 - 00001594 ____A C:\Windows\VPNUnInstall.MIF
2012-11-15 23:11 - 2012-11-15 23:11 - 00012180 ____A C:\Users\***\Desktop\Bewertungen PhysikI.xlsx
2012-11-12 20:08 - 2012-11-12 20:26 - 00000000 ____D C:\Users\***\Desktop\Imaginaerum

==================== One Month Modified Files and Folders =======

2012-12-07 17:05 - 2012-12-07 17:05 - 00000000 ____D C:\FRST
2012-12-03 22:23 - 2012-12-02 18:06 - 00000000 ____D C:\Users\***\AppData\Roaming\Ociwci
2012-12-03 20:27 - 2012-12-02 18:08 - 00000000 ____D C:\Users\All Users\4AD0184B93A71FBF00004ACFCD852922
2012-12-03 20:27 - 2012-12-02 17:28 - 00000000 ____D C:\Users\***\Documents\Command and Conquer Generals Zero Hour Data
2012-12-03 20:27 - 2012-12-02 16:01 - 00000000 ____D C:\Users\***\Documents\Stronghold Crusader
2012-12-03 20:27 - 2012-12-02 15:52 - 00000000 ____D C:\Users\***\Documents\Command and Conquer Generals Data
2012-12-03 20:27 - 2012-10-21 15:16 - 00000000 ____D C:\users\Administrator
2012-12-03 20:27 - 2010-12-08 22:17 - 00000000 ____D C:\Users\***\AppData\Roaming\JGsoft
2012-12-03 20:27 - 2010-10-02 15:56 - 00000000 ____D C:\users\***
2012-12-03 20:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\NDF
2012-12-03 20:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2012-12-03 20:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2012-12-03 20:26 - 2010-10-04 14:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-12-03 00:30 - 2012-12-02 23:49 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-12-03 00:12 - 2010-10-04 17:40 - 00000000 ____D C:\Users\***\AppData\Roaming\ICQ
2012-12-02 23:29 - 2010-10-04 15:47 - 00146520 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-02 23:23 - 2010-10-23 13:08 - 00743936 __ASH C:\Users\***\Desktop\Thumbs.db
2012-12-02 18:20 - 2009-07-14 18:58 - 00709726 ____A C:\Windows\System32\perfh007.dat
2012-12-02 18:20 - 2009-07-14 18:58 - 00154078 ____A C:\Windows\System32\perfc007.dat
2012-12-02 18:20 - 2009-07-14 06:13 - 01643640 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-02 18:17 - 2012-01-15 13:31 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2012-12-02 18:17 - 2010-10-04 14:21 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetFlt.cfg.bck
2012-12-02 18:17 - 2010-10-04 14:21 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetFlt.cfg
2012-12-02 18:17 - 2010-10-04 14:20 - 00000152 ____A C:\Windows\System32\Drivers\etc\NetAdapt.cfg.bck
2012-12-02 18:17 - 2010-10-04 14:20 - 00000152 ____A C:\Windows\System32\Drivers\etc\NetAdapt.cfg
2012-12-02 18:16 - 2012-12-02 18:16 - 00001174 ____A C:\Windows\PFRO.log
2012-12-02 18:16 - 2012-12-02 00:04 - 00000280 ____A C:\Windows\setupact.log
2012-12-02 18:16 - 2010-11-16 01:19 - 00001126 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-12-02 18:16 - 2010-10-04 14:22 - 00000320 ____A C:\Windows\System32\Drivers\etc\NetLoc.wlt
2012-12-02 18:16 - 2010-10-04 14:20 - 00000064 ____A C:\Windows\System32\Drivers\etc\NetAR.wlt.bck
2012-12-02 18:16 - 2010-10-04 14:20 - 00000064 ____A C:\Windows\System32\Drivers\etc\NetAR.wlt
2012-12-02 18:16 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-02 18:12 - 2009-07-14 05:45 - 00513136 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-02 18:07 - 2010-10-04 14:17 - 01032256 ____A C:\Windows\System32\Drivers\APPFCONT.DAT.bck
2012-12-02 18:07 - 2010-10-04 14:17 - 01032256 ____A C:\Windows\System32\Drivers\APPFCONT.DAT
2012-12-02 17:52 - 2012-12-02 18:03 - 00000504 ____A C:\Users\***\Documents\options.ini
2012-12-02 17:44 - 2012-04-10 21:48 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-12-02 17:39 - 2012-12-02 00:16 - 00120012 ____A C:\Windows\DirectX.log
2012-12-02 17:16 - 2010-11-16 01:19 - 00001130 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-12-02 16:39 - 2009-07-14 05:45 - 00016928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-12-02 16:39 - 2009-07-14 05:45 - 00016928 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-12-02 00:04 - 2012-12-02 00:04 - 00000000 ____A C:\Windows\setuperr.log
2012-12-01 23:59 - 2011-04-02 11:09 - 00000000 ____D C:\Users\***\AppData\Roaming\DAEMON Tools Lite
2012-12-01 23:58 - 2010-10-06 20:14 - 00000000 ____D C:\Windows\Minidump
2012-12-01 15:11 - 2012-10-28 22:24 - 00000000 ____D C:\Users\***\Desktop\Protokolle PIA2
2012-12-01 14:02 - 2010-10-04 14:22 - 00000056 ____A C:\Windows\System32\Drivers\etc\WnmFlt.cfg.bck
2012-12-01 14:02 - 2010-10-04 14:22 - 00000056 ____A C:\Windows\System32\Drivers\etc\WnmFlt.cfg
2012-12-01 14:02 - 2010-10-04 14:22 - 00000056 ____A C:\Windows\System32\Drivers\etc\DsaFlt.cfg.bck
2012-12-01 14:02 - 2010-10-04 14:22 - 00000056 ____A C:\Windows\System32\Drivers\etc\DsaFlt.cfg
2012-12-01 14:02 - 2010-10-04 14:21 - 00000252 ____A C:\Windows\System32\Drivers\etc\IdsFlt.cfg.bck
2012-12-01 14:02 - 2010-10-04 14:21 - 00000252 ____A C:\Windows\System32\Drivers\etc\IdsFlt.cfg
2012-12-01 14:02 - 2010-10-04 14:17 - 00001132 ____A C:\Windows\System32\Drivers\APPFLTR.CFG.bck
2012-12-01 14:02 - 2010-10-04 14:17 - 00001132 ____A C:\Windows\System32\Drivers\APPFLTR.CFG
2012-11-28 21:40 - 2010-10-04 20:36 - 00000000 ____D C:\Users\***\Desktop\Dateien
2012-11-26 21:52 - 2012-11-26 21:52 - 00001945 ____A C:\Users\Public\Desktop\CDBurnerXP.lnk
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Canneverbe Limited
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Users\All Users\Canneverbe Limited
2012-11-26 21:52 - 2012-11-26 21:52 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2012-11-26 20:56 - 2012-09-14 13:45 - 00000000 ____D C:\Program Files\Recuva
2012-11-26 11:14 - 2010-10-07 17:39 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-26 11:13 - 2012-04-10 21:48 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-26 11:13 - 2011-05-29 10:00 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-11-24 13:49 - 2012-10-01 21:52 - 00000141 ____A C:\Windows\spwdrhag.INI
2012-11-24 13:49 - 2012-10-01 21:52 - 00000000 ____D C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
2012-11-21 21:27 - 2012-02-17 15:04 - 00000150 ____A C:\Users\***\.Xauthority
2012-11-21 21:27 - 2012-02-17 15:04 - 00000000 ____D C:\Users\***\.nx
2012-11-19 10:50 - 2012-11-19 10:50 - 00076257 ____A C:\Users\***\Desktop\Evaluation Referenten v3.1.odt
2012-11-18 12:20 - 2012-02-17 15:05 - 00000000 ____D C:\Users\***\.ssh
2012-11-18 12:19 - 2010-11-20 15:55 - 00001615 ____A C:\Windows\VPNInstall.MIF
2012-11-18 11:25 - 2012-11-18 11:23 - 00001594 ____A C:\Windows\VPNUnInstall.MIF
2012-11-15 23:11 - 2012-11-15 23:11 - 00012180 ____A C:\Users\***\Desktop\Bewertungen PhysikI.xlsx
2012-11-15 21:18 - 2012-01-22 17:09 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2012-11-14 10:25 - 2009-07-14 06:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-11-12 20:26 - 2012-11-12 20:08 - 00000000 ____D C:\Users\***\Desktop\Imaginaerum
2012-11-10 17:50 - 2012-11-03 16:01 - 00076054 ____A C:\Users\***\Desktop\Evaluation Referenten v3.0.odt


ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-765039588-535241434-544004008-1000\$6810dbc73758a48a9685b9942ffb4ae1

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$6810dbc73758a48a9685b9942ffb4ae1

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8190.18 MB
Available physical RAM: 7369.67 MB
Total Pagefile: 8188.33 MB
Available Pagefile: 7369.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:450 GB) (Free:212.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: () (Fixed) (Total:250 GB) (Free:147.48 GB) NTFS
3 Drive e: () (Fixed) (Total:231.5 GB) (Free:93.2 GB) NTFS
4 Drive f: (MEDIIGOLD_DISC1) (CDROM) (Total:7.4 GB) (Free:0 GB) UDF
5 Drive g: (GRMCPRXFRER_DE_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
6 Drive h: (USB DISK) (Removable) (Total:0.24 GB) (Free:0.14 GB) FAT
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Datentr„ger ###  Status        Gr”áe    Frei    Dyn  GPT
  ---------------  -------------  -------  -------  ---  ---
  Datentr„ger 0    Online          931 GB      0 B       
  Datentr„ger 1    Online          246 MB      0 B       

Partitions of Disk 0:
===============

  Partition ###  Typ              Gr”áe    Offset
  -------------  ----------------  -------  -------
  Partition 1    Prim„r            450 GB    31 KB
  Partition 2    Prim„r            250 GB  450 GB
  Partition 3    Prim„r            231 GB  700 GB

==================================================================================

