| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: tr/crypt.zpack.gen Trojanermeldung bei AntivirWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.04.2012, 19:24
| #16 |
 |  tr/crypt.zpack.gen Trojanermeldung bei Antivir Das File ist zu groß, deshalb poste ich es auf zweimal... Erster Teil: Code:
ATTFilter TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
19:21:05.0996 5344 ============================================================
19:21:05.0996 5344 Current date / time: 2012/04/21 19:21:05.0996
19:21:05.0996 5344 SystemInfo:
19:21:05.0996 5344
19:21:05.0996 5344 OS Version: 6.0.6002 ServicePack: 2.0
19:21:05.0996 5344 Product type: Workstation
19:21:05.0996 5344 ComputerName: *******-PC
19:21:05.0996 5344 UserName: *******
19:21:05.0996 5344 Windows directory: C:\Windows
19:21:05.0996 5344 System windows directory: C:\Windows
19:21:05.0996 5344 Processor architecture: Intel x86
19:21:05.0996 5344 Number of processors: 2
19:21:05.0996 5344 Page size: 0x1000
19:21:05.0996 5344 Boot type: Normal boot
19:21:05.0996 5344 ============================================================
19:21:06.0417 5344 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:21:06.0417 5344 \Device\Harddisk0\DR0:
19:21:06.0417 5344 MBR partitions:
19:21:06.0417 5344 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x300800, BlocksNum 0x12800000
19:21:06.0417 5344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12B00800, BlocksNum 0x1292D800
19:21:06.0448 5344 C: <-> \Device\Harddisk0\DR0\Partition0
19:21:06.0495 5344 E: <-> \Device\Harddisk0\DR0\Partition1
19:21:06.0495 5344 Initialize success
19:21:06.0495 5344 ============================================================
19:21:18.0304 5728 ============================================================
19:21:18.0304 5728 Scan started
19:21:18.0304 5728 Mode: Manual;
19:21:18.0304 5728 ============================================================
19:21:19.0552 5728 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:21:19.0552 5728 ACPI - ok
19:21:19.0693 5728 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:21:19.0708 5728 AdobeFlashPlayerUpdateSvc - ok
19:21:19.0849 5728 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:21:19.0849 5728 adp94xx - ok
19:21:19.0911 5728 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:21:19.0911 5728 adpahci - ok
19:21:20.0036 5728 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:21:20.0036 5728 adpu160m - ok
19:21:20.0129 5728 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:21:20.0129 5728 adpu320 - ok
19:21:20.0223 5728 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:21:20.0223 5728 AeLookupSvc - ok
19:21:20.0332 5728 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:21:20.0348 5728 AFD - ok
19:21:20.0519 5728 AgereModemAudio (efbc44fbd75e4f80bd927aebf6e7eade) C:\Windows\system32\agrsmsvc.exe
19:21:20.0519 5728 AgereModemAudio - ok
19:21:20.0956 5728 AgereSoftModem (1cfeba39fc613e45b49d3eddfbcda289) C:\Windows\system32\DRIVERS\AGRSM.sys
19:21:21.0112 5728 AgereSoftModem - ok
19:21:21.0674 5728 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:21:21.0674 5728 agp440 - ok
19:21:21.0705 5728 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:21:21.0705 5728 aic78xx - ok
19:21:21.0892 5728 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
19:21:21.0892 5728 ALG - ok
19:21:21.0955 5728 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:21:21.0955 5728 aliide - ok
19:21:22.0079 5728 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:21:22.0079 5728 amdagp - ok
19:21:22.0111 5728 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
19:21:22.0126 5728 amdide - ok
19:21:22.0204 5728 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:21:22.0204 5728 AmdK7 - ok
19:21:22.0376 5728 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:21:22.0376 5728 AmdK8 - ok
19:21:22.0501 5728 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:21:22.0501 5728 AntiVirSchedulerService - ok
19:21:22.0547 5728 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:21:22.0547 5728 AntiVirService - ok
19:21:22.0750 5728 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
19:21:22.0766 5728 Appinfo - ok
19:21:22.0875 5728 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:21:22.0875 5728 Apple Mobile Device - ok
19:21:23.0031 5728 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:21:23.0047 5728 arc - ok
19:21:23.0171 5728 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:21:23.0171 5728 arcsas - ok
19:21:23.0390 5728 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:21:23.0390 5728 AsyncMac - ok
19:21:23.0499 5728 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:21:23.0499 5728 atapi - ok
19:21:23.0593 5728 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:21:23.0593 5728 AudioEndpointBuilder - ok
