Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Bitte um Hilfe, TA/ATRAPS.gen ist da

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 26.06.2012, 15:38   #1
derdude007
 
Bitte um Hilfe, TA/ATRAPS.gen ist da - Standard

Bitte um Hilfe, TA/ATRAPS.gen ist da



Hallo,
ich habe seit gestern dauernd die Virusmeldung.
Dazu habe ich die schritte wie in
immer wiederkehrende TR/ATRAPS.Gen und TR/ATRAPS.Gen2
und zusätzlich jetzt mit Malwarebytes durchsucht und einen Fund gemacht.
Hier die ergebnisse von Antivir:
Objekt: 800000000.@ Fund: TR/ATRAPS.Gen
Dazu habe ich die schritte gemacht:

TDSSKiller
HTML-Code:
08:58:55.0959 4568	TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
08:58:56.0209 4568	============================================================
08:58:56.0209 4568	Current date / time: 2012/06/26 08:58:56.0209
08:58:56.0209 4568	SystemInfo:
08:58:56.0209 4568	
08:58:56.0209 4568	OS Version: 6.1.7600 ServicePack: 0.0
08:58:56.0209 4568	Product type: Workstation
08:58:56.0209 4568	ComputerName: NAME
08:58:56.0209 4568	UserName: NAME
08:58:56.0209 4568	Windows directory: D:\Windows
08:58:56.0209 4568	System windows directory: D:\Windows
08:58:56.0209 4568	Running under WOW64
08:58:56.0209 4568	Processor architecture: Intel x64
08:58:56.0209 4568	Number of processors: 8
08:58:56.0209 4568	Page size: 0x1000
08:58:56.0209 4568	Boot type: Normal boot
08:58:56.0209 4568	============================================================
08:58:57.0225 4568	Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:58:57.0225 4568	Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:58:57.0241 4568	Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:58:57.0241 4568	============================================================
08:58:57.0241 4568	\Device\Harddisk0\DR0:
08:58:57.0241 4568	MBR partitions:
08:58:57.0241 4568	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4C05
08:58:57.0241 4568	\Device\Harddisk1\DR1:
08:58:57.0241 4568	MBR partitions:
08:58:57.0241 4568	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
08:58:57.0241 4568	\Device\Harddisk2\DR2:
08:58:57.0241 4568	MBR partitions:
08:58:57.0241 4568	\Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
08:58:57.0241 4568	============================================================
08:58:57.0256 4568	C: <-> \Device\Harddisk0\DR0\Partition0
08:58:57.0272 4568	D: <-> \Device\Harddisk2\DR2\Partition0
08:58:57.0303 4568	E: <-> \Device\Harddisk1\DR1\Partition0
08:58:57.0303 4568	============================================================
08:58:57.0303 4568	Initialize success
08:58:57.0303 4568	============================================================
08:59:20.0319 4712	============================================================
08:59:20.0319 4712	Scan started
08:59:20.0319 4712	Mode: Manual; TDLFS; 
08:59:20.0319 4712	============================================================
08:59:20.0991 4712	1394ohci        (1b00662092f9f9568b995902f0cc40d5) D:\Windows\system32\DRIVERS\1394ohci.sys
08:59:20.0991 4712	1394ohci - ok
08:59:21.0116 4712	ABBYY.Licensing.FineReader.Professional.10.0 (dccc7bcaad497da2c4607b8035516d95) D:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
08:59:21.0147 4712	ABBYY.Licensing.FineReader.Professional.10.0 - ok
08:59:21.0194 4712	acedrv06        (c8030d922511a926d0aa06b78c4b87a9) D:\Windows\system32\drivers\acedrv06.sys
08:59:21.0209 4712	acedrv06 - ok
08:59:21.0241 4712	acedrv07        (6e9c8b324980afe454c6f7762e2b4478) D:\Windows\system32\drivers\acedrv07.sys
08:59:21.0241 4712	acedrv07 - ok
08:59:21.0288 4712	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) D:\Windows\system32\DRIVERS\ACPI.sys
08:59:21.0288 4712	ACPI - ok
08:59:21.0319 4712	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) D:\Windows\system32\DRIVERS\acpipmi.sys
08:59:21.0319 4712	AcpiPmi - ok
08:59:21.0381 4712	AdobeARMservice (11a52cf7b265631deeb24c6149309eff) D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:59:21.0381 4712	AdobeARMservice - ok
08:59:21.0428 4712	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) D:\Windows\system32\DRIVERS\adp94xx.sys
08:59:21.0428 4712	adp94xx - ok
08:59:21.0475 4712	adpahci         (597f78224ee9224ea1a13d6350ced962) D:\Windows\system32\DRIVERS\adpahci.sys
08:59:21.0491 4712	adpahci - ok
08:59:21.0506 4712	adpu320         (e109549c90f62fb570b9540c4b148e54) D:\Windows\system32\DRIVERS\adpu320.sys
08:59:21.0506 4712	adpu320 - ok
08:59:21.0553 4712	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) D:\Windows\System32\aelupsvc.dll
08:59:21.0553 4712	AeLookupSvc - ok
08:59:21.0616 4712	AFD             (6ef20ddf3172e97d69f596fb90602f29) D:\Windows\system32\drivers\afd.sys
08:59:21.0631 4712	AFD - ok
08:59:21.0647 4712	agp440          (608c14dba7299d8cb6ed035a68a15799) D:\Windows\system32\DRIVERS\agp440.sys
08:59:21.0647 4712	agp440 - ok
08:59:21.0663 4712	ALG             (3290d6946b5e30e70414990574883ddb) D:\Windows\System32\alg.exe
08:59:21.0663 4712	ALG - ok
08:59:21.0678 4712	aliide          (5812713a477a3ad7363c7438ca2ee038) D:\Windows\system32\DRIVERS\aliide.sys
08:59:21.0678 4712	aliide - ok
08:59:21.0694 4712	amdide          (1ff8b4431c353ce385c875f194924c0c) D:\Windows\system32\DRIVERS\amdide.sys
08:59:21.0694 4712	amdide - ok
08:59:21.0725 4712	AmdK8           (7024f087cff1833a806193ef9d22cda9) D:\Windows\system32\DRIVERS\amdk8.sys
08:59:21.0725 4712	AmdK8 - ok
08:59:21.0741 4712	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) D:\Windows\system32\DRIVERS\amdppm.sys
08:59:21.0741 4712	AmdPPM - ok
08:59:21.0803 4712	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) D:\Windows\system32\drivers\amdsata.sys
08:59:21.0803 4712	amdsata - ok
08:59:21.0819 4712	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) D:\Windows\system32\DRIVERS\amdsbs.sys
08:59:21.0819 4712	amdsbs - ok
08:59:21.0834 4712	amdxata         (db27766102c7bf7e95140a2aa81d042e) D:\Windows\system32\drivers\amdxata.sys
08:59:21.0834 4712	amdxata - ok
08:59:21.0959 4712	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
08:59:21.0975 4712	AntiVirSchedulerService - ok
08:59:22.0022 4712	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
08:59:22.0022 4712	AntiVirService - ok
08:59:22.0053 4712	AppID           (42fd751b27fa0e9c69bb39f39e409594) D:\Windows\system32\drivers\appid.sys
08:59:22.0053 4712	AppID - ok
08:59:22.0116 4712	AppIDSvc        (0bc381a15355a3982216f7172f545de1) D:\Windows\System32\appidsvc.dll
08:59:22.0116 4712	AppIDSvc - ok
08:59:22.0116 4712	Appinfo         (d065be66822847b7f127d1f90158376e) D:\Windows\System32\appinfo.dll
08:59:22.0131 4712	Appinfo - ok
08:59:22.0194 4712	AppMgmt         (4aba3e75a76195a3e38ed2766c962899) D:\Windows\System32\appmgmts.dll
08:59:22.0194 4712	AppMgmt - ok
08:59:22.0209 4712	arc             (c484f8ceb1717c540242531db7845c4e) D:\Windows\system32\DRIVERS\arc.sys
08:59:22.0209 4712	arc - ok
08:59:22.0256 4712	arcsas          (019af6924aefe7839f61c830227fe79c) D:\Windows\system32\DRIVERS\arcsas.sys
08:59:22.0256 4712	arcsas - ok
08:59:22.0366 4712	aspnet_state    (9217d874131ae6ff8f642f124f00a555) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:59:22.0397 4712	aspnet_state - ok
08:59:22.0444 4712	AsyncMac        (769765ce2cc62867468cea93969b2242) D:\Windows\system32\DRIVERS\asyncmac.sys
08:59:22.0444 4712	AsyncMac - ok
08:59:22.0444 4712	atapi           (02062c0b390b7729edc9e69c680a6f3c) D:\Windows\system32\DRIVERS\atapi.sys
08:59:22.0444 4712	atapi - ok
08:59:22.0616 4712	ATICDSDr        (63d75db501fb999a2e2a6d074bdc4949) D:\Users\JULIAN~1\AppData\Local\Temp\ATICDSDr.sys
08:59:22.0616 4712	ATICDSDr - ok
08:59:22.0694 4712	AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) D:\Windows\System32\Audiosrv.dll
08:59:22.0709 4712	AudioEndpointBuilder - ok
08:59:22.0709 4712	AudioSrv        (07721a77180edd4d39ccb865bf63c7fd) D:\Windows\System32\Audiosrv.dll
08:59:22.0725 4712	AudioSrv - ok
08:59:22.0803 4712	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) D:\Windows\system32\DRIVERS\avgntflt.sys
08:59:22.0819 4712	avgntflt - ok
08:59:22.0850 4712	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) D:\Windows\system32\DRIVERS\avipbb.sys
08:59:22.0850 4712	avipbb - ok
08:59:22.0897 4712	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) D:\Windows\system32\DRIVERS\avkmgr.sys
08:59:22.0897 4712	avkmgr - ok
08:59:22.0991 4712	AVM WLAN Connection Service (c6f4c466b654c1be98af31418bb5ac30) D:\Program Files (x86)\avmwlanstick\WlanNetService.exe
08:59:23.0006 4712	AVM WLAN Connection Service - ok
08:59:23.0022 4712	avmeject        (1dc2f715792cf33428ad7993acbd224d) D:\Windows\system32\drivers\avmeject.sys
08:59:23.0022 4712	avmeject - ok
08:59:23.0100 4712	avmident        (ce7793573fa4e70033d907dd919ff648) D:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
08:59:23.0116 4712	avmident - ok
08:59:23.0163 4712	AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) D:\Windows\System32\AxInstSV.dll
08:59:23.0178 4712	AxInstSV - ok
08:59:23.0241 4712	b06bdrv         (3e5b191307609f7514148c6832bb0842) D:\Windows\system32\DRIVERS\bxvbda.sys