Disk: 0
Partition 1
Typ      : 07
Versteckt: Nein
Aktiv    : Ja

  Volume ###  Bst  Bezeichnung  DS    Typ        Gr”áe    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2    C                NTFS  Partition    450 GB  Fehlerfre         

=========================================================

Disk: 0
Partition 2
Typ      : 07
Versteckt: Nein
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS    Typ        Gr”áe    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3    D                NTFS  Partition    250 GB  Fehlerfre         

=========================================================

Disk: 0
Partition 3
Typ      : 07
Versteckt: Nein
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS    Typ        Gr”áe    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4    E                NTFS  Partition    231 GB  Fehlerfre         

=========================================================

Disk: 0
Partition 3
Typ      : 07
Versteckt: Nein
Aktiv    : Nein

  Volume ###  Bst  Bezeichnung  DS    Typ        Gr”áe    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4    E                NTFS  Partition    231 GB  Fehlerfre         

=========================================================

Partitions of Disk 1:
===============

  Partition ###  Typ              Gr”áe    Offset
  -------------  ----------------  -------  -------
  Partition 1    Prim„r            245 MB    16 KB

==================================================================================

Disk: 1
Partition 1
Typ      : 06
Versteckt: Nein
Aktiv    : Ja

  Volume ###  Bst  Bezeichnung  DS    Typ        Gr”áe    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 5    H  USB DISK    FAT    Wechselmed  245 MB  Fehlerfre         

=========================================================

Disk: 1
Partition 1
Typ      : 06
Versteckt: Nein
Aktiv    : Ja

  Volume ###  Bst  Bezeichnung  DS    Typ        Gr”áe    Status    Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 5    H  USB DISK    FAT    Wechselmed  245 MB  Fehlerfre         

=========================================================

Last Boot: 2012-11-27 10:15

==================== End Of Log =============================

ryder 08.12.2012 13:08
So ich hoffe du weißt noch genau was du da editiert hast und kannst das rückgängig machen.

Zitat:
Lesestoff:
******
Du hast deinen Namen unkenntlich gemacht. Dies macht es auch gleichzeitig schwerer für mich deine Logfiles auszuwerten und dir ein Fixskript zu schreiben. Mache deinen Namen bitte nur dann unkenntlich, wenn es unbedingt nötig ist. Entscheidest du dich dennoch dazu mußt du jedesmal die *** wieder gegen den Benutzernamen austauschen.
Fix mit FRST

Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
0 1d0c19e5776cf02b; C:\Windows\System32\Drivers\1d0c19e5776cf02b.sys [85432 2012-08-28]
C:\Windows\System32\Drivers\1d0c19e5776cf02b.sys
C:\Users\All Users\4AD0184B93A71FBF00004ACFCD852922
HKU\***\...\Run: [Peysyhipca] "C:\Users\***\AppData\Roaming\Ociwci\inyt.exe" [x]
C:\Users\***\AppData\Roaming\Ociwci
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$6810dbc73758a48a9685b9942ffb4ae1\n.
C:\$Recycle.Bin\S-1-5-21-765039588-535241434-544004008-1000
C:\$Recycle.Bin\S-1-5-18
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Dexteron 08.12.2012 13:38
ok, hab ich gemacht:
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-12-2012
Ran by SYSTEM at 2012-12-08 13:36:27 Run:1
Running from H:\

==============================================

1d0c19e5776cf02b service deleted successfully.
C:\Windows\System32\Drivers\1d0c19e5776cf02b.sys moved successfully.
C:\Users\All Users\4AD0184B93A71FBF00004ACFCD852922 moved successfully.
HKEY_USERS***\Software\Microsoft\Windows\CurrentVersion\Run\\Peysyhipca Value deleted successfully.
C:\Users\***\AppData\Roaming\Ociwci moved successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*Restore Value deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default value was restored successfully .
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}] should be deleted in normal mode (if present).
C:\$Recycle.Bin\S-1-5-21-765039588-535241434-544004008-1000 moved successfully.
C:\$Recycle.Bin\S-1-5-18 moved successfully.

==== End of Fixlog ====

ryder 08.12.2012 13:44
In Ordnung. Dann versuche bitte wieder zu booten.

Dexteron 08.12.2012 14:02
Er bootet! Klasse :)

ryder 08.12.2012 14:06
Gut. Dann Finger weg ... nix weiter machen.

Schritt 1:
Laufwerksemulationen abschalten mit Defogger
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:
  • Klicke nun auf den Disable Button, um die Treiber gewisser Emulatoren zu deaktivieren.
  • Defogger wird dich fragen "Defogger will forcefully ... Continue?" bestätige dies mit Ja.
  • Wenn der Scan beendet wurde (Finished), klicke auf OK.
  • Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.
Poste bitte die defogger_disable.txt von deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung.
Schritt 2:
Scan mit aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
Schritt 3:
Scan mit dem TDSS-Killer

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Klicke auf Change parameters, setze einen Haken bei Detect TDLFS file system und bestätige mit OK.
  • Drücke Start Scan
  • Warnung:
    Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
Schritt 4:
Scan mit DDS (+ attach)
Downloade dir bitte DDS (von sUBs) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.

dds.com | dds.scr | dds.pif
  • Schließe alle laufenden Programme und starte DDS mit Doppelklick.
  • Der Desktop wird verschwinden, das ist normal.
  • Stelle folgendes ein:

    [X] dds.txt
    [X] attach.txt
    [ ] options for dds.txt

  • Ändere keine Einstellung ohne Anweisung.
  • Klicke auf Start.
  • Es werden 2 Logfiles auf deinem Desktop erstellt.
    • dds.txt
    • attach.txt
  • Poste die beiden Logfile hier, möglichst in CODE-Tags.

Dexteron 08.12.2012 14:38
Defogger scan:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:10 on 08/12/2012 (***)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Already disabled


-=E.O.F=-
aswMBR stürzt immer ab während er C:Windows\Assembly\GAC_MSIL...scannt

fehlercode:
Code:
Problemsignatur:
  Problemereignisname:        APPCRASH
  Anwendungsname:        aswMBR.exe
  Anwendungsversion:        0.9.9.1707
  Anwendungszeitstempel:        509be8bf
  Fehlermodulname:        ntdll.dll
  Fehlermodulversion:        6.1.7601.17725
  Fehlermodulzeitstempel:        4ec49b8f
  Ausnahmecode:        c0000005
  Ausnahmeoffset:        0002e3be
  Betriebsystemversion:        6.1.7601.2.1.0.256.48
  Gebietsschema-ID:        1031
  Zusatzinformation 1:        0a9e
  Zusatzinformation 2:        0a9e372d3b4ad19135b953a78882e789
  Zusatzinformation 3:        0a9e
  Zusatzinformation 4:        0a9e372d3b4ad19135b953a78882e789

ryder 08.12.2012 14:39
Ok dann unten links "(none)" auswählen und Log so erstellen.