19:21:23.0655 5728 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:21:23.0655 5728 Audiosrv - ok
19:21:23.0873 5728 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
19:21:23.0889 5728 avgntflt - ok
19:21:24.0014 5728 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
19:21:24.0029 5728 avipbb - ok
19:21:24.0295 5728 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
19:21:24.0295 5728 avkmgr - ok
19:21:24.0763 5728 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:21:24.0794 5728 Beep - ok
19:21:24.0872 5728 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
19:21:24.0872 5728 BFE - ok
19:21:25.0043 5728 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
19:21:25.0043 5728 BITS - ok
19:21:25.0168 5728 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:21:25.0168 5728 blbdrive - ok
19:21:25.0246 5728 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:21:25.0246 5728 Bonjour Service - ok
19:21:25.0324 5728 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:21:25.0324 5728 bowser - ok
19:21:25.0402 5728 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:21:25.0402 5728 BrFiltLo - ok
19:21:25.0449 5728 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:21:25.0465 5728 BrFiltUp - ok
19:21:25.0543 5728 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
19:21:25.0543 5728 Browser - ok
19:21:25.0621 5728 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:21:25.0621 5728 Brserid - ok
19:21:25.0652 5728 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:21:25.0652 5728 BrSerWdm - ok
19:21:25.0730 5728 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:21:25.0730 5728 BrUsbMdm - ok
19:21:25.0808 5728 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:21:25.0808 5728 BrUsbSer - ok
19:21:25.0870 5728 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys
19:21:25.0870 5728 BthEnum - ok
19:21:25.0948 5728 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:21:25.0948 5728 BTHMODEM - ok
19:21:26.0057 5728 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
19:21:26.0073 5728 BthPan - ok
19:21:26.0120 5728 BTHPORT (671134053d59e23704f08db19f11e10b) C:\Windows\system32\Drivers\BTHport.sys
19:21:26.0120 5728 BTHPORT - ok
19:21:26.0229 5728 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
19:21:26.0229 5728 BthServ - ok
19:21:26.0323 5728 BTHUSB (93d7007e2c660dfcca6ae72622740b14) C:\Windows\system32\Drivers\BTHUSB.sys
19:21:26.0338 5728 BTHUSB - ok
19:21:26.0541 5728 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:21:26.0557 5728 cdfs - ok
19:21:26.0697 5728 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:21:26.0697 5728 cdrom - ok
19:21:26.0791 5728 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:21:26.0791 5728 CertPropSvc - ok
19:21:26.0931 5728 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:21:26.0931 5728 circlass - ok
19:21:27.0009 5728 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:21:27.0025 5728 CLFS - ok
19:21:27.0118 5728 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:21:27.0118 5728 clr_optimization_v2.0.50727_32 - ok
19:21:27.0196 5728 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:21:27.0212 5728 clr_optimization_v4.0.30319_32 - ok
19:21:27.0368 5728 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:21:27.0368 5728 CmBatt - ok
19:21:27.0415 5728 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:21:27.0415 5728 cmdide - ok
19:21:27.0586 5728 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:21:27.0586 5728 Compbatt - ok
19:21:27.0649 5728 COMSysApp - ok
19:21:27.0711 5728 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:21:27.0711 5728 crcdisk - ok
19:21:27.0789 5728 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:21:27.0789 5728 Crusoe - ok
19:21:27.0883 5728 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
19:21:27.0883 5728 CryptSvc - ok
19:21:28.0023 5728 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:21:28.0039 5728 DcomLaunch - ok
19:21:28.0491 5728 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:21:28.0491 5728 DfsC - ok
19:21:28.0585 5728 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
19:21:28.0647 5728 DFSR - ok
19:21:28.0756 5728 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
19:21:28.0756 5728 Dhcp - ok
19:21:28.0865 5728 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:21:28.0865 5728 disk - ok
19:21:28.0975 5728 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
19:21:28.0975 5728 Dnscache - ok
19:21:29.0037 5728 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
19:21:29.0037 5728 dot3svc - ok
19:21:29.0131 5728 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
19:21:29.0131 5728 DPS - ok