08:59:23.0256 4712	b06bdrv - ok
08:59:23.0288 4712	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) D:\Windows\system32\DRIVERS\b57nd60a.sys
08:59:23.0303 4712	b57nd60a - ok
08:59:23.0350 4712	BDESVC          (fde360167101b4e45a96f939f388aeb0) D:\Windows\System32\bdesvc.dll
08:59:23.0350 4712	BDESVC - ok
08:59:23.0366 4712	Beep            (16a47ce2decc9b099349a5f840654746) D:\Windows\system32\drivers\Beep.sys
08:59:23.0366 4712	Beep - ok
08:59:23.0444 4712	BITS            (7f0c323fe3da28aa4aa1bda3f575707f) D:\Windows\System32\qmgr.dll
08:59:23.0459 4712	BITS - ok
08:59:23.0506 4712	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) D:\Windows\system32\DRIVERS\blbdrive.sys
08:59:23.0506 4712	blbdrive - ok
08:59:23.0553 4712	bowser          (19d20159708e152267e53b66677a4995) D:\Windows\system32\DRIVERS\bowser.sys
08:59:23.0553 4712	bowser - ok
08:59:23.0569 4712	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) D:\Windows\system32\DRIVERS\BrFiltLo.sys
08:59:23.0569 4712	BrFiltLo - ok
08:59:23.0584 4712	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) D:\Windows\system32\DRIVERS\BrFiltUp.sys
08:59:23.0584 4712	BrFiltUp - ok
08:59:23.0631 4712	Browser         (94fbc06f294d58d02361918418f996e3) D:\Windows\System32\browser.dll
08:59:23.0631 4712	Browser - ok
08:59:23.0663 4712	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) D:\Windows\System32\Drivers\Brserid.sys
08:59:23.0663 4712	Brserid - ok
08:59:23.0678 4712	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) D:\Windows\System32\Drivers\BrSerWdm.sys
08:59:23.0678 4712	BrSerWdm - ok
08:59:23.0694 4712	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) D:\Windows\System32\Drivers\BrUsbMdm.sys
08:59:23.0694 4712	BrUsbMdm - ok
08:59:23.0709 4712	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) D:\Windows\System32\Drivers\BrUsbSer.sys
08:59:23.0709 4712	BrUsbSer - ok
08:59:23.0725 4712	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) D:\Windows\system32\DRIVERS\bthmodem.sys
08:59:23.0725 4712	BTHMODEM - ok
08:59:23.0756 4712	bthserv         (95f9c2976059462cbbf227f7aab10de9) D:\Windows\system32\bthserv.dll
08:59:23.0756 4712	bthserv - ok
08:59:23.0772 4712	cdfs            (b8bd2bb284668c84865658c77574381a) D:\Windows\system32\DRIVERS\cdfs.sys
08:59:23.0772 4712	cdfs - ok
08:59:23.0819 4712	cdrom           (83d2d75e1efb81b3450c18131443f7db) D:\Windows\system32\DRIVERS\cdrom.sys
08:59:23.0819 4712	cdrom - ok
08:59:23.0881 4712	CertPropSvc     (312e2f82af11e79906898ac3e3d58a1f) D:\Windows\System32\certprop.dll
08:59:23.0881 4712	CertPropSvc - ok
08:59:23.0897 4712	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) D:\Windows\system32\DRIVERS\circlass.sys
08:59:23.0897 4712	circlass - ok
08:59:23.0928 4712	CLFS            (fe1ec06f2253f691fe36217c592a0206) D:\Windows\system32\CLFS.sys
08:59:23.0928 4712	CLFS - ok
08:59:23.0991 4712	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:59:24.0006 4712	clr_optimization_v2.0.50727_32 - ok
08:59:24.0069 4712	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) D:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:59:24.0084 4712	clr_optimization_v2.0.50727_64 - ok
08:59:24.0178 4712	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:59:24.0225 4712	clr_optimization_v4.0.30319_32 - ok
08:59:24.0256 4712	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:59:24.0272 4712	clr_optimization_v4.0.30319_64 - ok
08:59:24.0288 4712	CmBatt          (0840155d0bddf1190f84a663c284bd33) D:\Windows\system32\DRIVERS\CmBatt.sys
08:59:24.0288 4712	CmBatt - ok
08:59:24.0288 4712	cmdide          (e19d3f095812725d88f9001985b94edd) D:\Windows\system32\DRIVERS\cmdide.sys
08:59:24.0303 4712	cmdide - ok
08:59:24.0319 4712	CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) D:\Windows\system32\Drivers\cng.sys
08:59:24.0334 4712	CNG - ok
08:59:24.0350 4712	Compbatt        (102de219c3f61415f964c88e9085ad14) D:\Windows\system32\DRIVERS\compbatt.sys
08:59:24.0350 4712	Compbatt - ok
08:59:24.0366 4712	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) D:\Windows\system32\DRIVERS\CompositeBus.sys
08:59:24.0366 4712	CompositeBus - ok
08:59:24.0381 4712	COMSysApp - ok
08:59:24.0475 4712	cpudrv64        (3ca734ce373e5675fbc15ca2c45228e5) D:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
08:59:24.0475 4712	cpudrv64 - ok
08:59:24.0491 4712	crcdisk         (1c827878a998c18847245fe1f34ee597) D:\Windows\system32\DRIVERS\crcdisk.sys
08:59:24.0491 4712	crcdisk - ok
08:59:24.0538 4712	CryptSvc        (8c57411b66282c01533cb776f98ad384) D:\Windows\system32\cryptsvc.dll
08:59:24.0538 4712	CryptSvc - ok
08:59:24.0600 4712	CSC             (4a6173c2279b498cd8f57cae504564cb) D:\Windows\system32\drivers\csc.sys
08:59:24.0600 4712	CSC - ok
08:59:24.0631 4712	CscService      (873fbf927c06e5cee04dec617502f8fd) D:\Windows\System32\cscsvc.dll
08:59:24.0647 4712	CscService - ok
08:59:24.0725 4712	DcomLaunch      (7266972e86890e2b30c0c322e906b027) D:\Windows\system32\rpcss.dll
08:59:24.0725 4712	DcomLaunch - ok
08:59:24.0819 4712	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) D:\Windows\System32\defragsvc.dll
08:59:24.0819 4712	defragsvc - ok
08:59:24.0866 4712	DfsC            (9c253ce7311ca60fc11c774692a13208) D:\Windows\system32\Drivers\dfsc.sys
08:59:24.0881 4712	DfsC - ok
08:59:24.0913 4712	Dhcp            (ce3b9562d997f69b330d181a8875960f) D:\Windows\system32\dhcpcore.dll
08:59:24.0913 4712	Dhcp - ok
08:59:24.0928 4712	discache        (13096b05847ec78f0977f2c0f79e9ab3) D:\Windows\system32\drivers\discache.sys
08:59:24.0928 4712	discache - ok
08:59:24.0991 4712	Disk            (9819eee8b5ea3784ec4af3b137a5244c) D:\Windows\system32\DRIVERS\disk.sys
08:59:24.0991 4712	Disk - ok
08:59:25.0038 4712	Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) D:\Windows\System32\dnsrslvr.dll
08:59:25.0038 4712	Dnscache - ok
08:59:25.0100 4712	dot3svc         (14452acdb09b70964c8c21bf80a13acb) D:\Windows\System32\dot3svc.dll
08:59:25.0116 4712	dot3svc - ok
08:59:25.0131 4712	DPS             (8c2ba6bea949ee6e68385f5692bafb94) D:\Windows\system32\dps.dll
08:59:25.0131 4712	DPS - ok
08:59:25.0178 4712	drmkaud         (9b19f34400d24df84c858a421c205754) D:\Windows\system32\drivers\drmkaud.sys
08:59:25.0178 4712	drmkaud - ok
08:59:25.0272 4712	DXGKrnl         (1633b9abf52784a1331476397a48cbef) D:\Windows\System32\drivers\dxgkrnl.sys
08:59:25.0272 4712	DXGKrnl - ok
08:59:25.0366 4712	e1qexpress      (acff022b1eb3e608b7cfae61187751a6) D:\Windows\system32\DRIVERS\e1q62x64.sys
08:59:25.0381 4712	e1qexpress - ok
08:59:25.0428 4712	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) D:\Windows\System32\eapsvc.dll
08:59:25.0428 4712	EapHost - ok
08:59:25.0584 4712	ebdrv           (dc5d737f51be844d8c82c695eb17372f) D:\Windows\system32\DRIVERS\evbda.sys
08:59:25.0631 4712	ebdrv - ok
08:59:25.0788 4712	EFS             (0793f40b9b8a1bdd266296409dbd91ea) D:\Windows\System32\lsass.exe
08:59:25.0788 4712	EFS - ok
08:59:25.0881 4712	ehRecvr         (47c071994c3f649f23d9cd075ac9304a) D:\Windows\ehome\ehRecvr.exe
08:59:25.0897 4712	ehRecvr - ok
08:59:25.0959 4712	ehSched         (4705e8ef9934482c5bb488ce28afc681) D:\Windows\ehome\ehsched.exe
08:59:25.0959 4712	ehSched - ok
08:59:26.0053 4712	ElbyCDIO        (a05fc7eca0966ebb70e4d17b855a853b) D:\Windows\system32\Drivers\ElbyCDIO.sys
08:59:26.0053 4712	ElbyCDIO - ok
08:59:26.0116 4712	elxstor         (0e5da5369a0fcaea12456dd852545184) D:\Windows\system32\DRIVERS\elxstor.sys
08:59:26.0131 4712	elxstor - ok
08:59:26.0163 4712	ErrDev          (34a3c54752046e79a126e15c51db409b) D:\Windows\system32\DRIVERS\errdev.sys
08:59:26.0163 4712	ErrDev - ok
08:59:26.0225 4712	EventSystem     (4166f82be4d24938977dd1746be9b8a0) D:\Windows\system32\es.dll
08:59:26.0225 4712	EventSystem - ok
08:59:26.0256 4712	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) D:\Windows\system32\drivers\exfat.sys
08:59:26.0256 4712	exfat - ok
08:59:26.0272 4712	fastfat         (0adc83218b66a6db380c330836f3e36d) D:\Windows\system32\drivers\fastfat.sys
08:59:26.0272 4712	fastfat - ok
08:59:26.0366 4712	Fax             (d607b2f1bee3992aa6c2c92c0a2f0855) D:\Windows\system32\fxssvc.exe
08:59:26.0366 4712	Fax - ok
08:59:26.0381 4712	fdc             (d765d19cd8ef61f650c384f62fac00ab) D:\Windows\system32\DRIVERS\fdc.sys
08:59:26.0381 4712	fdc - ok
08:59:26.0397 4712	fdPHost         (0438cab2e03f4fb61455a7956026fe86) D:\Windows\system32\fdPHost.dll
08:59:26.0397 4712	fdPHost - ok
08:59:26.0413 4712	FDResPub        (802496cb59a30349f9a6dd22d6947644) D:\Windows\system32\fdrespub.dll
08:59:26.0413 4712	FDResPub - ok
08:59:26.0459 4712	FileInfo        (655661be46b5f5f3fd454e2c3095b930) D:\Windows\system32\drivers\fileinfo.sys
08:59:26.0459 4712	FileInfo - ok
08:59:26.0475 4712	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) D:\Windows\system32\drivers\filetrace.sys
08:59:26.0475 4712	Filetrace - ok
08:59:26.0616 4712	FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
08:59:26.0647 4712	FLEXnet Licensing Service 64 - ok