Dexteron 08.12.2012 14:54
aswMBR:
Code:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-08 14:43:41
-----------------------------
14:43:41.413    OS Version: Windows x64 6.1.7601 Service Pack 1
14:43:41.413    Number of processors: 4 586 0x403
14:43:41.413    ComputerName: TWTOWER  UserName:
14:43:48.979    Initialize success
14:43:55.937    AVAST engine defs: 12120701
14:44:26.887    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:44:26.887    Disk 0 Vendor: WDC_WD1002FAEX-00Y9A0 05.01D05 Size: 953869MB BusType: 3
14:44:26.918    Disk 0 MBR read successfully
14:44:26.918    Disk 0 MBR scan
14:44:26.918    Disk 0 Windows 7 default MBR code
14:44:26.934    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS      460801 MB offset 63
14:44:26.965    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      256004 MB offset 943722360
14:44:26.996    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      237060 MB offset 1468019700
14:44:27.074    Disk 0 scanning C:\Windows\system32\drivers
14:45:12.033    Service scanning
14:45:54.169    Modules scanning
14:45:54.169    Disk 0 trace - called modules:
14:45:54.185    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:45:54.185    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007c7d060]
14:45:54.185    3 CLASSPNP.SYS[fffff88001c0143f] -> nt!IofCallDriver -> [0xfffffa80075df520]
14:45:54.185    5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80075db680]
14:45:54.185    Scan finished successfully
14:46:03.638    Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
14:46:03.638    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"
ok, tdss:
Code:
14:39:59.0596 4816  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:40:00.0361 4816  ============================================================
14:40:00.0361 4816  Current date / time: 2012/12/08 14:40:00.0361
14:40:00.0361 4816  SystemInfo:
14:40:00.0361 4816 
14:40:00.0361 4816  OS Version: 6.1.7601 ServicePack: 1.0
14:40:00.0361 4816  Product type: Workstation
14:40:00.0361 4816  ComputerName: TWTOWER
14:40:00.0361 4816  UserName: ***
14:40:00.0361 4816  Windows directory: C:\Windows
14:40:00.0361 4816  System windows directory: C:\Windows
14:40:00.0361 4816  Running under WOW64
14:40:00.0361 4816  Processor architecture: Intel x64
14:40:00.0361 4816  Number of processors: 4
14:40:00.0361 4816  Page size: 0x1000
14:40:00.0361 4816  Boot type: Normal boot
14:40:00.0361 4816  ============================================================
14:40:01.0593 4816  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:40:01.0593 4816  ============================================================
14:40:01.0593 4816  \Device\Harddisk0\DR0:
14:40:01.0593 4816  MBR partitions:
14:40:01.0593 4816  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x38400F39
14:40:01.0593 4816  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38400F78, BlocksNum 0x1F40247C
14:40:01.0593 4816  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x578033F4, BlocksNum 0x1CF025CD
14:40:01.0593 4816  ============================================================
14:40:01.0609 4816  C: <-> \Device\Harddisk0\DR0\Partition1
14:40:01.0624 4816  D: <-> \Device\Harddisk0\DR0\Partition2
14:40:01.0655 4816  E: <-> \Device\Harddisk0\DR0\Partition3
14:40:01.0655 4816  ============================================================
14:40:01.0655 4816  Initialize success
14:40:01.0655 4816  ============================================================
14:40:27.0770 0648  ============================================================
14:40:27.0770 0648  Scan started
14:40:27.0770 0648  Mode: Manual; TDLFS;
14:40:27.0770 0648  ============================================================
14:40:28.0581 0648  ================ Scan system memory ========================
14:40:28.0581 0648  System memory - ok
14:40:28.0581 0648  ================ Scan services =============================
14:40:28.0706 0648  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:40:28.0706 0648  1394ohci - ok
14:40:28.0737 0648  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:40:28.0753 0648  ACPI - ok
14:40:28.0784 0648  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
14:40:28.0784 0648  AcpiPmi - ok
14:40:28.0893 0648  [ 3DD353A5BF7AF6DB7AFF1166435D4AE0 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
14:40:29.0189 0648  AcrSch2Svc - ok
14:40:29.0267 0648  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:40:29.0283 0648  AdobeARMservice - ok
14:40:29.0377 0648  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:40:29.0377 0648  AdobeFlashPlayerUpdateSvc - ok
14:40:29.0408 0648  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
14:40:29.0423 0648  adp94xx - ok
14:40:29.0423 0648  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
14:40:29.0423 0648  adpahci - ok
14:40:29.0439 0648  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
14:40:29.0439 0648  adpu320 - ok
14:40:29.0455 0648  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
14:40:29.0455 0648  AeLookupSvc - ok
14:40:29.0486 0648  [ AE1FCE2CD1E99BEA89183BA8CD320872 ] afcdp          C:\Windows\system32\DRIVERS\afcdp.sys
14:40:29.0486 0648  afcdp - ok
14:40:29.0533 0648  [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
14:40:29.0564 0648  afcdpsrv - ok
14:40:29.0642 0648  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
14:40:29.0642 0648  AFD - ok
14:40:29.0673 0648  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:40:29.0673 0648  agp440 - ok
14:40:29.0689 0648  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
14:40:29.0689 0648  ALG - ok
14:40:29.0704 0648  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:40:29.0704 0648  aliide - ok
14:40:29.0720 0648  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:40:29.0735 0648  amdide - ok
14:40:29.0751 0648  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
14:40:29.0751 0648  AmdK8 - ok
14:40:29.0782 0648  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:40:29.0782 0648  AmdPPM - ok
14:40:29.0813 0648  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
14:40:29.0813 0648  amdsata - ok
14:40:29.0845 0648  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:40:29.0845 0648  amdsbs - ok
14:40:29.0860 0648  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
14:40:29.0860 0648  amdxata - ok
14:40:29.0891 0648  [ 71336E77F98A65EFAAEB950902611D3F ] AmFSM          C:\Windows\system32\DRIVERS\amm6460.sys
14:40:29.0891 0648  AmFSM - ok
14:40:29.0923 0648  [ E86908BFE8B20BB8A30E4737CE3284DA ] APPFLT          C:\Windows\system32\Drivers\APPFLT64.SYS
14:40:29.0923 0648  APPFLT - ok
14:40:29.0954 0648  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
14:40:29.0954 0648  AppID - ok
14:40:29.0954 0648  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:40:29.0969 0648  AppIDSvc - ok
14:40:29.0985 0648  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
14:40:29.0985 0648  Appinfo - ok
14:40:30.0047 0648  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:40:30.0063 0648  Apple Mobile Device - ok
14:40:30.0079 0648  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt        C:\Windows\System32\appmgmts.dll
14:40:30.0079 0648  AppMgmt - ok
14:40:30.0094 0648  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
14:40:30.0094 0648  arc - ok
14:40:30.0110 0648  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:40:30.0110 0648  arcsas - ok
14:40:30.0172 0648  [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
14:40:30.0172 0648  AsIO - ok
14:40:30.0266 0648  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:40:30.0281 0648  aspnet_state - ok
14:40:30.0281 0648  [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
14:40:30.0281 0648  AsUpIO - ok
14:40:30.0313 0648  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:40:30.0313 0648  AsyncMac - ok
14:40:30.0313 0648  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
14:40:30.0313 0648  atapi - ok
14:40:30.0359 0648  [ B07E6681D303A612680223C729B021E2 ] ATITool        C:\Windows\system32\DRIVERS\ATITool64.sys
14:40:30.0359 0648  ATITool - ok
14:40:30.0391 0648  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:40:30.0391 0648  AudioEndpointBuilder - ok
14:40:30.0406 0648  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:40:30.0406 0648  AudioSrv - ok
14:40:30.0469 0648  [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
14:40:30.0484 0648  AVM WLAN Connection Service - ok
14:40:30.0515 0648  [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject        C:\Windows\system32\drivers\avmeject.sys
14:40:30.0515 0648  avmeject - ok
14:40:30.0531 0648  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:40:30.0531 0648  AxInstSV - ok
14:40:30.0547 0648  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
14:40:30.0562 0648  b06bdrv - ok
14:40:30.0562 0648  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:40:30.0562 0648  b57nd60a - ok
14:40:30.0578 0648  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:40:30.0578 0648  BDESVC - ok
14:40:30.0593 0648  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:40:30.0593 0648  Beep - ok
14:40:30.0640 0648  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
14:40:30.0640 0648  BFE - ok
14:40:30.0687 0648  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:40:30.0687 0648  BITS - ok
14:40:30.0703 0648  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:40:30.0703 0648  blbdrive - ok
14:40:30.0765 0648  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:40:30.0765 0648  Bonjour Service - ok
14:40:30.0796 0648  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:40:30.0796 0648  bowser - ok
14:40:30.0812 0648  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:40:30.0812 0648  BrFiltLo - ok
14:40:30.0827 0648  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:40:30.0827 0648  BrFiltUp - ok
14:40:30.0859 0648  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
14:40:30.0859 0648  Browser - ok
14:40:30.0859 0648  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
14:40:30.0859 0648  Brserid - ok
14:40:30.0874 0648  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:40:30.0874 0648  BrSerWdm - ok
14:40:30.0874 0648  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:40:30.0874 0648  BrUsbMdm - ok
14:40:30.0890 0648  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:40:30.0890 0648  BrUsbSer - ok
14:40:30.0921 0648  [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:40:30.0921 0648  BthAvrcp - ok
14:40:30.0952 0648  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum        C:\Windows\system32\drivers\BthEnum.sys
14:40:30.0952 0648  BthEnum - ok
14:40:30.0952 0648  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:40:30.0952 0648  BTHMODEM - ok
14:40:30.0968 0648  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:40:30.0983 0648  BthPan - ok
14:40:30.0999 0648  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
14:40:30.0999 0648  BTHPORT - ok
14:40:31.0015 0648  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
14:40:31.0015 0648  bthserv - ok
14:40:31.0046 0648  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:40:31.0046 0648  BTHUSB - ok
14:40:31.0046 0648  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:40:31.0046 0648  cdfs - ok
14:40:31.0077 0648  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
14:40:31.0077 0648  cdrom - ok
14:40:31.0108 0648  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
14:40:31.0108 0648  CertPropSvc - ok
14:40:31.0124 0648  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:40:31.0124 0648  circlass - ok
14:40:31.0139 0648  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:40:31.0139 0648  CLFS - ok
14:40:31.0186 0648  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:40:31.0202 0648  clr_optimization_v2.0.50727_32 - ok
14:40:31.0233 0648  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:40:31.0233 0648  clr_optimization_v2.0.50727_64 - ok
14:40:31.0295 0648  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:40:31.0295 0648  clr_optimization_v4.0.30319_32 - ok
14:40:31.0327 0648  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:40:31.0327 0648  clr_optimization_v4.0.30319_64 - ok
14:40:31.0358 0648  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:40:31.0358 0648  CmBatt - ok
14:40:31.0373 0648  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:40:31.0373 0648  cmdide - ok
14:40:31.0389 0648  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
14:40:31.0405 0648  CNG - ok
14:40:31.0451 0648  [ 8A64C45F467FB30C47A30AE2819DDD62 ] ComFiltr        C:\Windows\system32\DRIVERS\COMFiltr.sys
14:40:31.0451 0648  ComFiltr - ok
14:40:31.0451 0648  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:40:31.0451 0648  Compbatt - ok
14:40:31.0483 0648  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:40:31.0483 0648  CompositeBus - ok
14:40:31.0483 0648  COMSysApp - ok
14:40:31.0561 0648  cpuz130 - ok
14:40:31.0561 0648  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
14:40:31.0561 0648  crcdisk - ok
14:40:31.0607 0648  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:40:31.0607 0648  CryptSvc - ok