19:21:29.0287 5728 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:21:29.0287 5728 drmkaud - ok
19:21:29.0427 5728 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:21:29.0458 5728 DXGKrnl - ok
19:21:29.0552 5728 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:21:29.0552 5728 E1G60 - ok
19:21:29.0661 5728 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
19:21:29.0661 5728 EapHost - ok
19:21:29.0848 5728 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:21:29.0848 5728 Ecache - ok
19:21:29.0942 5728 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
19:21:29.0942 5728 ehRecvr - ok
19:21:29.0973 5728 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:21:29.0989 5728 ehSched - ok
19:21:30.0004 5728 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:21:30.0004 5728 ehstart - ok
19:21:30.0113 5728 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:21:30.0145 5728 elxstor - ok
19:21:30.0223 5728 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
19:21:30.0238 5728 EMDMgmt - ok
19:21:30.0347 5728 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:21:30.0347 5728 ErrDev - ok
19:21:30.0410 5728 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
19:21:30.0410 5728 EventSystem - ok
19:21:30.0519 5728 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:21:30.0519 5728 exfat - ok
19:21:30.0613 5728 Fabs - ok
19:21:30.0722 5728 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:21:30.0722 5728 fastfat - ok
19:21:30.0800 5728 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:21:30.0800 5728 fdc - ok
19:21:30.0940 5728 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
19:21:30.0940 5728 fdPHost - ok
19:21:31.0018 5728 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:21:31.0018 5728 FDResPub - ok
19:21:31.0127 5728 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:21:31.0127 5728 FileInfo - ok
19:21:31.0190 5728 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:21:31.0190 5728 Filetrace - ok
19:21:31.0424 5728 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:21:31.0502 5728 FirebirdServerMAGIXInstance - ok
19:21:31.0705 5728 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:21:31.0705 5728 flpydisk - ok
19:21:31.0907 5728 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:21:31.0923 5728 FltMgr - ok
19:21:32.0141 5728 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
19:21:32.0204 5728 FontCache - ok
19:21:32.0297 5728 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:21:32.0313 5728 FontCache3.0.0.0 - ok
19:21:32.0391 5728 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
19:21:32.0391 5728 Fs_Rec - ok
19:21:32.0485 5728 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:21:32.0485 5728 gagp30kx - ok
19:21:32.0656 5728 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:21:32.0656 5728 GEARAspiWDM - ok
19:21:33.0109 5728 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
19:21:33.0109 5728 gpsvc - ok
19:21:33.0249 5728 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:21:33.0280 5728 HdAudAddService - ok
19:21:33.0436 5728 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:21:33.0467 5728 HDAudBus - ok
19:21:33.0561 5728 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:21:33.0561 5728 HidBth - ok
19:21:33.0608 5728 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:21:33.0608 5728 HidIr - ok
19:21:33.0686 5728 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
19:21:33.0686 5728 hidserv - ok
19:21:33.0717 5728 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
19:21:33.0717 5728 HidUsb - ok
19:21:33.0889 5728 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
19:21:33.0889 5728 hkmsvc - ok
19:21:33.0967 5728 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:21:33.0967 5728 HpCISSs - ok
19:21:34.0045 5728 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:21:34.0060 5728 HTTP - ok
19:21:34.0091 5728 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:21:34.0091 5728 i2omp - ok
19:21:34.0185 5728 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:21:34.0185 5728 i8042prt - ok
19:21:34.0263 5728 IAANTMON (e03216d695cdc2d223afc0cab4498888) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:21:34.0263 5728 IAANTMON - ok
19:21:34.0325 5728 iaStor (9f1220113a3a7f4f08042c699324d073) C:\Windows\system32\DRIVERS\iaStor.sys
19:21:34.0325 5728 iaStor - ok
19:21:34.0419 5728 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:21:34.0419 5728 iaStorV - ok
19:21:34.0497 5728 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:21:34.0513 5728 idsvc - ok
19:21:34.0591 5728 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:21:34.0591 5728 iirsp - ok
19:21:34.0669 5728 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
19:21:34.0669 5728 IKEEXT - ok
19:21:34.0793 5728 IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