08:59:26.0756 4712	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) D:\Windows\system32\DRIVERS\flpydisk.sys
08:59:26.0756 4712	flpydisk - ok
08:59:26.0772 4712	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) D:\Windows\system32\drivers\fltmgr.sys
08:59:26.0772 4712	FltMgr - ok
08:59:26.0881 4712	FontCache       (bc00505cfda789ed3be95d2ff38c4875) D:\Windows\system32\FntCache.dll
08:59:26.0881 4712	FontCache - ok
08:59:26.0991 4712	FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) D:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:59:26.0991 4712	FontCache3.0.0.0 - ok
08:59:27.0006 4712	FsDepends       (d43703496149971890703b4b1b723eac) D:\Windows\system32\drivers\FsDepends.sys
08:59:27.0006 4712	FsDepends - ok
08:59:27.0022 4712	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) D:\Windows\system32\drivers\Fs_Rec.sys
08:59:27.0022 4712	Fs_Rec - ok
08:59:27.0100 4712	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) D:\Windows\system32\DRIVERS\fvevol.sys
08:59:27.0100 4712	fvevol - ok
08:59:27.0163 4712	FWLANUSB        (444534cba693dd23c1cc589681e01656) D:\Windows\system32\DRIVERS\fwlanusb.sys
08:59:27.0163 4712	FWLANUSB - ok
08:59:27.0194 4712	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) D:\Windows\system32\DRIVERS\gagp30kx.sys
08:59:27.0194 4712	gagp30kx - ok
08:59:27.0272 4712	gpsvc           (fe5ab4525bc2ec68b9119a6e5d40128b) D:\Windows\System32\gpsvc.dll
08:59:27.0272 4712	gpsvc - ok
08:59:27.0288 4712	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) D:\Windows\system32\drivers\hcw85cir.sys
08:59:27.0288 4712	hcw85cir - ok
08:59:27.0366 4712	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) D:\Windows\system32\drivers\HdAudio.sys
08:59:27.0381 4712	HdAudAddService - ok
08:59:27.0397 4712	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) D:\Windows\system32\DRIVERS\HDAudBus.sys
08:59:27.0413 4712	HDAudBus - ok
08:59:27.0428 4712	HidBatt         (78e86380454a7b10a5eb255dc44a355f) D:\Windows\system32\DRIVERS\HidBatt.sys
08:59:27.0428 4712	HidBatt - ok
08:59:27.0444 4712	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) D:\Windows\system32\DRIVERS\hidbth.sys
08:59:27.0444 4712	HidBth - ok
08:59:27.0444 4712	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) D:\Windows\system32\DRIVERS\hidir.sys
08:59:27.0444 4712	HidIr - ok
08:59:27.0459 4712	hidserv         (bd9eb3958f213f96b97b1d897dee006d) D:\Windows\system32\hidserv.dll
08:59:27.0459 4712	hidserv - ok
08:59:27.0491 4712	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) D:\Windows\system32\DRIVERS\hidusb.sys
08:59:27.0491 4712	HidUsb - ok
08:59:27.0553 4712	hkmsvc          (efa58ede58dd74388ffd04cb32681518) D:\Windows\system32\kmsvc.dll
08:59:27.0553 4712	hkmsvc - ok
08:59:27.0569 4712	HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) D:\Windows\system32\ListSvc.dll
08:59:27.0569 4712	HomeGroupListener - ok
08:59:27.0631 4712	HomeGroupProvider (06a7422224d9865a5613710a089987df) D:\Windows\system32\provsvc.dll
08:59:27.0631 4712	HomeGroupProvider - ok
08:59:27.0663 4712	HpSAMD          (0886d440058f203eba0e1825e4355914) D:\Windows\system32\DRIVERS\HpSAMD.sys
08:59:27.0663 4712	HpSAMD - ok
08:59:27.0725 4712	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) D:\Windows\system32\drivers\HTTP.sys
08:59:27.0725 4712	HTTP - ok
08:59:27.0741 4712	hwpolicy        (f17766a19145f111856378df337a5d79) D:\Windows\system32\drivers\hwpolicy.sys
08:59:27.0741 4712	hwpolicy - ok
08:59:27.0772 4712	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) D:\Windows\system32\DRIVERS\i8042prt.sys
08:59:27.0772 4712	i8042prt - ok
08:59:27.0834 4712	iaStorV         (b75e45c564e944a2657167d197ab29da) D:\Windows\system32\drivers\iaStorV.sys
08:59:27.0834 4712	iaStorV - ok
08:59:27.0944 4712	idsvc           (2f2be70d3e02b6fa877921ab9516d43c) D:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:59:27.0975 4712	idsvc - ok
08:59:28.0084 4712	IGDCTRL         (62dd2f604dd1571c4e32d480db2ab99a) D:\Program Files (x86)\1&1\IGDCTRL.EXE
08:59:28.0100 4712	IGDCTRL - ok
08:59:28.0194 4712	iirsp           (5c18831c61933628f5bb0ea2675b9d21) D:\Windows\system32\DRIVERS\iirsp.sys
08:59:28.0209 4712	iirsp - ok
08:59:28.0288 4712	IKEEXT          (c5b4683680df085b57bc53e5ef34861f) D:\Windows\System32\ikeext.dll
08:59:28.0303 4712	IKEEXT - ok
08:59:28.0381 4712	Intel(R) PROSet Monitoring Service (4a9eb8ac8959c580adcaddbdbbebe033) D:\Windows\system32\IProsetMonitor.exe
08:59:28.0381 4712	Intel(R) PROSet Monitoring Service - ok
08:59:28.0397 4712	intelide        (f00f20e70c6ec3aa366910083a0518aa) D:\Windows\system32\DRIVERS\intelide.sys
08:59:28.0397 4712	intelide - ok
08:59:28.0428 4712	intelppm        (ada036632c664caa754079041cf1f8c1) D:\Windows\system32\DRIVERS\intelppm.sys
08:59:28.0428 4712	intelppm - ok
08:59:28.0444 4712	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) D:\Windows\system32\ipbusenum.dll
08:59:28.0444 4712	IPBusEnum - ok
08:59:28.0459 4712	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) D:\Windows\system32\DRIVERS\ipfltdrv.sys
08:59:28.0459 4712	IpFilterDriver - ok
08:59:28.0475 4712	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) D:\Windows\system32\DRIVERS\IPMIDrv.sys
08:59:28.0475 4712	IPMIDRV - ok
08:59:28.0491 4712	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) D:\Windows\system32\drivers\ipnat.sys
08:59:28.0491 4712	IPNAT - ok
08:59:28.0506 4712	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) D:\Windows\system32\drivers\irenum.sys
08:59:28.0506 4712	IRENUM - ok
08:59:28.0522 4712	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) D:\Windows\system32\DRIVERS\isapnp.sys
08:59:28.0522 4712	isapnp - ok
08:59:28.0584 4712	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) D:\Windows\system32\DRIVERS\msiscsi.sys
08:59:28.0584 4712	iScsiPrt - ok
08:59:28.0616 4712	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) D:\Windows\system32\DRIVERS\kbdclass.sys
08:59:28.0616 4712	kbdclass - ok
08:59:28.0631 4712	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) D:\Windows\system32\DRIVERS\kbdhid.sys
08:59:28.0631 4712	kbdhid - ok
08:59:28.0678 4712	KeyIso          (0793f40b9b8a1bdd266296409dbd91ea) D:\Windows\system32\lsass.exe
08:59:28.0678 4712	KeyIso - ok
08:59:28.0709 4712	KSecDD          (e8b6fcc9c83535c67f835d407620bd27) D:\Windows\system32\Drivers\ksecdd.sys
08:59:28.0709 4712	KSecDD - ok
08:59:28.0756 4712	KSecPkg         (a8c63880ef6f4d3fec7b616b9c060215) D:\Windows\system32\Drivers\ksecpkg.sys
08:59:28.0756 4712	KSecPkg - ok
08:59:28.0772 4712	ksthunk         (6869281e78cb31a43e969f06b57347c4) D:\Windows\system32\drivers\ksthunk.sys
08:59:28.0772 4712	ksthunk - ok
08:59:28.0834 4712	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) D:\Windows\system32\msdtckrm.dll
08:59:28.0834 4712	KtmRm - ok
08:59:28.0897 4712	LanmanServer    (81f1d04d4d0e433099365127375fd501) D:\Windows\system32\srvsvc.dll
08:59:28.0897 4712	LanmanServer - ok
08:59:28.0944 4712	LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) D:\Windows\System32\wkssvc.dll
08:59:28.0959 4712	LanmanWorkstation - ok
08:59:29.0084 4712	LBTServ         (7772dfab22611050b79504e671b06e6e) D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
08:59:29.0100 4712	LBTServ - ok
08:59:29.0147 4712	LHidFilt        (241f2648adf090e2a10095bd6d6f5dcb) D:\Windows\system32\DRIVERS\LHidFilt.Sys
08:59:29.0147 4712	LHidFilt - ok
08:59:29.0194 4712	lltdio          (1538831cf8ad2979a04c423779465827) D:\Windows\system32\DRIVERS\lltdio.sys
08:59:29.0194 4712	lltdio - ok
08:59:29.0241 4712	lltdsvc         (c1185803384ab3feed115f79f109427f) D:\Windows\System32\lltdsvc.dll
08:59:29.0241 4712	lltdsvc - ok
08:59:29.0272 4712	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) D:\Windows\System32\lmhsvc.dll
08:59:29.0272 4712	lmhosts - ok
08:59:29.0303 4712	LMouFilt        (342ed5a4b3326014438f36d22d803737) D:\Windows\system32\DRIVERS\LMouFilt.Sys
08:59:29.0303 4712	LMouFilt - ok
08:59:29.0381 4712	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) D:\Windows\system32\DRIVERS\lsi_fc.sys
08:59:29.0381 4712	LSI_FC - ok
08:59:29.0397 4712	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) D:\Windows\system32\DRIVERS\lsi_sas.sys
08:59:29.0397 4712	LSI_SAS - ok
08:59:29.0413 4712	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) D:\Windows\system32\DRIVERS\lsi_sas2.sys
08:59:29.0413 4712	LSI_SAS2 - ok
08:59:29.0428 4712	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) D:\Windows\system32\DRIVERS\lsi_scsi.sys
08:59:29.0428 4712	LSI_SCSI - ok
08:59:29.0459 4712	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) D:\Windows\system32\drivers\luafv.sys
08:59:29.0459 4712	luafv - ok
08:59:29.0522 4712	LUsbFilt        (29c733e1de824670dc9315cfc9bdbcd3) D:\Windows\system32\Drivers\LUsbFilt.Sys
08:59:29.0522 4712	LUsbFilt - ok
08:59:29.0569 4712	Mcx2Svc         (f84c8f1000bc11e3b7b23cbd3baff111) D:\Windows\system32\Mcx2Svc.dll
08:59:29.0569 4712	Mcx2Svc - ok
08:59:29.0584 4712	megasas         (a55805f747c6edb6a9080d7c633bd0f4) D:\Windows\system32\DRIVERS\megasas.sys
08:59:29.0584 4712	megasas - ok