14:40:31.0639 0648  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC            C:\Windows\system32\drivers\csc.sys
14:40:31.0639 0648  CSC - ok
14:40:31.0763 0648  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
14:40:31.0763 0648  CscService - ok
14:40:31.0810 0648  [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
14:40:31.0810 0648  CVirtA - ok
14:40:31.0904 0648  [ 80861969541971176E005D2C09DAE851 ] DAUpdaterSvc    D:\Spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
14:40:31.0919 0648  DAUpdaterSvc - ok
14:40:31.0951 0648  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:40:31.0951 0648  DcomLaunch - ok
14:40:31.0966 0648  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
14:40:31.0966 0648  defragsvc - ok
14:40:31.0997 0648  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:40:31.0997 0648  DfsC - ok
14:40:32.0044 0648  [ DEF365F0F6E017888C4B869D3BA4B8E0 ] dgderdrv        C:\Windows\system32\drivers\dgderdrv.sys
14:40:32.0044 0648  dgderdrv - ok
14:40:32.0075 0648  [ BC3C53000ADCD440F1B23E46DAC302EF ] dgdersvc        C:\Windows\system32\dgdersvc.exe
14:40:32.0075 0648  dgdersvc - ok
14:40:32.0091 0648  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:40:32.0091 0648  Dhcp - ok
14:40:32.0091 0648  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:40:32.0091 0648  discache - ok
14:40:32.0122 0648  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:40:32.0122 0648  Disk - ok
14:40:32.0153 0648  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:40:32.0153 0648  Dnscache - ok
14:40:32.0185 0648  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
14:40:32.0185 0648  dot3svc - ok
14:40:32.0200 0648  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
14:40:32.0216 0648  DPS - ok
14:40:32.0247 0648  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
14:40:32.0247 0648  drmkaud - ok
14:40:32.0263 0648  [ 64648B677D5005749F2FE412254512B7 ] DSAFLT          C:\Windows\system32\Drivers\DSAFLT64.SYS
14:40:32.0263 0648  DSAFLT - ok
14:40:32.0278 0648  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
14:40:32.0278 0648  DXGKrnl - ok
14:40:32.0294 0648  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
14:40:32.0294 0648  EapHost - ok
14:40:32.0341 0648  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
14:40:32.0372 0648  ebdrv - ok
14:40:32.0403 0648  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
14:40:32.0403 0648  EFS - ok
14:40:32.0434 0648  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
14:40:32.0450 0648  ehRecvr - ok
14:40:32.0465 0648  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
14:40:32.0481 0648  ehSched - ok
14:40:32.0497 0648  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
14:40:32.0497 0648  elxstor - ok
14:40:32.0559 0648  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:40:32.0559 0648  ErrDev - ok
14:40:32.0590 0648  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
14:40:32.0590 0648  EventSystem - ok
14:40:32.0606 0648  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
14:40:32.0606 0648  exfat - ok
14:40:32.0606 0648  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
14:40:32.0621 0648  fastfat - ok
14:40:32.0653 0648  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
14:40:32.0653 0648  Fax - ok
14:40:32.0653 0648  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
14:40:32.0653 0648  fdc - ok
14:40:32.0668 0648  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
14:40:32.0668 0648  fdPHost - ok
14:40:32.0668 0648  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:40:32.0668 0648  FDResPub - ok
14:40:32.0684 0648  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:40:32.0684 0648  FileInfo - ok
14:40:32.0699 0648  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
14:40:32.0699 0648  Filetrace - ok
14:40:32.0699 0648  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:40:32.0699 0648  flpydisk - ok
14:40:32.0746 0648  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:40:32.0746 0648  FltMgr - ok
14:40:32.0746 0648  [ 50C6C310A98108A94E985FD46B4E150C ] FNETMON        C:\Windows\system32\Drivers\fnetm64.SYS
14:40:32.0746 0648  FNETMON - ok
14:40:32.0777 0648  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
14:40:32.0793 0648  FontCache - ok
14:40:32.0840 0648  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:40:32.0840 0648  FontCache3.0.0.0 - ok
14:40:32.0840 0648  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
14:40:32.0840 0648  FsDepends - ok
14:40:32.0871 0648  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:40:32.0871 0648  Fs_Rec - ok
14:40:32.0902 0648  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:40:32.0902 0648  fvevol - ok
14:40:32.0949 0648  [ 15585492E45E2F30768B2D5B57929D99 ] fwlanusbn      C:\Windows\system32\DRIVERS\fwlanusbn.sys
14:40:32.0965 0648  fwlanusbn - ok
14:40:32.0996 0648  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:40:32.0996 0648  gagp30kx - ok
14:40:33.0043 0648  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:40:33.0043 0648  GEARAspiWDM - ok
14:40:33.0089 0648  [ 676B3710A6F3D3A97A4B5859BC0E0BB7 ] GeneStor        C:\Windows\system32\DRIVERS\GeneStor.sys
14:40:33.0089 0648  GeneStor - ok
14:40:33.0136 0648  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
14:40:33.0136 0648  gpsvc - ok
14:40:33.0152 0648  GPU-Z - ok
14:40:33.0245 0648  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:40:33.0245 0648  gupdate - ok
14:40:33.0261 0648  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:40:33.0261 0648  gupdatem - ok
14:40:33.0277 0648  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:40:33.0277 0648  hcw85cir - ok
14:40:33.0308 0648  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:40:33.0308 0648  HdAudAddService - ok
14:40:33.0323 0648  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:40:33.0323 0648  HDAudBus - ok
14:40:33.0339 0648  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
14:40:33.0339 0648  HidBatt - ok
14:40:33.0355 0648  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:40:33.0355 0648  HidBth - ok
14:40:33.0370 0648  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
14:40:33.0370 0648  HidIr - ok
14:40:33.0386 0648  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
14:40:33.0386 0648  hidserv - ok
14:40:33.0417 0648  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:40:33.0417 0648  HidUsb - ok
14:40:33.0433 0648  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:40:33.0448 0648  hkmsvc - ok
14:40:33.0464 0648  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:40:33.0479 0648  HomeGroupListener - ok
14:40:33.0511 0648  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:40:33.0511 0648  HomeGroupProvider - ok
14:40:33.0526 0648  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:40:33.0526 0648  HpSAMD - ok
14:40:33.0557 0648  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:40:33.0573 0648  HTTP - ok
14:40:33.0589 0648  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:40:33.0589 0648  hwpolicy - ok
14:40:33.0604 0648  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:40:33.0604 0648  i8042prt - ok
14:40:33.0651 0648  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
14:40:33.0651 0648  iaStorV - ok
14:40:33.0667 0648  [ 731791F5391083F0CC8CB5A00BBD5E89 ] IDSFLT          C:\Windows\system32\Drivers\IDSFLT64.SYS
14:40:33.0667 0648  IDSFLT - ok
14:40:33.0682 0648  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:40:33.0713 0648  idsvc - ok
14:40:33.0729 0648  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
14:40:33.0729 0648  iirsp - ok
14:40:33.0745 0648  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:40:33.0760 0648  IKEEXT - ok
14:40:33.0823 0648  [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:40:33.0854 0648  IntcAzAudAddService - ok
14:40:33.0885 0648  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:40:33.0885 0648  intelide - ok
14:40:33.0916 0648  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:40:33.0916 0648  intelppm - ok
14:40:33.0947 0648  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
14:40:33.0963 0648  IPBusEnum - ok
14:40:33.0979 0648  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:40:33.0979 0648  IpFilterDriver - ok
14:40:34.0010 0648  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
14:40:34.0010 0648  IPMIDRV - ok
14:40:34.0041 0648  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
14:40:34.0041 0648  IPNAT - ok
14:40:34.0088 0648  [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:40:34.0103 0648  iPod Service - ok
14:40:34.0119 0648  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:40:34.0119 0648  IRENUM - ok
14:40:34.0135 0648  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:40:34.0135 0648  isapnp - ok
14:40:34.0166 0648  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:40:34.0166 0648  iScsiPrt - ok
14:40:34.0181 0648  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:40:34.0181 0648  kbdclass - ok
14:40:34.0197 0648  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:40:34.0197 0648  kbdhid - ok
14:40:34.0213 0648  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:40:34.0213 0648  KeyIso - ok
14:40:34.0228 0648  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:40:34.0228 0648  KSecDD - ok
14:40:34.0259 0648  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
14:40:34.0259 0648  KSecPkg - ok
14:40:34.0275 0648  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
14:40:34.0275 0648  ksthunk - ok
14:40:34.0306 0648  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
14:40:34.0306 0648  KtmRm - ok
14:40:34.0337 0648  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:40:34.0337 0648  LanmanServer - ok
14:40:34.0369 0648  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:40:34.0369 0648  LanmanWorkstation - ok
14:40:34.0447 0648  [ 7447F069CE66633DAFA0B2DEEE7AF5BA ] LBTServ        C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:40:34.0462 0648  LBTServ - ok
14:40:34.0478 0648  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
14:40:34.0478 0648  LGBusEnum - ok
14:40:34.0493 0648  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
14:40:34.0493 0648  LGVirHid - ok
14:40:34.0525 0648  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:40:34.0525 0648  lltdio - ok
14:40:34.0540 0648  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
14:40:34.0540 0648  lltdsvc - ok
14:40:34.0556 0648  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
14:40:34.0556 0648  lmhosts - ok
14:40:34.0571 0648  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:40:34.0571 0648  LSI_FC - ok
14:40:34.0571 0648  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
14:40:34.0587 0648  LSI_SAS - ok
14:40:34.0587 0648  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:40:34.0587 0648  LSI_SAS2 - ok
14:40:34.0603 0648  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:40:34.0603 0648  LSI_SCSI - ok
14:40:34.0618 0648  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
14:40:34.0618 0648  luafv - ok
14:40:34.0681 0648  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:40:34.0696 0648  MBAMScheduler - ok
14:40:34.0712 0648  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
14:40:34.0712 0648  Mcx2Svc - ok
14:40:34.0727 0648  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
14:40:34.0727 0648  megasas - ok
14:40:34.0727 0648  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:40:34.0743 0648  MegaSR - ok
14:40:34.0759 0648  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
14:40:34.0759 0648  MMCSS - ok
14:40:34.0774 0648  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
14:40:34.0774 0648  Modem - ok
14:40:34.0790 0648  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
14:40:34.0790 0648  monitor - ok
14:40:34.0805 0648  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
14:40:34.0805 0648  mouclass - ok
14:40:34.0837 0648  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:40:34.0837 0648  mouhid - ok
14:40:34.0852 0648  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:40:34.0852 0648  mountmgr - ok
14:40:34.0868 0648  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:40:34.0868 0648  mpio - ok
14:40:34.0883 0648  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:40:34.0883 0648  mpsdrv - ok
14:40:34.0915 0648  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:40:34.0915 0648  MRxDAV - ok
14:40:34.0930 0648  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:40:34.0930 0648  mrxsmb - ok
14:40:34.0961 0648  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:40:34.0961 0648  mrxsmb10 - ok
14:40:34.0961 0648  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:40:34.0961 0648  mrxsmb20 - ok
14:40:34.0993 0648  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:40:34.0993 0648  msahci - ok
14:40:35.0008 0648  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
14:40:35.0008 0648  msdsm - ok
14:40:35.0024 0648  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
14:40:35.0024 0648  MSDTC - ok
14:40:35.0039 0648  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:40:35.0039 0648  Msfs - ok