19:21:34.0840 5728 IntcAzAudAddService - ok
19:21:34.0934 5728 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:21:34.0934 5728 intelide - ok
19:21:34.0965 5728 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:21:34.0965 5728 intelppm - ok
19:21:35.0043 5728 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
19:21:35.0043 5728 IPBusEnum - ok
19:21:35.0121 5728 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:21:35.0121 5728 IpFilterDriver - ok
19:21:35.0183 5728 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
19:21:35.0183 5728 iphlpsvc - ok
19:21:35.0246 5728 IpInIp - ok
19:21:35.0277 5728 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:21:35.0277 5728 IPMIDRV - ok
19:21:35.0355 5728 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:21:35.0355 5728 IPNAT - ok
19:21:35.0433 5728 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
19:21:35.0449 5728 iPod Service - ok
19:21:35.0511 5728 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:21:35.0511 5728 IRENUM - ok
19:21:35.0589 5728 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:21:35.0589 5728 isapnp - ok
19:21:35.0667 5728 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:21:35.0667 5728 iScsiPrt - ok
19:21:35.0745 5728 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:21:35.0745 5728 iteatapi - ok
19:21:35.0823 5728 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:21:35.0823 5728 iteraid - ok
19:21:35.0854 5728 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:21:35.0854 5728 kbdclass - ok
19:21:35.0885 5728 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
19:21:35.0885 5728 kbdhid - ok
19:21:35.0948 5728 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:21:35.0963 5728 KeyIso - ok
19:21:36.0041 5728 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:21:36.0041 5728 KSecDD - ok
19:21:36.0119 5728 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
19:21:36.0119 5728 KtmRm - ok
19:21:36.0213 5728 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
19:21:36.0213 5728 LanmanServer - ok
19:21:36.0322 5728 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
19:21:36.0322 5728 LanmanWorkstation - ok
19:21:36.0400 5728 LgBttPort (4dd47b5af0b24871ebb9efc012a7474e) C:\Windows\system32\DRIVERS\lgbtport.sys
19:21:36.0400 5728 LgBttPort - ok
19:21:36.0494 5728 lgbusenum (1d038ca6c529203087a990e5e97887b4) C:\Windows\system32\DRIVERS\lgbtbus.sys
19:21:36.0494 5728 lgbusenum - ok
19:21:36.0556 5728 LGVMODEM (26f1976a330195d62a6224c76968cf0d) C:\Windows\system32\DRIVERS\lgvmodem.sys
19:21:36.0556 5728 LGVMODEM - ok
19:21:36.0619 5728 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:21:36.0619 5728 lltdio - ok
19:21:36.0712 5728 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
19:21:36.0712 5728 lltdsvc - ok
19:21:36.0759 5728 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:21:36.0759 5728 lmhosts - ok
19:21:36.0821 5728 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:21:36.0821 5728 LSI_FC - ok
19:21:36.0915 5728 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:21:36.0915 5728 LSI_SAS - ok
19:21:36.0977 5728 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:21:36.0977 5728 LSI_SCSI - ok
19:21:37.0040 5728 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:21:37.0040 5728 luafv - ok
19:21:37.0133 5728 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
19:21:37.0133 5728 MBAMProtector - ok
19:21:37.0243 5728 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:21:37.0243 5728 MBAMService - ok
19:21:37.0305 5728 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
19:21:37.0305 5728 Mcx2Svc - ok
19:21:37.0414 5728 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:21:37.0414 5728 megasas - ok
19:21:37.0508 5728 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:21:37.0508 5728 MegaSR - ok
19:21:37.0586 5728 Microsoft SharePoint Workspace Audit Service - ok
19:21:37.0679 5728 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:21:37.0679 5728 MMCSS - ok
19:21:37.0742 5728 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:21:37.0742 5728 Modem - ok
19:21:37.0851 5728 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:21:37.0851 5728 monitor - ok
19:21:37.0898 5728 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:21:37.0898 5728 mouclass - ok
19:21:37.0945 5728 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
19:21:37.0945 5728 mouhid - ok
19:21:37.0991 5728 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:21:37.0991 5728 MountMgr - ok
19:21:38.0069 5728 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:21:38.0069 5728 mpio - ok
19:21:38.0132 5728 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:21:38.0132 5728 mpsdrv - ok
19:21:38.0210 5728 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