08:59:29.0616 4712	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) D:\Windows\system32\DRIVERS\MegaSR.sys
08:59:29.0616 4712	MegaSR - ok
08:59:29.0803 4712	mi-raysat_3dsmax2012_64 (0af89452a8ce3928168f4e5b2208c68b) D:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
08:59:29.0803 4712	mi-raysat_3dsmax2012_64 - ok
08:59:29.0850 4712	MMCSS           (e40e80d0304a73e8d269f7141d77250b) D:\Windows\system32\mmcss.dll
08:59:29.0850 4712	MMCSS - ok
08:59:29.0866 4712	Modem           (800ba92f7010378b09f9ed9270f07137) D:\Windows\system32\drivers\modem.sys
08:59:29.0866 4712	Modem - ok
08:59:29.0897 4712	monitor         (b03d591dc7da45ece20b3b467e6aadaa) D:\Windows\system32\DRIVERS\monitor.sys
08:59:29.0897 4712	monitor - ok
08:59:29.0913 4712	mouclass        (7d27ea49f3c1f687d357e77a470aea99) D:\Windows\system32\DRIVERS\mouclass.sys
08:59:29.0913 4712	mouclass - ok
08:59:29.0928 4712	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) D:\Windows\system32\DRIVERS\mouhid.sys
08:59:29.0928 4712	mouhid - ok
08:59:29.0944 4712	mountmgr        (791af66c4d0e7c90a3646066386fb571) D:\Windows\system32\drivers\mountmgr.sys
08:59:29.0944 4712	mountmgr - ok
08:59:29.0959 4712	mpio            (609d1d87649ecc19796f4d76d4c15cea) D:\Windows\system32\DRIVERS\mpio.sys
08:59:29.0975 4712	mpio - ok
08:59:29.0975 4712	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) D:\Windows\system32\drivers\mpsdrv.sys
08:59:29.0975 4712	mpsdrv - ok
08:59:29.0991 4712	MRxDAV          (30524261bb51d96d6fcbac20c810183c) D:\Windows\system32\drivers\mrxdav.sys
08:59:29.0991 4712	MRxDAV - ok
08:59:30.0053 4712	mrxsmb          (040d62a9d8ad28922632137acdd984f2) D:\Windows\system32\DRIVERS\mrxsmb.sys
08:59:30.0053 4712	mrxsmb - ok
08:59:30.0116 4712	mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) D:\Windows\system32\DRIVERS\mrxsmb10.sys
08:59:30.0116 4712	mrxsmb10 - ok
08:59:30.0163 4712	mrxsmb20        (3c142d31de9f2f193218a53fe2632051) D:\Windows\system32\DRIVERS\mrxsmb20.sys
08:59:30.0163 4712	mrxsmb20 - ok
08:59:30.0178 4712	msahci          (5c37497276e3b3a5488b23a326a754b7) D:\Windows\system32\DRIVERS\msahci.sys
08:59:30.0178 4712	msahci - ok
08:59:30.0194 4712	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) D:\Windows\system32\DRIVERS\msdsm.sys
08:59:30.0194 4712	msdsm - ok
08:59:30.0241 4712	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) D:\Windows\System32\msdtc.exe
08:59:30.0256 4712	MSDTC - ok
08:59:30.0288 4712	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) D:\Windows\system32\drivers\Msfs.sys
08:59:30.0288 4712	Msfs - ok
08:59:30.0288 4712	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) D:\Windows\System32\drivers\mshidkmdf.sys
08:59:30.0288 4712	mshidkmdf - ok
08:59:30.0303 4712	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) D:\Windows\system32\DRIVERS\msisadrv.sys
08:59:30.0303 4712	msisadrv - ok
08:59:30.0350 4712	MSiSCSI         (808e98ff49b155c522e6400953177b08) D:\Windows\system32\iscsiexe.dll
08:59:30.0366 4712	MSiSCSI - ok
08:59:30.0366 4712	msiserver - ok
08:59:30.0381 4712	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) D:\Windows\system32\drivers\MSKSSRV.sys
08:59:30.0381 4712	MSKSSRV - ok
08:59:30.0397 4712	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) D:\Windows\system32\drivers\MSPCLOCK.sys
08:59:30.0397 4712	MSPCLOCK - ok
08:59:30.0413 4712	MSPQM           (4ed981241db27c3383d72092b618a1d0) D:\Windows\system32\drivers\MSPQM.sys
08:59:30.0413 4712	MSPQM - ok
08:59:30.0444 4712	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) D:\Windows\system32\drivers\MsRPC.sys
08:59:30.0444 4712	MsRPC - ok
08:59:30.0459 4712	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) D:\Windows\system32\DRIVERS\mssmbios.sys
08:59:30.0459 4712	mssmbios - ok
08:59:30.0475 4712	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) D:\Windows\system32\drivers\MSTEE.sys
08:59:30.0475 4712	MSTEE - ok
08:59:30.0506 4712	MTConfig        (7ea404308934e675bffde8edf0757bcd) D:\Windows\system32\DRIVERS\MTConfig.sys
08:59:30.0506 4712	MTConfig - ok
08:59:30.0522 4712	Mup             (f9a18612fd3526fe473c1bda678d61c8) D:\Windows\system32\Drivers\mup.sys
08:59:30.0538 4712	Mup - ok
08:59:30.0600 4712	napagent        (4987e079a4530fa737a128be54b63b12) D:\Windows\system32\qagentRT.dll
08:59:30.0600 4712	napagent - ok
08:59:30.0647 4712	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) D:\Windows\system32\DRIVERS\nwifi.sys
08:59:30.0647 4712	NativeWifiP - ok
08:59:30.0725 4712	NDIS            (cad515dbd07d082bb317d9928ce8962c) D:\Windows\system32\drivers\ndis.sys
08:59:30.0725 4712	NDIS - ok
08:59:30.0741 4712	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) D:\Windows\system32\DRIVERS\ndiscap.sys
08:59:30.0741 4712	NdisCap - ok
08:59:30.0756 4712	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) D:\Windows\system32\DRIVERS\ndistapi.sys
08:59:30.0756 4712	NdisTapi - ok
08:59:30.0772 4712	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) D:\Windows\system32\DRIVERS\ndisuio.sys
08:59:30.0772 4712	Ndisuio - ok
08:59:30.0788 4712	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) D:\Windows\system32\DRIVERS\ndiswan.sys
08:59:30.0803 4712	NdisWan - ok
08:59:30.0803 4712	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) D:\Windows\system32\drivers\NDProxy.sys
08:59:30.0803 4712	NDProxy - ok
08:59:30.0819 4712	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) D:\Windows\system32\DRIVERS\netbios.sys
08:59:30.0819 4712	NetBIOS - ok
08:59:30.0850 4712	NetBT           (9162b273a44ab9dce5b44362731d062a) D:\Windows\system32\DRIVERS\netbt.sys
08:59:30.0850 4712	NetBT - ok
08:59:30.0897 4712	Netlogon        (0793f40b9b8a1bdd266296409dbd91ea) D:\Windows\system32\lsass.exe
08:59:30.0897 4712	Netlogon - ok
08:59:30.0975 4712	Netman          (847d3ae376c0817161a14a82c8922a9e) D:\Windows\System32\netman.dll
08:59:30.0975 4712	Netman - ok
08:59:31.0116 4712	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:59:31.0131 4712	NetMsmqActivator - ok
08:59:31.0131 4712	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:59:31.0131 4712	NetPipeActivator - ok
08:59:31.0147 4712	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) D:\Windows\System32\netprofm.dll
08:59:31.0163 4712	netprofm - ok
08:59:31.0163 4712	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:59:31.0163 4712	NetTcpActivator - ok
08:59:31.0178 4712	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:59:31.0178 4712	NetTcpPortSharing - ok
08:59:31.0225 4712	nfrd960         (77889813be4d166cdab78ddba990da92) D:\Windows\system32\DRIVERS\nfrd960.sys
08:59:31.0225 4712	nfrd960 - ok
08:59:31.0241 4712	NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) D:\Windows\System32\nlasvc.dll
08:59:31.0256 4712	NlaSvc - ok
08:59:31.0303 4712	nmwcd           (907b5e1e4a592e5edc5e4ccbde4863c2) D:\Windows\system32\drivers\ccdcmbx64.sys
08:59:31.0303 4712	nmwcd - ok
08:59:31.0319 4712	nmwcdc          (41c1ac1f3613435eb32d67bcb80a5fa5) D:\Windows\system32\drivers\ccdcmbox64.sys
08:59:31.0319 4712	nmwcdc - ok
08:59:31.0334 4712	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) D:\Windows\system32\drivers\Npfs.sys
08:59:31.0334 4712	Npfs - ok
08:59:31.0381 4712	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) D:\Windows\system32\nsisvc.dll
08:59:31.0381 4712	nsi - ok
08:59:31.0381 4712	nsiproxy        (e7f5ae18af4168178a642a9247c63001) D:\Windows\system32\drivers\nsiproxy.sys
08:59:31.0381 4712	nsiproxy - ok
08:59:31.0506 4712	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) D:\Windows\system32\drivers\Ntfs.sys
08:59:31.0522 4712	Ntfs - ok
08:59:31.0584 4712	Null            (9899284589f75fa8724ff3d16aed75c1) D:\Windows\system32\drivers\Null.sys
08:59:31.0584 4712	Null - ok
08:59:32.0131 4712	nvlddmkm        (dd81fbc57ab9134cddc5ce90880bfd80) D:\Windows\system32\DRIVERS\nvlddmkm.sys
08:59:32.0350 4712	nvlddmkm - ok
08:59:32.0491 4712	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) D:\Windows\system32\drivers\nvraid.sys
08:59:32.0491 4712	nvraid - ok
08:59:32.0506 4712	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) D:\Windows\system32\drivers\nvstor.sys
08:59:32.0506 4712	nvstor - ok
08:59:32.0584 4712	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) D:\Windows\system32\DRIVERS\nv_agp.sys
08:59:32.0584 4712	nv_agp - ok
08:59:32.0725 4712	odserv          (1f0e05dff4f5a833168e49be1256f002) D:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:59:32.0741 4712	odserv - ok
08:59:32.0756 4712	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) D:\Windows\system32\DRIVERS\ohci1394.sys
08:59:32.0756 4712	ohci1394 - ok
08:59:32.0819 4712	ose             (5a432a042dae460abe7199b758e8606c) D:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:59:32.0819 4712	ose - ok
08:59:32.0881 4712	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) D:\Windows\system32\pnrpsvc.dll
08:59:32.0897 4712	p2pimsvc - ok
08:59:32.0913 4712	p2psvc          (927463ecb02179f88e4b9a17568c63c3) D:\Windows\system32\p2psvc.dll
08:59:32.0928 4712	p2psvc - ok