14:40:35.0039 0648  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
14:40:35.0039 0648  mshidkmdf - ok
14:40:35.0055 0648  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:40:35.0055 0648  msisadrv - ok
14:40:35.0071 0648  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
14:40:35.0071 0648  MSiSCSI - ok
14:40:35.0071 0648  msiserver - ok
14:40:35.0102 0648  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
14:40:35.0102 0648  MSKSSRV - ok
14:40:35.0133 0648  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:40:35.0133 0648  MSPCLOCK - ok
14:40:35.0149 0648  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
14:40:35.0149 0648  MSPQM - ok
14:40:35.0164 0648  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
14:40:35.0164 0648  MsRPC - ok
14:40:35.0180 0648  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:40:35.0180 0648  mssmbios - ok
14:40:35.0195 0648  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
14:40:35.0195 0648  MSTEE - ok
14:40:35.0211 0648  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:40:35.0211 0648  MTConfig - ok
14:40:35.0227 0648  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
14:40:35.0227 0648  MTsensor - ok
14:40:35.0258 0648  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
14:40:35.0258 0648  Mup - ok
14:40:35.0289 0648  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:40:35.0289 0648  napagent - ok
14:40:35.0305 0648  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
14:40:35.0305 0648  NativeWifiP - ok
14:40:35.0320 0648  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:40:35.0336 0648  NDIS - ok
14:40:35.0336 0648  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
14:40:35.0336 0648  NdisCap - ok
14:40:35.0351 0648  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:40:35.0351 0648  NdisTapi - ok
14:40:35.0383 0648  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
14:40:35.0383 0648  Ndisuio - ok
14:40:35.0398 0648  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
14:40:35.0414 0648  NdisWan - ok
14:40:35.0445 0648  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
14:40:35.0445 0648  NDProxy - ok
14:40:35.0445 0648  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
14:40:35.0445 0648  NetBIOS - ok
14:40:35.0476 0648  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
14:40:35.0492 0648  NetBT - ok
14:40:35.0507 0648  [ BA99A34A9B5EB737CE54BC0A7C596609 ] NETFLTDI        C:\Windows\system32\Drivers\NETTDI64.SYS
14:40:35.0507 0648  NETFLTDI - ok
14:40:35.0507 0648  [ 4D69EBC1A362D392226662560CB8A8B0 ] NETIMFLT01060042 C:\Windows\system32\DRIVERS\n64i1642.sys
14:40:35.0507 0648  NETIMFLT01060042 - ok
14:40:35.0523 0648  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:40:35.0523 0648  Netlogon - ok
14:40:35.0570 0648  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:40:35.0570 0648  Netman - ok
14:40:35.0632 0648  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:40:35.0648 0648  NetMsmqActivator - ok
14:40:35.0648 0648  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:40:35.0648 0648  NetPipeActivator - ok
14:40:35.0663 0648  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:40:35.0663 0648  netprofm - ok
14:40:35.0679 0648  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:40:35.0679 0648  NetTcpActivator - ok
14:40:35.0679 0648  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:40:35.0679 0648  NetTcpPortSharing - ok
14:40:35.0695 0648  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
14:40:35.0695 0648  nfrd960 - ok
14:40:35.0726 0648  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:40:35.0726 0648  NlaSvc - ok
14:40:35.0741 0648  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:40:35.0741 0648  Npfs - ok
14:40:35.0741 0648  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
14:40:35.0741 0648  nsi - ok
14:40:35.0757 0648  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:40:35.0757 0648  nsiproxy - ok
14:40:35.0804 0648  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:40:35.0819 0648  Ntfs - ok
14:40:35.0835 0648  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:40:35.0835 0648  Null - ok
14:40:35.0866 0648  [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
14:40:35.0882 0648  nusb3hub - ok
14:40:35.0913 0648  [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:40:35.0913 0648  nusb3xhc - ok
14:40:35.0960 0648  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
14:40:35.0960 0648  NVENETFD - ok
14:40:36.0147 0648  [ F12C5F17D48D9F5C70E4408B3CCB5443 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:40:36.0241 0648  nvlddmkm - ok
14:40:36.0256 0648  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:40:36.0272 0648  nvraid - ok
14:40:36.0287 0648  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:40:36.0287 0648  nvstor - ok
14:40:36.0334 0648  [ 69920E391EB69C595886E960855990D7 ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
14:40:36.0334 0648  nvstor64 - ok
14:40:36.0381 0648  [ 8A55543C379B0582F0C33DB447D1C892 ] NVSvc          C:\Windows\system32\nvvsvc.exe
14:40:36.0381 0648  NVSvc - ok
14:40:36.0412 0648  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:40:36.0412 0648  nv_agp - ok
14:40:36.0490 0648  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:40:36.0521 0648  odserv - ok
14:40:36.0568 0648  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:40:36.0568 0648  ohci1394 - ok
14:40:36.0599 0648  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:40:37.0239 0648  ose - ok
14:40:37.0364 0648  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:40:37.0535 0648  osppsvc - ok
14:40:37.0551 0648  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:40:37.0551 0648  p2pimsvc - ok
14:40:37.0567 0648  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:40:37.0567 0648  p2psvc - ok
14:40:37.0629 0648  [ 78B7642B0C51F24F0835C0226540D58B ] Panda Software Controller C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsCtrls.exe
14:40:37.0629 0648  Panda Software Controller - ok
14:40:37.0645 0648  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
14:40:37.0645 0648  Parport - ok
14:40:37.0660 0648  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
14:40:37.0660 0648  partmgr - ok
14:40:37.0676 0648  [ 337A81B3FF34F9851D245D42A725FC22 ] pavboot        C:\Windows\system32\Drivers\pavboot64.sys
14:40:37.0676 0648  pavboot - ok
14:40:37.0707 0648  [ BDD6EF7BADC2D4F8FF036150491F0204 ] PAVFNSVR        C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe
14:40:37.0723 0648  PAVFNSVR - ok
14:40:37.0738 0648  [ 2AE3F6B23448443BBEF5DE207159213B ] PavPrSrv        C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
14:40:37.0738 0648  PavPrSrv - ok
14:40:37.0754 0648  [ 97005413310966001FB6F4A5C503149C ] PAVSRV          C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe
14:40:37.0988 0648  PAVSRV - ok
14:40:38.0003 0648  PavTPK.sys - ok
14:40:38.0035 0648  [ 304E6AC43613A9C43896C4300009442B ] PCAMp50a64      C:\Windows\system32\Drivers\PCAMp50a64.sys
14:40:38.0035 0648  PCAMp50a64 - ok
14:40:38.0035 0648  [ 18B6869E23937175144E6F1D3CB85FC2 ] PCASp50a64      C:\Windows\system32\Drivers\PCASp50a64.sys
14:40:38.0035 0648  PCASp50a64 - ok
14:40:38.0050 0648  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:40:38.0050 0648  PcaSvc - ok
14:40:38.0066 0648  [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:40:38.0066 0648  pccsmcfd - ok
14:40:38.0097 0648  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
14:40:38.0097 0648  pci - ok
14:40:38.0113 0648  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:40:38.0113 0648  pciide - ok
14:40:38.0128 0648  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:40:38.0128 0648  pcmcia - ok
14:40:38.0144 0648  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
14:40:38.0144 0648  pcw - ok
14:40:38.0144 0648  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:40:38.0159 0648  PEAUTH - ok
14:40:38.0191 0648  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
14:40:38.0191 0648  PeerDistSvc - ok
14:40:38.0237 0648  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:40:38.0253 0648  PerfHost - ok
14:40:38.0284 0648  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
14:40:38.0300 0648  pla - ok
14:40:38.0331 0648  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:40:38.0331 0648  PlugPlay - ok
14:40:38.0362 0648  PnkBstrA - ok
14:40:38.0378 0648  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
14:40:38.0378 0648  PNRPAutoReg - ok
14:40:38.0393 0648  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
14:40:38.0393 0648  PNRPsvc - ok
14:40:38.0409 0648  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
14:40:38.0409 0648  PolicyAgent - ok
14:40:38.0425 0648  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
14:40:38.0425 0648  Power - ok
14:40:38.0456 0648  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:40:38.0456 0648  PptpMiniport - ok
14:40:38.0456 0648  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
14:40:38.0456 0648  Processor - ok
14:40:38.0487 0648  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
14:40:38.0487 0648  ProfSvc - ok
14:40:38.0503 0648  Prot6Flt - ok
14:40:38.0503 0648  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:40:38.0518 0648  ProtectedStorage - ok
14:40:38.0534 0648  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:40:38.0534 0648  Psched - ok
14:40:38.0549 0648  [ 532053E8E3BB8FA7166AB4E7685FDDCC ] PSHost          c:\program files (x86)\panda security\panda internet security 2011\firewall\PSHOST.EXE
14:40:38.0565 0648  PSHost - ok
14:40:38.0581 0648  [ 196C450F2779D0B462C444DA4906EA7F ] PSIMSVC        C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsImSvc.exe
14:40:38.0799 0648  PSIMSVC - ok
14:40:38.0815 0648  [ 341457B79B3FC31A80C346C767045879 ] PskSvcRetail    C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe
14:40:38.0815 0648  PskSvcRetail - ok
14:40:38.0846 0648  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:40:38.0846 0648  ql2300 - ok
14:40:38.0861 0648  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:40:38.0861 0648  ql40xx - ok
14:40:38.0877 0648  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
14:40:38.0877 0648  QWAVE - ok
14:40:38.0893 0648  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:40:38.0893 0648  QWAVEdrv - ok
14:40:38.0893 0648  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:40:38.0893 0648  RasAcd - ok
14:40:38.0924 0648  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
14:40:38.0924 0648  RasAgileVpn - ok
14:40:38.0939 0648  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
14:40:38.0939 0648  RasAuto - ok
14:40:38.0971 0648  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
14:40:38.0971 0648  Rasl2tp - ok
14:40:39.0002 0648  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:40:39.0002 0648  RasMan - ok
14:40:39.0017 0648  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:40:39.0017 0648  RasPppoe - ok
14:40:39.0033 0648  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
14:40:39.0033 0648  RasSstp - ok
14:40:39.0049 0648  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
14:40:39.0049 0648  rdbss - ok
14:40:39.0064 0648  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:40:39.0064 0648  rdpbus - ok
14:40:39.0064 0648  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:40:39.0064 0648  RDPCDD - ok
14:40:39.0095 0648  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
14:40:39.0095 0648  RDPDR - ok
14:40:39.0111 0648  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:40:39.0111 0648  RDPENCDD - ok
14:40:39.0111 0648  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:40:39.0111 0648  RDPREFMP - ok
14:40:39.0142 0648  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
14:40:39.0142 0648  RDPWD - ok
14:40:39.0173 0648  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:40:39.0173 0648  rdyboost - ok
14:40:39.0189 0648  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:40:39.0189 0648  RemoteAccess - ok
14:40:39.0205 0648  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:40:39.0205 0648  RemoteRegistry - ok
14:40:39.0236 0648  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:40:39.0236 0648  RFCOMM - ok
14:40:39.0283 0648  [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
14:40:39.0283 0648  RMCAST - ok
14:40:39.0314 0648  [ A241B009194E322D6F21CF61BB998A56 ] ROCKEYNT        C:\Windows\system32\DRIVERS\Rockey4.sys
14:40:39.0314 0648  ROCKEYNT - ok
14:40:39.0329 0648  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:40:39.0329 0648  RpcEptMapper - ok
14:40:39.0345 0648  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:40:39.0345 0648  RpcLocator - ok
14:40:39.0376 0648  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
14:40:39.0376 0648  RpcSs - ok
14:40:39.0392 0648  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:40:39.0392 0648  rspndr - ok
14:40:39.0423 0648  [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
14:40:39.0439 0648  RTL8167 - ok
14:40:39.0454 0648  [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187        C:\Windows\system32\DRIVERS\rtl8187.sys
14:40:39.0470 0648  RTL8187 - ok