19:21:38.0225 5728 MpsSvc - ok
19:21:38.0288 5728 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:21:38.0288 5728 Mraid35x - ok
19:21:38.0381 5728 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:21:38.0397 5728 MRxDAV - ok
19:21:38.0444 5728 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:21:38.0444 5728 mrxsmb - ok
19:21:38.0506 5728 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:21:38.0506 5728 mrxsmb10 - ok
19:21:38.0569 5728 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:21:38.0569 5728 mrxsmb20 - ok
19:21:38.0662 5728 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
19:21:38.0662 5728 msahci - ok
19:21:38.0709 5728 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:21:38.0709 5728 msdsm - ok
19:21:38.0771 5728 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
19:21:38.0771 5728 MSDTC - ok
19:21:38.0865 5728 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:21:38.0865 5728 Msfs - ok
19:21:38.0896 5728 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:21:38.0896 5728 msisadrv - ok
19:21:38.0974 5728 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
19:21:38.0974 5728 MSiSCSI - ok
19:21:39.0037 5728 msiserver - ok
19:21:39.0099 5728 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:21:39.0099 5728 MSKSSRV - ok
19:21:39.0193 5728 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:21:39.0193 5728 MSPCLOCK - ok
19:21:39.0302 5728 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:21:39.0302 5728 MSPQM - ok
19:21:39.0380 5728 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:21:39.0380 5728 MsRPC - ok
19:21:39.0442 5728 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:21:39.0442 5728 mssmbios - ok
19:21:39.0489 5728 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:21:39.0489 5728 MSTEE - ok
19:21:39.0598 5728 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:21:39.0614 5728 Mup - ok
19:21:39.0692 5728 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
19:21:39.0707 5728 napagent - ok
19:21:39.0785 5728 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:21:39.0785 5728 NativeWifiP - ok
19:21:39.0910 5728 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:21:39.0910 5728 NDIS - ok
19:21:39.0973 5728 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:21:39.0973 5728 NdisTapi - ok
19:21:40.0035 5728 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:21:40.0035 5728 Ndisuio - ok
19:21:40.0129 5728 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:21:40.0144 5728 NdisWan - ok
19:21:40.0207 5728 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:21:40.0222 5728 NDProxy - ok
19:21:40.0285 5728 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:21:40.0285 5728 NetBIOS - ok
19:21:40.0331 5728 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:21:40.0347 5728 netbt - ok
19:21:40.0441 5728 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:21:40.0441 5728 Netlogon - ok
19:21:40.0487 5728 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
19:21:40.0503 5728 Netman - ok
19:21:40.0550 5728 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
19:21:40.0550 5728 netprofm - ok
19:21:40.0659 5728 netr28 (b05ffe38336193a9b988b00b230c5b80) C:\Windows\system32\DRIVERS\netr28.sys
19:21:40.0659 5728 netr28 - ok
19:21:40.0721 5728 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:21:40.0721 5728 NetTcpPortSharing - ok
19:21:40.0815 5728 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:21:40.0815 5728 nfrd960 - ok
19:21:40.0877 5728 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
19:21:40.0893 5728 NlaSvc - ok
19:21:40.0955 5728 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:21:40.0955 5728 Npfs - ok
19:21:41.0018 5728 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
19:21:41.0018 5728 nsi - ok
19:21:41.0096 5728 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:21:41.0096 5728 nsiproxy - ok
19:21:41.0189 5728 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:21:41.0221 5728 Ntfs - ok
19:21:41.0314 5728 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:21:41.0314 5728 ntrigdigi - ok
19:21:41.0361 5728 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:21:41.0361 5728 Null - ok
19:21:41.0439 5728 NVHDA (11be4b269549173cff542591e4be2c08) C:\Windows\system32\drivers\nvhda32v.sys
19:21:41.0439 5728 NVHDA - ok
19:21:41.0689 5728 nvlddmkm (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:21:41.0845 5728 nvlddmkm - ok
19:21:41.0938 5728 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:21:41.0938 5728 nvraid - ok
19:21:42.0001 5728 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:21:42.0001 5728 nvstor - ok
19:21:42.0063 5728 nvsvc (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
19:21:42.0063 5728 nvsvc - ok