08:59:32.0944 4712	Parport         (0086431c29c35be1dbc43f52cc273887) D:\Windows\system32\DRIVERS\parport.sys
08:59:32.0944 4712	Parport - ok
08:59:32.0959 4712	partmgr         (7daa117143316c4a1537e074a5a9eaf0) D:\Windows\system32\drivers\partmgr.sys
08:59:32.0959 4712	partmgr - ok
08:59:32.0975 4712	PcaSvc          (3aeaa8b561e63452c655dc0584922257) D:\Windows\System32\pcasvc.dll
08:59:32.0975 4712	PcaSvc - ok
08:59:33.0038 4712	pccsmcfd        (bc0018c2d29f655188a0ed3fa94fdb24) D:\Windows\system32\DRIVERS\pccsmcfdx64.sys
08:59:33.0038 4712	pccsmcfd - ok
08:59:33.0053 4712	pci             (f36f6504009f2fb0dfd1b17a116ad74b) D:\Windows\system32\DRIVERS\pci.sys
08:59:33.0053 4712	pci - ok
08:59:33.0069 4712	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) D:\Windows\system32\DRIVERS\pciide.sys
08:59:33.0069 4712	pciide - ok
08:59:33.0084 4712	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) D:\Windows\system32\DRIVERS\pcmcia.sys
08:59:33.0100 4712	pcmcia - ok
08:59:33.0100 4712	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) D:\Windows\system32\drivers\pcw.sys
08:59:33.0100 4712	pcw - ok
08:59:33.0131 4712	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) D:\Windows\system32\drivers\peauth.sys
08:59:33.0147 4712	PEAUTH - ok
08:59:33.0241 4712	PeerDistSvc     (b9b0a4299dd2d76a4243f75fd54dc680) D:\Windows\system32\peerdistsvc.dll
08:59:33.0256 4712	PeerDistSvc - ok
08:59:33.0397 4712	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) D:\Windows\SysWow64\perfhost.exe
08:59:33.0397 4712	PerfHost - ok
08:59:33.0522 4712	pla             (557e9a86f65f0de18c9b6751dfe9d3f1) D:\Windows\system32\pla.dll
08:59:33.0538 4712	pla - ok
08:59:33.0616 4712	PlugPlay        (98b1721b8718164293b9701b98c52d77) D:\Windows\system32\umpnpmgr.dll
08:59:33.0631 4712	PlugPlay - ok
08:59:33.0647 4712	PnkBstrA - ok
08:59:33.0663 4712	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) D:\Windows\system32\pnrpauto.dll
08:59:33.0678 4712	PNRPAutoReg - ok
08:59:33.0694 4712	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) D:\Windows\system32\pnrpsvc.dll
08:59:33.0694 4712	PNRPsvc - ok
08:59:33.0772 4712	PolicyAgent     (166eb40d1f5b47e615de3d0fffe5f243) D:\Windows\System32\ipsecsvc.dll
08:59:33.0772 4712	PolicyAgent - ok
08:59:33.0819 4712	Power           (6ba9d927dded70bd1a9caded45f8b184) D:\Windows\system32\umpo.dll
08:59:33.0834 4712	Power - ok
08:59:33.0897 4712	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) D:\Windows\system32\DRIVERS\raspptp.sys
08:59:33.0913 4712	PptpMiniport - ok
08:59:33.0913 4712	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) D:\Windows\system32\DRIVERS\processr.sys
08:59:33.0928 4712	Processor - ok
08:59:33.0975 4712	ProfSvc         (f381975e1f4346de875cb07339ce8d3a) D:\Windows\system32\profsvc.dll
08:59:33.0975 4712	ProfSvc - ok
08:59:34.0022 4712	ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) D:\Windows\system32\lsass.exe
08:59:34.0038 4712	ProtectedStorage - ok
08:59:34.0053 4712	Psched          (ee992183bd8eaefd9973f352e587a299) D:\Windows\system32\DRIVERS\pacer.sys
08:59:34.0069 4712	Psched - ok
08:59:34.0131 4712	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) D:\Windows\system32\DRIVERS\ql2300.sys
08:59:34.0147 4712	ql2300 - ok
08:59:34.0225 4712	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) D:\Windows\system32\DRIVERS\ql40xx.sys
08:59:34.0225 4712	ql40xx - ok
08:59:34.0256 4712	QWAVE           (906191634e99aea92c4816150bda3732) D:\Windows\system32\qwave.dll
08:59:34.0256 4712	QWAVE - ok
08:59:34.0272 4712	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) D:\Windows\system32\drivers\qwavedrv.sys
08:59:34.0272 4712	QWAVEdrv - ok
08:59:34.0288 4712	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) D:\Windows\system32\DRIVERS\rasacd.sys
08:59:34.0288 4712	RasAcd - ok
08:59:34.0334 4712	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) D:\Windows\system32\DRIVERS\AgileVpn.sys
08:59:34.0334 4712	RasAgileVpn - ok
08:59:34.0381 4712	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) D:\Windows\System32\rasauto.dll
08:59:34.0397 4712	RasAuto - ok
08:59:34.0413 4712	Rasl2tp         (87a6e852a22991580d6d39adc4790463) D:\Windows\system32\DRIVERS\rasl2tp.sys
08:59:34.0413 4712	Rasl2tp - ok
08:59:34.0428 4712	RasMan          (47394ed3d16d053f5906efe5ab51cc83) D:\Windows\System32\rasmans.dll
08:59:34.0428 4712	RasMan - ok
08:59:34.0444 4712	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) D:\Windows\system32\DRIVERS\raspppoe.sys
08:59:34.0444 4712	RasPppoe - ok
08:59:34.0459 4712	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) D:\Windows\system32\DRIVERS\rassstp.sys
08:59:34.0459 4712	RasSstp - ok
08:59:34.0491 4712	rdbss           (3bac8142102c15d59a87757c1d41dce5) D:\Windows\system32\DRIVERS\rdbss.sys
08:59:34.0491 4712	rdbss - ok
08:59:34.0506 4712	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) D:\Windows\system32\DRIVERS\rdpbus.sys
08:59:34.0506 4712	rdpbus - ok
08:59:34.0522 4712	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) D:\Windows\system32\DRIVERS\RDPCDD.sys
08:59:34.0522 4712	RDPCDD - ok
08:59:34.0569 4712	RDPDR           (9706b84dbabfc4b4ca46c5a82b14dfa3) D:\Windows\system32\drivers\rdpdr.sys
08:59:34.0584 4712	RDPDR - ok
08:59:34.0600 4712	RDPENCDD        (bb5971a4f00659529a5c44831af22365) D:\Windows\system32\drivers\rdpencdd.sys
08:59:34.0600 4712	RDPENCDD - ok
08:59:34.0600 4712	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) D:\Windows\system32\drivers\rdprefmp.sys
08:59:34.0600 4712	RDPREFMP - ok
08:59:34.0616 4712	RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) D:\Windows\system32\drivers\RDPWD.sys
08:59:34.0616 4712	RDPWD - ok
08:59:34.0647 4712	rdyboost        (634b9a2181d98f15941236886164ec8b) D:\Windows\system32\drivers\rdyboost.sys
08:59:34.0663 4712	rdyboost - ok
08:59:34.0725 4712	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) D:\Windows\System32\mprdim.dll
08:59:34.0725 4712	RemoteAccess - ok
08:59:34.0772 4712	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) D:\Windows\system32\regsvc.dll
08:59:34.0772 4712	RemoteRegistry - ok
08:59:34.0788 4712	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) D:\Windows\System32\RpcEpMap.dll
08:59:34.0788 4712	RpcEptMapper - ok
08:59:34.0803 4712	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) D:\Windows\system32\locator.exe
08:59:34.0803 4712	RpcLocator - ok
08:59:34.0866 4712	RpcSs           (7266972e86890e2b30c0c322e906b027) D:\Windows\system32\rpcss.dll
08:59:34.0866 4712	RpcSs - ok
08:59:34.0897 4712	rspndr          (ddc86e4f8e7456261e637e3552e804ff) D:\Windows\system32\DRIVERS\rspndr.sys
08:59:34.0897 4712	rspndr - ok
08:59:34.0944 4712	s217bus         (b49951a2c8fd81307707443d01936e37) D:\Windows\system32\DRIVERS\s217bus.sys
08:59:34.0959 4712	s217bus - ok
08:59:34.0991 4712	s3cap           (88af6e02ab19df7fd07ecdf9c91e9af6) D:\Windows\system32\DRIVERS\vms3cap.sys
08:59:34.0991 4712	s3cap - ok
08:59:35.0006 4712	SamSs           (0793f40b9b8a1bdd266296409dbd91ea) D:\Windows\system32\lsass.exe
08:59:35.0006 4712	SamSs - ok
08:59:35.0022 4712	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) D:\Windows\system32\DRIVERS\sbp2port.sys
08:59:35.0022 4712	sbp2port - ok
08:59:35.0038 4712	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) D:\Windows\System32\SCardSvr.dll
08:59:35.0038 4712	SCardSvr - ok
08:59:35.0053 4712	scfilter        (c94da20c7e3ba1dca269bc8460d98387) D:\Windows\system32\DRIVERS\scfilter.sys
08:59:35.0053 4712	scfilter - ok
08:59:35.0147 4712	Schedule        (624d0f5ff99428bb90a5b8a4123e918e) D:\Windows\system32\schedsvc.dll
08:59:35.0163 4712	Schedule - ok
08:59:35.0209 4712	SCPolicySvc     (312e2f82af11e79906898ac3e3d58a1f) D:\Windows\System32\certprop.dll
08:59:35.0209 4712	SCPolicySvc - ok
08:59:35.0225 4712	SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) D:\Windows\System32\SDRSVC.dll
08:59:35.0241 4712	SDRSVC - ok
08:59:35.0272 4712	secdrv          (3ea8a16169c26afbeb544e0e48421186) D:\Windows\system32\drivers\secdrv.sys
08:59:35.0272 4712	secdrv - ok
08:59:35.0319 4712	seclogon        (463b386ebc70f98da5dff85f7e654346) D:\Windows\system32\seclogon.dll
08:59:35.0319 4712	seclogon - ok
08:59:35.0334 4712	SENS            (c32ab8fa018ef34c0f113bd501436d21) D:\Windows\System32\sens.dll
08:59:35.0334 4712	SENS - ok
08:59:35.0334 4712	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) D:\Windows\system32\sensrsvc.dll
08:59:35.0334 4712	SensrSvc - ok
08:59:35.0366 4712	Serenum         (cb624c0035412af0debec78c41f5ca1b) D:\Windows\system32\DRIVERS\serenum.sys
08:59:35.0366 4712	Serenum - ok
08:59:35.0381 4712	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) D:\Windows\system32\DRIVERS\serial.sys
08:59:35.0381 4712	Serial - ok
08:59:35.0397 4712	sermouse        (1c545a7d0691cc4a027396535691c3e3) D:\Windows\system32\DRIVERS\sermouse.sys
08:59:35.0397 4712	sermouse - ok
08:59:35.0538 4712	ServiceLayer    (668043f192ab9659761a349a4703600d) D:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
08:59:35.0553 4712	ServiceLayer - ok