14:40:39.0485 0648  [ E60C0A09F997826C7627B244195AB581 ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
14:40:39.0485 0648  s3cap - ok
14:40:39.0485 0648  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
14:40:39.0485 0648  SamSs - ok
14:40:39.0517 0648  SANDRA - ok
14:40:39.0532 0648  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:40:39.0532 0648  sbp2port - ok
14:40:39.0548 0648  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:40:39.0548 0648  SCardSvr - ok
14:40:39.0563 0648  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:40:39.0579 0648  scfilter - ok
14:40:39.0610 0648  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:40:39.0610 0648  Schedule - ok
14:40:39.0641 0648  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
14:40:39.0641 0648  SCPolicySvc - ok
14:40:39.0673 0648  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:40:39.0673 0648  SDRSVC - ok
14:40:39.0688 0648  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:40:39.0688 0648  secdrv - ok
14:40:39.0719 0648  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:40:39.0719 0648  seclogon - ok
14:40:39.0735 0648  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:40:39.0735 0648  SENS - ok
14:40:39.0751 0648  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:40:39.0751 0648  SensrSvc - ok
14:40:39.0782 0648  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
14:40:39.0782 0648  Serenum - ok
14:40:39.0797 0648  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:40:39.0797 0648  Serial - ok
14:40:39.0829 0648  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:40:39.0829 0648  sermouse - ok
14:40:39.0891 0648  [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
14:40:39.0922 0648  ServiceLayer - ok
14:40:39.0953 0648  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:40:39.0953 0648  SessionEnv - ok
14:40:39.0969 0648  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
14:40:39.0969 0648  sffdisk - ok
14:40:39.0985 0648  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:40:39.0985 0648  sffp_mmc - ok
14:40:39.0985 0648  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
14:40:39.0985 0648  sffp_sd - ok
14:40:40.0000 0648  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
14:40:40.0000 0648  sfloppy - ok
14:40:40.0016 0648  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:40:40.0016 0648  ShellHWDetection - ok
14:40:40.0031 0648  [ 03639A3B26AA808BAE79D89FDB4B151C ] ShldFlt        C:\Windows\system32\DRIVERS\ShldFlt.sys
14:40:40.0031 0648  ShldFlt - ok
14:40:40.0063 0648  [ 0F498DEE92FD73DD999BAE4D506367F5 ] SI3132          C:\Windows\system32\DRIVERS\SI3132.sys
14:40:40.0063 0648  SI3132 - ok
14:40:40.0063 0648  [ 127CE10E01F53F2EDACA7FE42E5631EA ] SiFilter        C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:40:40.0063 0648  SiFilter - ok
14:40:40.0078 0648  [ B742C37002B8EBEF6E230DF9B4B28546 ] SiRemFil        C:\Windows\system32\DRIVERS\SiRemFil.sys
14:40:40.0078 0648  SiRemFil - ok
14:40:40.0078 0648  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:40:40.0078 0648  SiSRaid2 - ok
14:40:40.0094 0648  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:40:40.0094 0648  SiSRaid4 - ok
14:40:40.0141 0648  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
14:40:42.0621 0648  SkypeUpdate - ok
14:40:42.0652 0648  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
14:40:42.0652 0648  Smb - ok
14:40:42.0715 0648  [ 10450F432811D7FDA60A97FCC674D7B2 ] snapman        C:\Windows\system32\DRIVERS\snapman.sys
14:40:42.0715 0648  snapman - ok
14:40:42.0746 0648  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:40:42.0746 0648  SNMPTRAP - ok
14:40:42.0746 0648  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
14:40:42.0746 0648  spldr - ok
14:40:42.0777 0648  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
14:40:42.0777 0648  Spooler - ok
14:40:42.0855 0648  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:40:42.0871 0648  sppsvc - ok
14:40:42.0871 0648  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
14:40:42.0871 0648  sppuinotify - ok
14:40:42.0933 0648  [ 602884696850C86434530790B110E8EB ] sptd            C:\Windows\System32\Drivers\sptd.sys
14:40:42.0933 0648  sptd - ok
14:40:42.0964 0648  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
14:40:42.0964 0648  srv - ok
14:40:42.0980 0648  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:40:42.0980 0648  srv2 - ok
14:40:42.0995 0648  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:40:42.0995 0648  srvnet - ok
14:40:43.0027 0648  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
14:40:43.0027 0648  SSDPSRV - ok
14:40:43.0042 0648  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
14:40:43.0042 0648  SstpSvc - ok
14:40:43.0073 0648  [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus          C:\Windows\system32\DRIVERS\ss_bus.sys
14:40:43.0089 0648  ss_bus - ok
14:40:43.0089 0648  [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl        C:\Windows\system32\DRIVERS\ss_mdfl.sys
14:40:43.0089 0648  ss_mdfl - ok
14:40:43.0105 0648  [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm          C:\Windows\system32\DRIVERS\ss_mdm.sys
14:40:43.0105 0648  ss_mdm - ok
14:40:43.0151 0648  Steam Client Service - ok
14:40:43.0167 0648  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:40:43.0167 0648  stexstor - ok
14:40:43.0198 0648  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:40:43.0198 0648  StillCam - ok
14:40:43.0229 0648  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:40:43.0229 0648  stisvc - ok
14:40:43.0261 0648  [ 7785DC213270D2FC066538DAF94087E7 ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
14:40:43.0261 0648  storflt - ok
14:40:43.0276 0648  [ C40841817EF57D491F22EB103DA587CC ] StorSvc        C:\Windows\system32\storsvc.dll
14:40:43.0276 0648  StorSvc - ok
14:40:43.0292 0648  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc        C:\Windows\system32\drivers\storvsc.sys
14:40:43.0292 0648  storvsc - ok
14:40:43.0292 0648  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:40:43.0292 0648  swenum - ok
14:40:43.0323 0648  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
14:40:43.0323 0648  swprv - ok
14:40:43.0370 0648  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
14:40:43.0370 0648  SysMain - ok
14:40:43.0385 0648  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:40:43.0385 0648  TabletInputService - ok
14:40:43.0401 0648  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
14:40:43.0401 0648  TapiSrv - ok
14:40:43.0417 0648  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
14:40:43.0417 0648  TBS - ok
14:40:43.0479 0648  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
14:40:43.0495 0648  Tcpip - ok
14:40:43.0541 0648  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:40:43.0557 0648  TCPIP6 - ok
14:40:43.0573 0648  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:40:43.0573 0648  tcpipreg - ok
14:40:43.0604 0648  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:40:43.0604 0648  TDPIPE - ok
14:40:43.0651 0648  [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273      C:\Windows\system32\DRIVERS\tdrpm273.sys
14:40:43.0666 0648  tdrpman273 - ok
14:40:43.0697 0648  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
14:40:43.0697 0648  TDTCP - ok
14:40:43.0729 0648  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
14:40:43.0729 0648  tdx - ok
14:40:43.0729 0648  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:40:43.0729 0648  TermDD - ok
14:40:43.0775 0648  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
14:40:43.0775 0648  TermService - ok
14:40:43.0807 0648  [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk      C:\Windows\System32\Drivers\TFsExDisk.sys
14:40:43.0807 0648  TFsExDisk - ok
14:40:43.0822 0648  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:40:43.0822 0648  Themes - ok
14:40:43.0838 0648  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
14:40:43.0838 0648  THREADORDER - ok
14:40:43.0869 0648  [ EBBAEA02F0095A798000C7E06B16D41B ] timounter      C:\Windows\system32\DRIVERS\timntr.sys
14:40:43.0885 0648  timounter - ok
14:40:43.0900 0648  [ AEEF3C000F9250EF0B1534A8DC5A06AD ] TPSrv          C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\TPSrvWow.exe
14:40:43.0900 0648  TPSrv - ok
14:40:43.0916 0648  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:40:43.0916 0648  TrkWks - ok
14:40:43.0947 0648  [ EA43DE1743C1BA0D2D17B8DB90C91D88 ] truecrypt      C:\Windows\system32\drivers\truecrypt.sys
14:40:43.0963 0648  truecrypt - ok
14:40:43.0994 0648  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:40:43.0994 0648  TrustedInstaller - ok
14:40:44.0025 0648  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:40:44.0025 0648  tssecsrv - ok
14:40:44.0056 0648  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:40:44.0056 0648  TsUsbFlt - ok
14:40:44.0087 0648  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:40:44.0087 0648  tunnel - ok
14:40:44.0103 0648  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:40:44.0103 0648  uagp35 - ok
14:40:44.0134 0648  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:40:44.0134 0648  udfs - ok
14:40:44.0150 0648  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
14:40:44.0150 0648  UI0Detect - ok
14:40:44.0181 0648  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:40:44.0181 0648  uliagpkx - ok
14:40:44.0212 0648  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
14:40:44.0212 0648  umbus - ok
14:40:44.0228 0648  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:40:44.0228 0648  UmPass - ok
14:40:44.0243 0648  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
14:40:44.0259 0648  UmRdpService - ok
14:40:44.0259 0648  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:40:44.0259 0648  upnphost - ok
14:40:44.0290 0648  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
14:40:44.0290 0648  usbccgp - ok
14:40:44.0321 0648  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:40:44.0321 0648  usbcir - ok
14:40:44.0353 0648  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
14:40:44.0353 0648  usbehci - ok
14:40:44.0353 0648  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:40:44.0368 0648  usbhub - ok
14:40:44.0368 0648  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
14:40:44.0368 0648  usbohci - ok
14:40:44.0384 0648  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:40:44.0384 0648  usbprint - ok
14:40:44.0415 0648  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:40:44.0415 0648  USBSTOR - ok
14:40:44.0415 0648  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
14:40:44.0415 0648  usbuhci - ok
14:40:44.0446 0648  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
14:40:44.0446 0648  UxSms - ok
14:40:44.0446 0648  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:40:44.0446 0648  VaultSvc - ok
14:40:44.0477 0648  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
14:40:44.0477 0648  VClone - ok
14:40:44.0493 0648  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:40:44.0493 0648  vdrvroot - ok
14:40:44.0524 0648  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
14:40:44.0524 0648  vds - ok
14:40:44.0555 0648  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
14:40:44.0555 0648  vga - ok
14:40:44.0571 0648  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
14:40:44.0571 0648  VgaSave - ok
14:40:44.0587 0648  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
14:40:44.0587 0648  vhdmp - ok
14:40:44.0602 0648  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:40:44.0602 0648  viaide - ok
14:40:44.0618 0648  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus          C:\Windows\system32\drivers\vmbus.sys
14:40:44.0618 0648  vmbus - ok
14:40:44.0633 0648  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:40:44.0633 0648  VMBusHID - ok
14:40:44.0649 0648  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:40:44.0649 0648  volmgr - ok
14:40:44.0680 0648  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
14:40:44.0680 0648  volmgrx - ok
14:40:44.0711 0648  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
14:40:44.0711 0648  volsnap - ok
14:40:44.0743 0648  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
14:40:44.0743 0648  vpcbus - ok
14:40:44.0774 0648  [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
14:40:44.0774 0648  vpcnfltr - ok
14:40:44.0789 0648  [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
14:40:44.0789 0648  vpcusb - ok
14:40:44.0836 0648  [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
14:40:44.0836 0648  vpcvmm - ok
14:40:44.0836 0648  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
14:40:44.0836 0648  vsmraid - ok
14:40:44.0867 0648  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
14:40:44.0883 0648  VSS - ok
14:40:44.0899 0648  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:40:44.0899 0648  vwifibus - ok
14:40:44.0930 0648  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:40:44.0930 0648  vwififlt - ok
14:40:44.0930 0648  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
14:40:44.0945 0648  W32Time - ok