19:21:42.0110 5728 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:21:42.0125 5728 nv_agp - ok
19:21:42.0188 5728 NwlnkFlt - ok
19:21:42.0235 5728 NwlnkFwd - ok
19:21:42.0297 5728 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
19:21:42.0297 5728 ohci1394 - ok
19:21:42.0344 5728 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:21:42.0359 5728 ose - ok
19:21:42.0547 5728 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:21:42.0562 5728 osppsvc - ok
19:21:42.0687 5728 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:21:42.0703 5728 p2pimsvc - ok
19:21:42.0718 5728 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:21:42.0734 5728 p2psvc - ok
19:21:42.0796 5728 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:21:42.0796 5728 Parport - ok
19:21:42.0859 5728 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:21:42.0859 5728 partmgr - ok
19:21:42.0921 5728 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:21:42.0921 5728 Parvdm - ok
19:21:42.0968 5728 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
19:21:42.0968 5728 PcaSvc - ok
19:21:43.0046 5728 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:21:43.0046 5728 pci - ok
19:21:43.0093 5728 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:21:43.0093 5728 pciide - ok
19:21:43.0155 5728 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:21:43.0155 5728 pcmcia - ok
19:21:43.0217 5728 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:21:43.0233 5728 PEAUTH - ok
19:21:43.0327 5728 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
19:21:43.0358 5728 pla - ok
19:21:43.0436 5728 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
19:21:43.0451 5728 PlugPlay - ok
19:21:43.0514 5728 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:21:43.0514 5728 PNRPAutoReg - ok
19:21:43.0545 5728 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:21:43.0561 5728 PNRPsvc - ok
19:21:43.0592 5728 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
19:21:43.0592 5728 PolicyAgent - ok
19:21:43.0685 5728 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:21:43.0685 5728 PptpMiniport - ok
19:21:43.0732 5728 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
19:21:43.0732 5728 Processor - ok
19:21:43.0779 5728 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
19:21:43.0779 5728 ProfSvc - ok
19:21:43.0841 5728 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:21:43.0841 5728 ProtectedStorage - ok
19:21:43.0935 5728 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:21:43.0935 5728 PSched - ok
19:21:43.0997 5728 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:21:44.0029 5728 ql2300 - ok
19:21:44.0091 5728 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:21:44.0091 5728 ql40xx - ok
19:21:44.0169 5728 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
19:21:44.0169 5728 QWAVE - ok
19:21:44.0216 5728 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:21:44.0216 5728 QWAVEdrv - ok
19:21:44.0247 5728 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:21:44.0247 5728 RasAcd - ok
19:21:44.0294 5728 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
19:21:44.0294 5728 RasAuto - ok
19:21:44.0356 5728 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:21:44.0356 5728 Rasl2tp - ok
19:21:44.0450 5728 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
19:21:44.0450 5728 RasMan - ok
19:21:44.0528 5728 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:21:44.0528 5728 RasPppoe - ok
19:21:44.0606 5728 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:21:44.0606 5728 RasSstp - ok
19:21:44.0715 5728 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:21:44.0715 5728 rdbss - ok
19:21:44.0777 5728 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:21:44.0777 5728 RDPCDD - ok
19:21:44.0840 5728 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:21:44.0840 5728 rdpdr - ok
19:21:44.0902 5728 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:21:44.0902 5728 RDPENCDD - ok
19:21:44.0965 5728 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
19:21:44.0965 5728 RDPWD - ok
19:21:45.0043 5728 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
19:21:45.0043 5728 RemoteAccess - ok
19:21:45.0105 5728 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
19:21:45.0105 5728 RemoteRegistry - ok
19:21:45.0199 5728 RFCOMM (34cc78c06587718c2ad6d3aa83b1f072) C:\Windows\system32\DRIVERS\rfcomm.sys
19:21:45.0199 5728 RFCOMM - ok
19:21:45.0261 5728 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:21:45.0261 5728 RpcLocator - ok
19:21:45.0651 5728 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:21:45.0651 5728 RpcSs - ok
19:21:45.0745 5728 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:21:45.0745 5728 rspndr - ok