08:59:35.0569 4712	SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) D:\Windows\system32\sessenv.dll
08:59:35.0569 4712	SessionEnv - ok
08:59:35.0584 4712	sffdisk         (a554811bcd09279536440c964ae35bbf) D:\Windows\system32\DRIVERS\sffdisk.sys
08:59:35.0584 4712	sffdisk - ok
08:59:35.0584 4712	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) D:\Windows\system32\DRIVERS\sffp_mmc.sys
08:59:35.0584 4712	sffp_mmc - ok
08:59:35.0600 4712	sffp_sd         (5588b8c6193eb1522490c122eb94dffa) D:\Windows\system32\DRIVERS\sffp_sd.sys
08:59:35.0600 4712	sffp_sd - ok
08:59:35.0616 4712	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) D:\Windows\system32\DRIVERS\sfloppy.sys
08:59:35.0616 4712	sfloppy - ok
08:59:35.0663 4712	ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) D:\Windows\System32\shsvcs.dll
08:59:35.0678 4712	ShellHWDetection - ok
08:59:35.0694 4712	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) D:\Windows\system32\DRIVERS\SiSRaid2.sys
08:59:35.0694 4712	SiSRaid2 - ok
08:59:35.0709 4712	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) D:\Windows\system32\DRIVERS\sisraid4.sys
08:59:35.0709 4712	SiSRaid4 - ok
08:59:35.0741 4712	Smb             (548260a7b8654e024dc30bf8a7c5baa4) D:\Windows\system32\DRIVERS\smb.sys
08:59:35.0741 4712	Smb - ok
08:59:35.0756 4712	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) D:\Windows\System32\snmptrap.exe
08:59:35.0756 4712	SNMPTRAP - ok
08:59:35.0788 4712	spldr           (b9e31e5cacdfe584f34f730a677803f9) D:\Windows\system32\drivers\spldr.sys
08:59:35.0788 4712	spldr - ok
08:59:35.0850 4712	Spooler         (f8e1fa03cb70d54a9892ac88b91d1e7b) D:\Windows\System32\spoolsv.exe
08:59:35.0866 4712	Spooler - ok
08:59:36.0038 4712	sppsvc          (913d843498553a1bc8f8dbad6358e49f) D:\Windows\system32\sppsvc.exe
08:59:36.0069 4712	sppsvc - ok
08:59:36.0163 4712	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) D:\Windows\system32\sppuinotify.dll
08:59:36.0163 4712	sppuinotify - ok
08:59:36.0256 4712	sptd            (a6cff1af7664627a296b6a0a96cf876e) D:\Windows\System32\Drivers\sptd.sys
08:59:36.0256 4712	Suspicious file (NoAccess): D:\Windows\System32\Drivers\sptd.sys. md5: a6cff1af7664627a296b6a0a96cf876e
08:59:36.0272 4712	sptd ( LockedFile.Multi.Generic ) - warning
08:59:36.0272 4712	sptd - detected LockedFile.Multi.Generic (1)
08:59:36.0319 4712	srv             (2408c0366d96bcdf63e8f1c78e4a29c5) D:\Windows\system32\DRIVERS\srv.sys
08:59:36.0334 4712	srv - ok
08:59:36.0381 4712	srv2            (76548f7b818881b47d8d1ae1be9c11f8) D:\Windows\system32\DRIVERS\srv2.sys
08:59:36.0397 4712	srv2 - ok
08:59:36.0444 4712	srvnet          (0af6e19d39c70844c5caa8fb0183c36e) D:\Windows\system32\DRIVERS\srvnet.sys
08:59:36.0459 4712	srvnet - ok
08:59:36.0475 4712	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) D:\Windows\System32\ssdpsrv.dll
08:59:36.0491 4712	SSDPSRV - ok
08:59:36.0506 4712	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) D:\Windows\system32\sstpsvc.dll
08:59:36.0506 4712	SstpSvc - ok
08:59:36.0553 4712	stexstor        (f3817967ed533d08327dc73bc4d5542a) D:\Windows\system32\DRIVERS\stexstor.sys
08:59:36.0553 4712	stexstor - ok
08:59:36.0631 4712	stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) D:\Windows\System32\wiaservc.dll
08:59:36.0631 4712	stisvc - ok
08:59:36.0678 4712	storflt         (ffd7a6f15b14234b5b0e5d49e7961895) D:\Windows\system32\DRIVERS\vmstorfl.sys
08:59:36.0678 4712	storflt - ok
08:59:36.0741 4712	StorSvc         (c40841817ef57d491f22eb103da587cc) D:\Windows\system32\storsvc.dll
08:59:36.0741 4712	StorSvc - ok
08:59:36.0756 4712	storvsc         (8fccbefc5c440b3c23454656e551b09a) D:\Windows\system32\DRIVERS\storvsc.sys
08:59:36.0756 4712	storvsc - ok
08:59:36.0772 4712	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) D:\Windows\system32\DRIVERS\swenum.sys
08:59:36.0772 4712	swenum - ok
08:59:36.0803 4712	swprv           (e08e46fdd841b7184194011ca1955a0b) D:\Windows\System32\swprv.dll
08:59:36.0803 4712	swprv - ok
08:59:36.0897 4712	SysMain         (3c1284516a62078fb68f768de4f1a7be) D:\Windows\system32\sysmain.dll
08:59:36.0913 4712	SysMain - ok
08:59:37.0038 4712	TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) D:\Windows\System32\TabSvc.dll
08:59:37.0038 4712	TabletInputService - ok
08:59:37.0053 4712	TapiSrv         (884264ac597b690c5707c89723bb8e7b) D:\Windows\System32\tapisrv.dll
08:59:37.0069 4712	TapiSrv - ok
08:59:37.0131 4712	tbhsd           (4430e9b4c60aab672d16e801bad0555e) D:\Windows\system32\drivers\tbhsd.sys
08:59:37.0131 4712	tbhsd - ok
08:59:37.0147 4712	TBS             (1be03ac720f4d302ea01d40f588162f6) D:\Windows\System32\tbssvc.dll
08:59:37.0147 4712	TBS - ok
08:59:37.0272 4712	Tcpip           (b9d87c7707f058ac652a398cd28de14b) D:\Windows\system32\drivers\tcpip.sys
08:59:37.0288 4712	Tcpip - ok
08:59:37.0413 4712	TCPIP6          (b9d87c7707f058ac652a398cd28de14b) D:\Windows\system32\DRIVERS\tcpip.sys
08:59:37.0428 4712	TCPIP6 - ok
08:59:37.0506 4712	tcpipreg        (76d078af6f587b162d50210f761eb9ed) D:\Windows\system32\drivers\tcpipreg.sys
08:59:37.0506 4712	tcpipreg - ok
08:59:37.0506 4712	TDPIPE          (3371d21011695b16333a3934340c4e7c) D:\Windows\system32\drivers\tdpipe.sys
08:59:37.0506 4712	TDPIPE - ok
08:59:37.0522 4712	TDTCP           (e4245bda3190a582d55ed09e137401a9) D:\Windows\system32\drivers\tdtcp.sys
08:59:37.0522 4712	TDTCP - ok
08:59:37.0538 4712	tdx             (079125c4b17b01fcaeebce0bcb290c0f) D:\Windows\system32\DRIVERS\tdx.sys
08:59:37.0538 4712	tdx - ok
08:59:37.0553 4712	TermDD          (c448651339196c0e869a355171875522) D:\Windows\system32\DRIVERS\termdd.sys
08:59:37.0553 4712	TermDD - ok
08:59:37.0631 4712	TermService     (0f05ec2887bfe197ad82a13287d2f404) D:\Windows\System32\termsrv.dll
08:59:37.0647 4712	TermService - ok
08:59:37.0663 4712	Themes          (f0344071948d1a1fa732231785a0664c) D:\Windows\system32\themeservice.dll
08:59:37.0663 4712	Themes - ok
08:59:37.0709 4712	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) D:\Windows\system32\mmcss.dll
08:59:37.0709 4712	THREADORDER - ok
08:59:37.0725 4712	TrkWks          (7e7afd841694f6ac397e99d75cead49d) D:\Windows\System32\trkwks.dll
08:59:37.0725 4712	TrkWks - ok
08:59:37.0788 4712	TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) D:\Windows\servicing\TrustedInstaller.exe
08:59:37.0788 4712	TrustedInstaller - ok
08:59:37.0803 4712	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) D:\Windows\system32\DRIVERS\tssecsrv.sys
08:59:37.0803 4712	tssecsrv - ok
08:59:37.0834 4712	tunnel          (3836171a2cdf3af8ef10856db9835a70) D:\Windows\system32\DRIVERS\tunnel.sys
08:59:37.0834 4712	tunnel - ok
08:59:37.0850 4712	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) D:\Windows\system32\DRIVERS\uagp35.sys
08:59:37.0850 4712	uagp35 - ok
08:59:37.0881 4712	udfs            (d47baead86c65d4f4069d7ce0a4edceb) D:\Windows\system32\DRIVERS\udfs.sys
08:59:37.0881 4712	udfs - ok
08:59:37.0897 4712	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) D:\Windows\system32\UI0Detect.exe
08:59:37.0897 4712	UI0Detect - ok
08:59:37.0928 4712	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) D:\Windows\system32\DRIVERS\uliagpkx.sys
08:59:37.0928 4712	uliagpkx - ok
08:59:37.0959 4712	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) D:\Windows\system32\DRIVERS\umbus.sys
08:59:37.0959 4712	umbus - ok
08:59:37.0975 4712	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) D:\Windows\system32\DRIVERS\umpass.sys
08:59:37.0975 4712	UmPass - ok
08:59:38.0022 4712	UmRdpService    (af0ac98ee5077eb844413eb54287fde3) D:\Windows\System32\umrdp.dll
08:59:38.0022 4712	UmRdpService - ok
08:59:38.0053 4712	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) D:\Windows\System32\upnphost.dll
08:59:38.0053 4712	upnphost - ok
08:59:38.0116 4712	upperdev        (4e93c8496359e97830c75ac36393654d) D:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
08:59:38.0116 4712	upperdev - ok
08:59:38.0194 4712	usbaudio        (77b01bc848298223a95d4ec23e1785a1) D:\Windows\system32\drivers\usbaudio.sys
08:59:38.0194 4712	usbaudio - ok
08:59:38.0241 4712	usbccgp         (7b6a127c93ee590e4d79a5f2a76fe46f) D:\Windows\system32\DRIVERS\usbccgp.sys
08:59:38.0241 4712	usbccgp - ok
08:59:38.0256 4712	usbcir          (af0892a803fdda7492f595368e3b68e7) D:\Windows\system32\DRIVERS\usbcir.sys
08:59:38.0256 4712	usbcir - ok
08:59:38.0272 4712	usbehci         (92969ba5ac44e229c55a332864f79677) D:\Windows\system32\DRIVERS\usbehci.sys
08:59:38.0272 4712	usbehci - ok
08:59:38.0303 4712	usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) D:\Windows\system32\DRIVERS\usbhub.sys
08:59:38.0303 4712	usbhub - ok
08:59:38.0319 4712	usbohci         (f1bb1e55f1e7a65c5839ccc7b36d773e) D:\Windows\system32\drivers\usbohci.sys
08:59:38.0319 4712	usbohci - ok
08:59:38.0366 4712	usbprint        (73188f58fb384e75c4063d29413cee3d) D:\Windows\system32\DRIVERS\usbprint.sys
08:59:38.0366 4712	usbprint - ok
08:59:38.0413 4712	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) D:\Windows\system32\DRIVERS\usbscan.sys