14:40:44.0945 0648  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:40:44.0945 0648  WacomPen - ok
14:40:44.0977 0648  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:40:44.0977 0648  WANARP - ok
14:40:44.0992 0648  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:40:44.0992 0648  Wanarpv6 - ok
14:40:45.0055 0648  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
14:40:45.0086 0648  WatAdminSvc - ok
14:40:45.0117 0648  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:40:45.0117 0648  wbengine - ok
14:40:45.0148 0648  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:40:45.0148 0648  WbioSrvc - ok
14:40:45.0179 0648  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
14:40:45.0179 0648  wcncsvc - ok
14:40:45.0195 0648  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:40:45.0195 0648  WcsPlugInService - ok
14:40:45.0211 0648  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:40:45.0211 0648  Wd - ok
14:40:45.0226 0648  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:40:45.0226 0648  Wdf01000 - ok
14:40:45.0242 0648  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:40:45.0242 0648  WdiServiceHost - ok
14:40:45.0242 0648  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
14:40:45.0242 0648  WdiSystemHost - ok
14:40:45.0273 0648  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
14:40:45.0273 0648  WebClient - ok
14:40:45.0289 0648  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:40:45.0289 0648  Wecsvc - ok
14:40:45.0289 0648  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
14:40:45.0289 0648  wercplsupport - ok
14:40:45.0320 0648  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:40:45.0320 0648  WerSvc - ok
14:40:45.0335 0648  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:40:45.0335 0648  WfpLwf - ok
14:40:45.0351 0648  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:40:45.0351 0648  WIMMount - ok
14:40:45.0351 0648  WinHttpAutoProxySvc - ok
14:40:45.0382 0648  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
14:40:45.0398 0648  Winmgmt - ok
14:40:45.0445 0648  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
14:40:45.0460 0648  WinRM - ok
14:40:45.0491 0648  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:40:45.0507 0648  WinUsb - ok
14:40:45.0538 0648  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
14:40:45.0538 0648  Wlansvc - ok
14:40:45.0569 0648  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
14:40:45.0569 0648  WmiAcpi - ok
14:40:45.0585 0648  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:40:45.0601 0648  wmiApSrv - ok
14:40:45.0632 0648  WMPNetworkSvc - ok
14:40:45.0632 0648  [ C1B61612FCCC6E750AD0A6E19C77EE85 ] WNMFLT          C:\Windows\system32\Drivers\WNMFLT64.SYS
14:40:45.0632 0648  WNMFLT - ok
14:40:45.0647 0648  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:40:45.0647 0648  WPCSvc - ok
14:40:45.0663 0648  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:40:45.0663 0648  WPDBusEnum - ok
14:40:45.0710 0648  [ 788914C42AD8318F1DD7A565EAFFB049 ] WPN111          C:\Windows\system32\DRIVERS\WPN111vx.sys
14:40:45.0725 0648  WPN111 - ok
14:40:45.0725 0648  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
14:40:45.0725 0648  ws2ifsl - ok
14:40:45.0741 0648  WSearch - ok
14:40:45.0788 0648  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:40:45.0803 0648  wuauserv - ok
14:40:45.0835 0648  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:40:45.0835 0648  WudfPf - ok
14:40:45.0881 0648  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:40:45.0881 0648  WUDFRd - ok
14:40:45.0897 0648  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
14:40:45.0897 0648  wudfsvc - ok
14:40:45.0913 0648  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
14:40:45.0928 0648  WwanSvc - ok
14:40:45.0991 0648  ================ Scan global ===============================
14:40:46.0006 0648  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:40:46.0037 0648  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:40:46.0053 0648  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:40:46.0069 0648  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:40:46.0084 0648  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:40:46.0084 0648  [Global] - ok
14:40:46.0084 0648  ================ Scan MBR ==================================
14:40:46.0100 0648  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:40:46.0271 0648  \Device\Harddisk0\DR0 - ok
14:40:46.0287 0648  ================ Scan VBR ==================================
14:40:46.0287 0648  [ 9698A2CB1FC282BBFDF6B3AEE832DA65 ] \Device\Harddisk0\DR0\Partition1
14:40:46.0287 0648  \Device\Harddisk0\DR0\Partition1 - ok
14:40:46.0303 0648  [ 3885AC46AF31D0F1139378F49830D22C ] \Device\Harddisk0\DR0\Partition2
14:40:46.0303 0648  \Device\Harddisk0\DR0\Partition2 - ok
14:40:46.0318 0648  [ 91EE0087E549154F1848396C96F56EA8 ] \Device\Harddisk0\DR0\Partition3
14:40:46.0318 0648  \Device\Harddisk0\DR0\Partition3 - ok
14:40:46.0318 0648  ============================================================
14:40:46.0318 0648  Scan finished
14:40:46.0318 0648  ============================================================
14:40:46.0318 5700  Detected object count: 0
14:40:46.0318 5700  Actual detected object count: 0
14:43:03.0676 5376  Deinitialize success
dds:
DDS Logfile:
DDS Logfile:
Code:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 1.6.0_22
Run by *** at 14:46:38 on 2012-12-08
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.8190.6066 [GMT 1:00]
.
AV: Panda Internet Security 2011 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2011 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2011 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\TPSrvWow.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2011\WebProxy.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dgdersvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe
C:\Windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\panda security\panda internet security 2011\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsImSvc.exe
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\AVENGINE.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\UMonit.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Softwarenetz\Terminkalender2\kalender2.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uProxyOverride = fritz.box;*.local
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programmieren\Java\jre6\bin\jp2ssv.dll
TB: Gutscheinmieze: {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\***\AppData\Roaming\Gutscheinmieze\toolbar.dll
TB: Gutscheinmieze: {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\***\AppData\Roaming\Gutscheinmieze\toolbar.dll
uRun: [ICQ] "C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4
mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\Inicio.exe"
mRun: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
StartupFolder: C:\Users\THORST~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\THORST~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TERMIN~1.LNK - C:\Softwarenetz\Terminkalender2\kalender2.exe
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{3490F978-561C-44BA-A817-252703B49C38} : DHCPNameServer = 212.23.97.2 212.23.97.3
TCP: Interfaces\{367E2848-DB33-4857-B4FE-A0629F551C3F} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{367E2848-DB33-4857-B4FE-A0629F551C3F}\64259445A51275C414E402255607561647562702E4F274 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{5D4CC1C7-0061-4958-B406-778319C94A31} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{6124B780-E1F5-4C27-8D22-685920D660D1} : NameServer = 192.168.0.10
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [UMonit] C:\Windows\SysWOW64\UMonit.exe
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: avldr - avldr64.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\7cit0qvn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - foxsearch
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPPDLicenseHelper.dll
FF - plugin: C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: C:\Programme\Microsoft Silverlight\3.0.40723.0\npctrl.dll
FF - plugin: C:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll
FF - plugin: C:\Programme\Microsoft Silverlight\3.0.50106.0\npctrl.dll
FF - plugin: C:\Programme\Microsoft Silverlight\4.0.50524.0\npctrl.dll
FF - plugin: C:\Programme\Microsoft Silverlight\4.0.50826.0\npctrl.dll
FF - plugin: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - plugin: E:\Programmieren\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: E:\Programmieren\Java\jre6\bin\new_plugin\npjp2.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;Panda boot driver;C:\Windows\System32\drivers\pavboot64.sys [2010-10-4 30792]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2011-4-16 1263200]
R1 ShldFlt;Panda File Shield Driver;C:\Windows\System32\drivers\ShldFlt.sys [2010-10-4 48136]
R2 afcdpsrv;Acronis Nonstop Backup-Dienst;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-4-16 3246040]
R2 AmFSM;AmFSM;C:\Windows\System32\drivers\amm6460.sys [2010-10-4 65608]
R2 APPFLT;App Filter Plugin;C:\Windows\System32\drivers\APPFLT64.SYS [2010-10-4 118280]
R2 ComFiltr;Panda Anti-Dialer;C:\Windows\System32\drivers\COMFiltr.sys [2010-10-4 15928]
R2 dgdersvc;Device Error Recovery Service;C:\Windows\System32\dgdersvc.exe [2010-7-30 119632]
R2 DSAFLT;DSA Filter Plugin;C:\Windows\System32\drivers\dsaflt64.sys [2010-10-4 82952]
R2 FNETMON;NetMon Filter Plugin;C:\Windows\System32\drivers\fnetm64.sys [2010-10-4 31752]
R2 IDSFLT;Ids Filter Plugin;C:\Windows\System32\drivers\idsflt64.sys [2010-10-4 78856]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-21 399432]
R2 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\System32\drivers\NETTDI64.SYS [2010-10-4 170504]
R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PsCtrlS.exe [2010-10-4 173312]
R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PavFnSvr.exe [2010-10-4 202048]
R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2010-10-4 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\pavsrvx86.exe [2010-10-4 314176]
R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\psksvc.exe [2010-10-4 28992]
R2 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\System32\drivers\wnmflt64.sys [2010-10-4 74760]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2011-4-16 285280]
R3 dgderdrv;dgderdrv;C:\Windows\System32\drivers\dgderdrv.sys [2010-7-30 20552]
R3 fwlanusbn;FRITZ!WLAN N;C:\Windows\System32\drivers\fwlanusbn.sys [2011-11-4 714368]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 NETIMFLT01060042;PANDA NDIS IM Filter Miniport v1.6.0.42;C:\Windows\System32\drivers\n64i1642.sys [2010-10-4 214536]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]
R3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCAMp50a64.sys [2010-10-4 43328]
R3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\Windows\System32\drivers\PCASp50a64.sys [2010-10-4 41280]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-21 452200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 avmeject;AVM Eject;C:\Windows\System32\drivers\avmeject.sys [2010-10-22 14120]
S3 BthAvrcp;Bluetooth-AVRCP-Profil;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]
S3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;D:\Spiele\Dragon Age\bin_ship\daupdatersvc.service.exe [2012-8-17 25832]
S3 GeneStor;Genesys Logic Storage Driver;C:\Windows\System32\drivers\GeneStor.sys [2012-8-25 58368]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187.sys [2010-1-7 448512]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2012-1-22 16392]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-27 59392]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-4 1255736]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\Windows\System32\drivers\WPN111vx.sys [2011-11-13 1075712]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Program Files (x86)\JGsoft\EditPadLite\EditPadLite.exe" "%1"
.
=============== Created Last 30 ================
.
2012-12-07 16:05:56        --------        d-----w-        C:\FRST
2012-12-02 22:49:02        --------        d-----w-        C:\ProgramData\HitmanPro
2012-12-01 23:08:07        69000        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F952A6FB-6BC9-4D6D-8F4A-DBD780A35542}\offreg.dll
2012-11-26 20:52:57        --------        d-----w-        C:\Users\***\AppData\Roaming\Canneverbe Limited
2012-11-26 20:52:57        --------        d-----w-        C:\ProgramData\Canneverbe Limited
2012-11-26 20:15:33        --------        d-----w-        C:\ProgramData\Tarma Installer
.
==================== Find3M  ====================
.
2012-11-26 10:13:46        73656        ----a-w-        C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-26 10:13:46        697272        ----a-w-        C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-29 17:54:26        25928        ----a-w-        C:\Windows\System32\drivers\mbam.sys
2012-09-21 11:16:28        133248        ----a-w-        C:\Windows\System32\drivers\dnelwf64.sys
.
============= FINISH: 14:47:06,78 ===============
--- --- ---