19:21:45.0838 5728 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:21:45.0838 5728 RTL8169 - ok
19:21:45.0885 5728 RTSTOR (b0538dea03e088b80482ca939f4e8740) C:\Windows\system32\drivers\RTSTOR.SYS
19:21:45.0885 5728 RTSTOR - ok
19:21:45.0947 5728 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:21:45.0947 5728 SamSs - ok
19:21:46.0010 5728 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:21:46.0010 5728 sbp2port - ok
19:21:46.0088 5728 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
19:21:46.0088 5728 SCardSvr - ok
19:21:46.0197 5728 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
19:21:46.0197 5728 Schedule - ok
19:21:46.0228 5728 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:21:46.0228 5728 SCPolicySvc - ok
19:21:46.0275 5728 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
19:21:46.0291 5728 SDRSVC - ok
19:21:46.0353 5728 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:21:46.0353 5728 secdrv - ok
19:21:46.0415 5728 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
19:21:46.0415 5728 seclogon - ok
19:21:46.0447 5728 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
19:21:46.0462 5728 SENS - ok
19:21:46.0478 5728 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:21:46.0493 5728 Serenum - ok
19:21:46.0540 5728 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:21:46.0540 5728 Serial - ok
19:21:46.0603 5728 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:21:46.0603 5728 sermouse - ok
19:21:46.0696 5728 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
19:21:46.0696 5728 SessionEnv - ok
19:21:46.0727 5728 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:21:46.0727 5728 sffdisk - ok
19:21:46.0759 5728 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:21:46.0774 5728 sffp_mmc - ok
19:21:46.0837 5728 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:21:46.0837 5728 sffp_sd - ok
19:21:46.0899 5728 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:21:46.0899 5728 sfloppy - ok
19:21:46.0961 5728 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
19:21:46.0961 5728 SharedAccess - ok
19:21:47.0024 5728 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
19:21:47.0039 5728 ShellHWDetection - ok
19:21:47.0102 5728 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:21:47.0102 5728 sisagp - ok
19:21:47.0164 5728 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:21:47.0180 5728 SiSRaid2 - ok
19:21:47.0211 5728 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:21:47.0211 5728 SiSRaid4 - ok
19:21:47.0336 5728 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
19:21:47.0414 5728 slsvc - ok
19:21:47.0492 5728 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
19:21:47.0507 5728 SLUINotify - ok
19:21:47.0617 5728 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:21:47.0617 5728 Smb - ok
19:21:47.0679 5728 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:21:47.0679 5728 SNMPTRAP - ok
19:21:47.0757 5728 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:21:47.0757 5728 spldr - ok
19:21:47.0804 5728 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
19:21:47.0804 5728 Spooler - ok
19:21:47.0897 5728 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:21:47.0897 5728 srv - ok
19:21:47.0975 5728 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:21:47.0975 5728 srv2 - ok
19:21:48.0007 5728 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:21:48.0007 5728 srvnet - ok
19:21:48.0053 5728 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
19:21:48.0053 5728 SSDPSRV - ok
19:21:48.0131 5728 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:21:48.0147 5728 ssmdrv - ok
19:21:48.0194 5728 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
19:21:48.0209 5728 SstpSvc - ok
19:21:48.0272 5728 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
19:21:48.0287 5728 stisvc - ok
19:21:48.0365 5728 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:21:48.0365 5728 swenum - ok
19:21:48.0443 5728 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
19:21:48.0459 5728 swprv - ok
19:21:48.0490 5728 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:21:48.0490 5728 Symc8xx - ok
19:21:48.0537 5728 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:21:48.0537 5728 Sym_hi - ok
19:21:48.0599 5728 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:21:48.0599 5728 Sym_u3 - ok
19:21:48.0693 5728 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
19:21:48.0693 5728 SynTP - ok
19:21:48.0755 5728 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
19:21:48.0771 5728 SysMain - ok
19:21:48.0849 5728 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:21:48.0865 5728 TabletInputService - ok
19:21:48.0927 5728 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
19:21:48.0927 5728 TapiSrv - ok