08:59:38.0413 4712	usbscan - ok
08:59:38.0428 4712	usbser          (0f0c72a657c622286013788b886968ad) D:\Windows\system32\drivers\usbser.sys
08:59:38.0428 4712	usbser - ok
08:59:38.0444 4712	UsbserFilt      (8844cb19a37b65e27049d4a7786726a9) D:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
08:59:38.0444 4712	UsbserFilt - ok
08:59:38.0491 4712	USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) D:\Windows\system32\DRIVERS\USBSTOR.SYS
08:59:38.0491 4712	USBSTOR - ok
08:59:38.0506 4712	usbuhci         (bc3070350a491d84b518d7cca9abd36f) D:\Windows\system32\DRIVERS\usbuhci.sys
08:59:38.0506 4712	usbuhci - ok
08:59:38.0553 4712	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) D:\Windows\System32\uxsms.dll
08:59:38.0553 4712	UxSms - ok
08:59:38.0600 4712	VaultSvc        (0793f40b9b8a1bdd266296409dbd91ea) D:\Windows\system32\lsass.exe
08:59:38.0600 4712	VaultSvc - ok
08:59:38.0663 4712	VClone          (fd911873c0bb6945fa38c16e9a2b58f9) D:\Windows\system32\DRIVERS\VClone.sys
08:59:38.0663 4712	VClone - ok
08:59:38.0678 4712	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) D:\Windows\system32\DRIVERS\vdrvroot.sys
08:59:38.0678 4712	vdrvroot - ok
08:59:38.0709 4712	vds             (44d73e0bbc1d3c8981304ba15135c2f2) D:\Windows\System32\vds.exe
08:59:38.0725 4712	vds - ok
08:59:38.0741 4712	vga             (da4da3f5e02943c2dc8c6ed875de68dd) D:\Windows\system32\DRIVERS\vgapnp.sys
08:59:38.0741 4712	vga - ok
08:59:38.0756 4712	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) D:\Windows\System32\drivers\vga.sys
08:59:38.0756 4712	VgaSave - ok
08:59:38.0788 4712	vhdmp           (c82e748660f62a242b2dfac1442f22a4) D:\Windows\system32\DRIVERS\vhdmp.sys
08:59:38.0788 4712	vhdmp - ok
08:59:38.0788 4712	viaide          (e5689d93ffe4e5d66c0178761240dd54) D:\Windows\system32\DRIVERS\viaide.sys
08:59:38.0788 4712	viaide - ok
08:59:38.0850 4712	vmbus           (1501699d7eda984abc4155a7da5738d1) D:\Windows\system32\DRIVERS\vmbus.sys
08:59:38.0850 4712	vmbus - ok
08:59:38.0866 4712	VMBusHID        (ae10c35761889e65a6f7176937c5592c) D:\Windows\system32\DRIVERS\VMBusHID.sys
08:59:38.0881 4712	VMBusHID - ok
08:59:38.0897 4712	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) D:\Windows\system32\DRIVERS\volmgr.sys
08:59:38.0897 4712	volmgr - ok
08:59:38.0913 4712	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) D:\Windows\system32\drivers\volmgrx.sys
08:59:38.0928 4712	volmgrx - ok
08:59:38.0975 4712	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) D:\Windows\system32\DRIVERS\volsnap.sys
08:59:38.0975 4712	volsnap - ok
08:59:39.0006 4712	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) D:\Windows\system32\DRIVERS\vsmraid.sys
08:59:39.0006 4712	vsmraid - ok
08:59:39.0116 4712	VSS             (787898bf9fb6d7bd87a36e2d95c899ba) D:\Windows\system32\vssvc.exe
08:59:39.0131 4712	VSS - ok
08:59:39.0225 4712	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) D:\Windows\System32\drivers\vwifibus.sys
08:59:39.0225 4712	vwifibus - ok
08:59:39.0241 4712	W32Time         (1c9d80cc3849b3788048078c26486e1a) D:\Windows\system32\w32time.dll
08:59:39.0256 4712	W32Time - ok
08:59:39.0272 4712	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) D:\Windows\system32\DRIVERS\wacompen.sys
08:59:39.0272 4712	WacomPen - ok
08:59:39.0303 4712	WANARP          (47ca49400643effd3f1c9a27e1d69324) D:\Windows\system32\DRIVERS\wanarp.sys
08:59:39.0303 4712	WANARP - ok
08:59:39.0303 4712	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) D:\Windows\system32\DRIVERS\wanarp.sys
08:59:39.0303 4712	Wanarpv6 - ok
08:59:39.0381 4712	wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) D:\Windows\system32\wbengine.exe
08:59:39.0397 4712	wbengine - ok
08:59:39.0459 4712	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) D:\Windows\System32\wbiosrvc.dll
08:59:39.0459 4712	WbioSrvc - ok
08:59:39.0522 4712	wcncsvc         (dd1bae8ebfc653824d29ccf8c9054d68) D:\Windows\System32\wcncsvc.dll
08:59:39.0538 4712	wcncsvc - ok
08:59:39.0538 4712	WcsPlugInService (20f7441334b18cee52027661df4a6129) D:\Windows\System32\WcsPlugInService.dll
08:59:39.0538 4712	WcsPlugInService - ok
08:59:39.0553 4712	Wd              (72889e16ff12ba0f235467d6091b17dc) D:\Windows\system32\DRIVERS\wd.sys
08:59:39.0569 4712	Wd - ok
08:59:39.0600 4712	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) D:\Windows\system32\drivers\Wdf01000.sys
08:59:39.0616 4712	Wdf01000 - ok
08:59:39.0631 4712	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) D:\Windows\system32\wdi.dll
08:59:39.0631 4712	WdiServiceHost - ok
08:59:39.0631 4712	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) D:\Windows\system32\wdi.dll
08:59:39.0631 4712	WdiSystemHost - ok
08:59:39.0678 4712	WebClient       (733006127f235be7c35354ebee7b9a7b) D:\Windows\System32\webclnt.dll
08:59:39.0694 4712	WebClient - ok
08:59:39.0709 4712	Wecsvc          (c749025a679c5103e575e3b48e092c43) D:\Windows\system32\wecsvc.dll
08:59:39.0725 4712	Wecsvc - ok
08:59:39.0741 4712	wercplsupport   (7e591867422dc788b9e5bd337a669a08) D:\Windows\System32\wercplsupport.dll
08:59:39.0741 4712	wercplsupport - ok
08:59:39.0756 4712	WerSvc          (6d137963730144698cbd10f202e9f251) D:\Windows\System32\WerSvc.dll
08:59:39.0756 4712	WerSvc - ok
08:59:39.0819 4712	WfpLwf          (611b23304bf067451a9fdee01fbdd725) D:\Windows\system32\DRIVERS\wfplwf.sys
08:59:39.0819 4712	WfpLwf - ok
08:59:39.0834 4712	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) D:\Windows\system32\drivers\wimmount.sys
08:59:39.0834 4712	WIMMount - ok
08:59:39.0834 4712	WinHttpAutoProxySvc - ok
08:59:39.0913 4712	Winmgmt         (19b07e7e8915d701225da41cb3877306) D:\Windows\system32\wbem\WMIsvc.dll
08:59:39.0928 4712	Winmgmt - ok
08:59:40.0053 4712	WinRM           (41fbb751936b387f9179e7f03a74fe29) D:\Windows\system32\WsmSvc.dll
08:59:40.0069 4712	WinRM - ok
08:59:40.0209 4712	WinUsb          (817eaff5d38674edd7713b9dfb8e9791) D:\Windows\system32\DRIVERS\WinUsb.sys
08:59:40.0209 4712	WinUsb - ok
08:59:40.0288 4712	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) D:\Windows\System32\wlansvc.dll
08:59:40.0303 4712	Wlansvc - ok
08:59:40.0491 4712	wlidsvc         (2bacd71123f42cea603f4e205e1ae337) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:59:40.0522 4712	wlidsvc - ok
08:59:40.0584 4712	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) D:\Windows\system32\DRIVERS\wmiacpi.sys
08:59:40.0584 4712	WmiAcpi - ok
08:59:40.0616 4712	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) D:\Windows\system32\wbem\WmiApSrv.exe
08:59:40.0631 4712	wmiApSrv - ok
08:59:40.0678 4712	WMPNetworkSvc - ok
08:59:40.0678 4712	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) D:\Windows\System32\wpcsvc.dll
08:59:40.0678 4712	WPCSvc - ok
08:59:40.0709 4712	WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) D:\Windows\system32\wpdbusenum.dll
08:59:40.0709 4712	WPDBusEnum - ok
08:59:40.0709 4712	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) D:\Windows\system32\drivers\ws2ifsl.sys
08:59:40.0709 4712	ws2ifsl - ok
08:59:40.0725 4712	WSearch - ok
08:59:40.0850 4712	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) D:\Windows\system32\wuaueng.dll
08:59:40.0881 4712	wuauserv - ok
08:59:40.0944 4712	WudfPf          (7cadc74271dd6461c452c271b30bd378) D:\Windows\system32\drivers\WudfPf.sys
08:59:40.0944 4712	WudfPf - ok
08:59:40.0975 4712	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) D:\Windows\system32\DRIVERS\WUDFRd.sys
08:59:40.0975 4712	WUDFRd - ok
08:59:40.0991 4712	wudfsvc         (b551d6637aa0e132c18ac6e504f7b79b) D:\Windows\System32\WUDFSvc.dll
08:59:40.0991 4712	wudfsvc - ok
08:59:41.0022 4712	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) D:\Windows\System32\wwansvc.dll
08:59:41.0022 4712	WwanSvc - ok
08:59:41.0038 4712	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:59:41.0334 4712	\Device\Harddisk0\DR0 - ok
08:59:41.0334 4712	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
08:59:41.0397 4712	\Device\Harddisk1\DR1 - ok
08:59:41.0413 4712	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR2
08:59:41.0459 4712	\Device\Harddisk2\DR2 - ok
08:59:41.0491 4712	Boot (0x1200)   (b030b3ede74c61513a26b9f74fc281bc) \Device\Harddisk0\DR0\Partition0
08:59:41.0491 4712	\Device\Harddisk0\DR0\Partition0 - ok
08:59:41.0491 4712	Boot (0x1200)   (9d68f08f702ab1ac966132a0515226c1) \Device\Harddisk1\DR1\Partition0
08:59:41.0491 4712	\Device\Harddisk1\DR1\Partition0 - ok
08:59:41.0506 4712	Boot (0x1200)   (c71699263559c220d25b55324c6bac7e) \Device\Harddisk2\DR2\Partition0
08:59:41.0522 4712	\Device\Harddisk2\DR2\Partition0 - ok
08:59:41.0522 4712	============================================================
08:59:41.0522 4712	Scan finished
08:59:41.0522 4712	============================================================
08:59:41.0522 3456	Detected object count: 1
08:59:41.0522 3456	Actual detected object count: 1
09:00:03.0491 3456	sptd ( LockedFile.Multi.Generic ) - skipped by user
09:00:03.0491 3456	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 