--- --- ---

[/CODE]
Attach:

Code:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 02.10.2010 16:56:32
System Uptime: 08.12.2012 14:01:38 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | M4A89TD PRO USB3
Processor: AMD Phenom(tm) II X4 965 Processor | AM3 | 3400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 450 GiB total, 211,451 GiB free.
D: is FIXED (NTFS) - 250 GiB total, 147,482 GiB free.
E: is FIXED (NTFS) - 232 GiB total, 93,199 GiB free.
F: is CDROM (UDF)
G: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {85b5ddd0-e090-4b15-bdf2-a443a3ca0b66}
Description: ATITool Driver
Device ID: ROOT\*ATITOOLDEVICE\0000
Manufacturer: W1zzard
Name: ATITool Driver
PNP Device ID: ROOT\*ATITOOLDEVICE\0000
Service: ATITool
.
==== System Restore Points ===================
.
RP562: 08.12.2012 14:06:15 - Windows Update
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition)
Acronis*True*Image*Home 2011
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) - Deutsch
Adobe Shockwave Player 11.5
ANNO 1602 Königs-Edition
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUSUpdate
AVM FRITZ!WLAN
Battlefield 1942
Battlefield 2(TM)
BF2SP64
Black & White® 2
Blasc3
Bombermaaan 1.4
Bonjour
Call of Duty
Call of Duty(R) 2
Call of Duty(R) 4 - Modern Warfare(TM) Demo
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 1.1
Canon MX850 series
Canon MX850 series Benutzerregistrierung
Canon My Printer
CCleaner
CDBurnerXP
Darksiders
DarksidersInstaller
DataStudio
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Derive 6 Demo
Dragon Age: Origins
Dropbox
Easy File Undelete
eReg
FileRestorePlus™ 3.0.3.514
Fityk 0.9.8
Free PDF to Word Doc Converter v1.1
Genesys USB Mass Storage Device
GetDataBack for NTFS
Google Earth
Google Update Helper
Gtk+ Runtime Environment 2.12.9-2
Half-Life 2
Half-Life 2: Deathmatch
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
ICQ7.6
Icy Tower v1.4
Igor Pro
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Just Great Software EditPad Lite DE 6.6.4
LibreOffice 3.6
Logitech GamePanel Software 3.06.109
Logitech SetPoint 6.15
Malwarebytes Anti-Malware Version 1.65.1.1000
Medieval II Total War
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (German) 2007
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2007
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2007
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing (German) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2007
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2007
Microsoft Office Shared MUI (German) 2010
Microsoft Office Visio 2010
Microsoft Office Visio MUI (German) 2010
Microsoft Office Word MUI (German) 2007
Microsoft Publisher 2010
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
MiKTeX 2.8
Moorhuhn Remake
Mozilla Firefox 14.0.1 (x86 de)
Mozilla Thunderbird 16.0.2 (x86 de)
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MuseScore 1.1 MuseScore score typesetter
MyFreeCodec
NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
NVIDIA Display Control Panel
NVIDIA Grafiktreiber 266.58
NVIDIA Install Application
NVIDIA PhysX
NVIDIA StereoUSB Driver
NX Client for Windows 3.3.0-6
ODF Add-In für Microsoft Office
Origin 8.5.1
OriginPro 8.5.1
OutlookAddInNet3Setup
Ovi Desktop Sync Engine
OviMPlatform
Panda Internet Security 2011
Panda Secure Vault 5
Pasco USB Driver
PascoCommonFiles
PC Connectivity Solution
PDF24 Creator 4.7.0
PDFCreator
Plus Pack für Acronis True Image Home 2011
QuickTime
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Recuva
Renesas Electronics USB 3.0 Host Controller Driver
resident evil 4
RESIDENT EVIL 5
Restorer Ultimate 7.5
SAMSUNG USB Driver for Mobile Phones
Secure Download Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio 2010 (KB2597171) 32-Bit Edition
Sibelius Scorch (Firefox, Opera, Netscape only)
Skype™ 5.10
Smart File Advisor 1.1.1
Softwarenetz Terminkalender2
Star Wars JK II Jedi Outcast
STDU Converter version 2.0.103.0
Steam
Stellar Phoenix Windows Data Recovery - Home
StreamTransport version: 1.0.2.2171
Stronghold Crusader Extreme
Tactical_Sailing_de
TeamSpeak 3 Client
TeXnicCenter Version 2.0 Alpha 3
toolstar®recovery 2011 professional
TrueCrypt
Ubisoft Game Launcher
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
VLC media player 1.1.4
VMD 1.9
Vsk5 - patch1
WavePad Sound Editor
WinDjView 1.0.3
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
Windows-Treiberpaket - PASCO Scientific (WinUSB) Pasco Interface  (08/14/2008 1.0.0.0)
WinRAR
World of Warcraft
WPF Toolkit February 2010 (Version 3.5.50211.1)
Xfire (remove only)
XnView 1.98.1
.
==== End Of File ===========================


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:39 Uhr.
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19