und dann mit
aswMBR

HTML-Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-26 08:01:15
-----------------------------
08:01:15.439    OS Version: Windows x64 6.1.7600 
08:01:15.439    Number of processors: 8 586 0x170A
08:01:15.439    ComputerName: NAME  UserName: 
08:01:18.126    Initialize success
08:03:09.518    AVAST engine defs: 12062501
08:03:29.049    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:03:29.065    Disk 0 Vendor: SAMSUNG_SP2514N VF100-33 Size: 238474MB BusType: 3
08:03:29.065    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-4
08:03:29.065    Disk 1 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476940MB BusType: 3
08:03:29.065    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-5
08:03:29.065    Disk 2 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476940MB BusType: 3
08:03:29.081    Disk 0 MBR read successfully
08:03:29.081    Disk 0 MBR scan
08:03:29.096    Disk 0 Windows 7 default MBR code
08:03:29.096    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       238473 MB offset 63
08:03:29.127    Disk 0 scanning D:\Windows\system32\drivers
08:03:39.393    Service scanning
08:03:59.534    Modules scanning
08:03:59.534    Disk 0 trace - called modules:
08:03:59.534    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8003fc92c0]<<sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
08:03:59.549    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80050c9060]
08:03:59.549    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8004ddf670]
08:03:59.549    5 ACPI.sys[fffff8800100b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004df3060]
08:03:59.549    \Driver\atapi[0xfffffa8004ddd3a0] -> IRP_MJ_CREATE -> 0xfffffa8003fc92c0
08:04:01.190    AVAST engine scan D:\Windows
08:04:03.549    AVAST engine scan D:\Windows\system32
08:08:04.659    AVAST engine scan D:\Windows\system32\drivers
08:08:16.049    AVAST engine scan D:\Users\NAME
08:25:00.329    Disk 0 MBR has been saved successfully to "D:\Users\NAME\Documents\MBR.dat"
08:25:00.344    The log file has been saved successfully to "D:\Users\NAME\Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-26 08:01:15
-----------------------------
08:01:15.439    OS Version: Windows x64 6.1.7600 
08:01:15.439    Number of processors: 8 586 0x170A
08:01:15.439    ComputerName: NAME  UserName: 
08:01:18.126    Initialize success
08:03:09.518    AVAST engine defs: 12062501
08:03:29.049    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:03:29.065    Disk 0 Vendor: SAMSUNG_SP2514N VF100-33 Size: 238474MB BusType: 3
08:03:29.065    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-4
08:03:29.065    Disk 1 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476940MB BusType: 3
08:03:29.065    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-5
08:03:29.065    Disk 2 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476940MB BusType: 3
08:03:29.081    Disk 0 MBR read successfully
08:03:29.081    Disk 0 MBR scan
08:03:29.096    Disk 0 Windows 7 default MBR code
08:03:29.096    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       238473 MB offset 63
08:03:29.127    Disk 0 scanning D:\Windows\system32\drivers
08:03:39.393    Service scanning
08:03:59.534    Modules scanning
08:03:59.534    Disk 0 trace - called modules:
08:03:59.534    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8003fc92c0]<<sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
08:03:59.549    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80050c9060]
08:03:59.549    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8004ddf670]
08:03:59.549    5 ACPI.sys[fffff8800100b781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004df3060]
08:03:59.549    \Driver\atapi[0xfffffa8004ddd3a0] -> IRP_MJ_CREATE -> 0xfffffa8003fc92c0
08:04:01.190    AVAST engine scan D:\Windows
08:04:03.549    AVAST engine scan D:\Windows\system32
08:08:04.659    AVAST engine scan D:\Windows\system32\drivers
08:08:16.049    AVAST engine scan D:\Users\NAME
08:25:00.329    Disk 0 MBR has been saved successfully to "D:\Users\NAME\Documents\MBR.dat"
08:25:00.344    The log file has been saved successfully to "D:\Users\NAME\Documents\aswMBR.txt"
08:45:52.364    AVAST engine scan D:\ProgramData
08:48:22.942    Scan finished successfully
08:49:36.098    Disk 0 MBR has been saved successfully to "D:\Users\NAME\Documents\MBR.dat"
08:49:36.114    The log file has been saved successfully to "D:\Users\NAME\Documents\aswMBR.txt"

und gerade ebend:
mit Malwarebytes

HTML-Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.26.06

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
USER :: USER [Administrator]

26.06.2012 16:22:27
mbam-log-2012-06-26 (16-22-27).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 210445
Laufzeit: 4 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
D:\Windows\Installer\{4edb0522-e649-34bd-c23b-03085eeb1e94}\U\800000cb.@ (Rootkit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


BITTE um Hilfe

Alt 27.06.2012, 13:35   #2
markusg
/// Malware-holic
 
Bitte um Hilfe, TA/ATRAPS.gen ist da - Standard

Bitte um Hilfe, TA/ATRAPS.gen ist da



hi bitte poste nicht in html code, danke
nutzt du den pc für onlinebanking, einkäufe, sonstige zahlungsabwicklungen, oder ähnlich wichtiges, wie berufliches?
__________________

__________________

Alt 27.06.2012, 15:02   #3
derdude007
 
Bitte um Hilfe, TA/ATRAPS.gen ist da - Standard

Bitte um Hilfe, TA/ATRAPS.gen ist da



Ja, dafür u.a. Was kann ich tun???
__________________

Alt 27.06.2012, 16:27   #4
markusg
/// Malware-holic
 
Bitte um Hilfe, TA/ATRAPS.gen ist da - Standard

Bitte um Hilfe, TA/ATRAPS.gen ist da



hi
bank anrufen, notfallnummer ist, falls die bank zu hatt:
116 116
online banking wegen zero access sperren lassen.
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Bitte um Hilfe, TA/ATRAPS.gen ist da
800000cb.@, administrator, antivir, autostart, avast, avira, classpnp.sys, dateien, dateisystem, desktop, detected, explorer, gelöscht, hal.dll, harddisk, heuristiks/extra, heuristiks/shuriken, html, lockedfile.multi.generic, log file, malwarebytes, ntoskrnl.exe, object, office, rootkit, stick, system32, temp, tr/atraps.gen, windows live, wlan



Ähnliche Themen: Bitte um Hilfe, TA/ATRAPS.gen ist da


  1. TR/ATRAPS.Gen2 Teamviewer hilfe
    Plagegeister aller Art und deren Bekämpfung - 14.11.2013 (7)
  2. Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (29)
  3. HILFE TR/ATRAPS.Gen und TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 07.10.2012 (3)
  4. BDS/Access.V, TR/ATRAPS.Gen, TR/ATRAPS.Gen HILFE
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (3)
  5. Trojaner AT/ATRAPS.GEN2 eingefangen - BRAUCHE HILFE!
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (38)
  6. TR/ATRAPS.Gen2 und TR/ATRAPS.Gen wird alle paar Minuten von Antivir gemeldet
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (22)
  7. (2x) Trojaner AT/ATRAPS.GEN2 eingefangen - BRAUCHE HILFE!
    Mülltonne - 06.08.2012 (1)
  8. antivir meldet alle paar minuten den fund TR/ATRAPS.Gen und TR/ATRAPS.Gen2
    Log-Analyse und Auswertung - 01.08.2012 (4)
  9. Trojaner TR/ATRAPS.Gen in C:/Windows/Installer/... - wer hilft mir bitte, ihn auszulöschen?
    Log-Analyse und Auswertung - 16.07.2012 (11)
  10. TR/Atraps.gen.2 Trojaner von AntiVir gemeldet und mit Malwarebyte entfernt - bitte Log prüfen
    Log-Analyse und Auswertung - 12.07.2012 (3)
  11. Bitte Hilfe bei Trojaner TR/ATRAPS.Gen + Gen2 und TR/Dldr.Cutwail.BE.36
    Log-Analyse und Auswertung - 11.07.2012 (1)
  12. Nach Befall tr/atraps.gen tr/atraps.gen2 formatiert - Computer startet selbständig neu
    Log-Analyse und Auswertung - 09.07.2012 (1)
  13. Virus (Rootkit.0Access, TR/ATRAPS.Gen, TR/ATRAPS.Gen2) entfernt; tatsächlich clean?
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (7)
  14. Und noch einer: Trojaner TR/ATRAPS.Gen2 und TR/ATRAPS.Gen und W32/Patched.UA HILFE!!!
    Log-Analyse und Auswertung - 28.06.2012 (7)
  15. Trojaner TR/ATRAPS.Gen auf Win 7 - benötige Hilfe bei Entfernung..
    Log-Analyse und Auswertung - 12.02.2011 (27)
  16. Trojaner TR/ATRAPS.Gen & Worm.P2P - brauche Hilfe...
    Log-Analyse und Auswertung - 15.05.2009 (12)
  17. TR/ATRAPS.Gen entfernt - kann sich bitte jemand meine Logfiles anschauen?
    Log-Analyse und Auswertung - 12.05.2009 (0)

Zum Thema Bitte um Hilfe, TA/ATRAPS.gen ist da - Hallo, ich habe seit gestern dauernd die Virusmeldung. Dazu habe ich die schritte wie in immer wiederkehrende TR/ATRAPS.Gen und TR/ATRAPS.Gen2 und zusätzlich jetzt mit Malwarebytes durchsucht und einen Fund gemacht. - Bitte um Hilfe, TA/ATRAPS.gen ist da...
Archiv
Du betrachtest: Bitte um Hilfe, TA/ATRAPS.gen ist da auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.