19:21:48.0974 5728 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
19:21:48.0974 5728 TBS - ok
19:21:49.0052 5728 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:21:49.0052 5728 Tcpip - ok
19:21:49.0130 5728 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:21:49.0130 5728 Tcpip6 - ok
19:21:49.0208 5728 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:21:49.0208 5728 tcpipreg - ok
19:21:49.0255 5728 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:21:49.0255 5728 TDPIPE - ok
19:21:49.0301 5728 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:21:49.0301 5728 TDTCP - ok
19:21:49.0379 5728 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:21:49.0379 5728 tdx - ok
19:21:49.0457 5728 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:21:49.0457 5728 TermDD - ok
19:21:49.0535 5728 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
19:21:49.0535 5728 TermService - ok
19:21:49.0613 5728 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
19:21:49.0629 5728 Themes - ok
19:21:49.0691 5728 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:21:49.0691 5728 THREADORDER - ok
19:21:49.0723 5728 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
19:21:49.0738 5728 TrkWks - ok
19:21:49.0769 5728 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
19:21:49.0769 5728 TrustedInstaller - ok
19:21:49.0879 5728 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:21:49.0879 5728 tssecsrv - ok
19:21:49.0925 5728 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:21:49.0925 5728 tunmp - ok
19:21:49.0988 5728 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:21:49.0988 5728 tunnel - ok
19:21:50.0019 5728 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:21:50.0019 5728 uagp35 - ok
19:21:50.0128 5728 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:21:50.0128 5728 udfs - ok
19:21:50.0206 5728 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
19:21:50.0206 5728 UI0Detect - ok
19:21:50.0253 5728 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:21:50.0269 5728 uliagpkx - ok
19:21:50.0347 5728 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:21:50.0347 5728 uliahci - ok
19:21:50.0409 5728 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:21:50.0409 5728 UlSata - ok
19:21:50.0456 5728 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:21:50.0471 5728 ulsata2 - ok
19:21:50.0549 5728 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:21:50.0549 5728 umbus - ok
19:21:50.0596 5728 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
19:21:50.0596 5728 upnphost - ok
19:21:50.0674 5728 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
19:21:50.0674 5728 USBAAPL - ok
19:21:50.0752 5728 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
19:21:50.0768 5728 usbbus - ok
19:21:50.0799 5728 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:21:50.0799 5728 usbccgp - ok
19:21:50.0846 5728 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:21:50.0846 5728 usbcir - ok
19:21:50.0908 5728 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
19:21:50.0908 5728 UsbDiag - ok
19:21:51.0017 5728 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:21:51.0017 5728 usbehci - ok
19:21:51.0064 5728 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:21:51.0080 5728 usbhub - ok
19:21:51.0158 5728 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
19:21:51.0158 5728 USBModem - ok
19:21:51.0189 5728 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:21:51.0189 5728 usbohci - ok
19:21:51.0283 5728 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:21:51.0283 5728 usbprint - ok
19:21:51.0345 5728 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:21:51.0345 5728 USBSTOR - ok
19:21:51.0376 5728 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:21:51.0376 5728 usbuhci - ok
19:21:51.0439 5728 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:21:51.0439 5728 usbvideo - ok
19:21:51.0532 5728 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
19:21:51.0532 5728 UxSms - ok
19:21:51.0595 5728 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
19:21:51.0610 5728 vds - ok
19:21:51.0673 5728 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:21:51.0688 5728 vga - ok
19:21:51.0751 5728 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:21:51.0751 5728 VgaSave - ok
19:21:51.0782 5728 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:21:51.0782 5728 viaagp - ok
19:21:51.0813 5728 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:21:51.0813 5728 ViaC7 - ok
19:21:51.0907 5728 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:21:51.0907 5728 viaide - ok
19:21:51.0969 5728 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:21:51.0969 5728 volmgr - ok
19:21:52.0031 5728 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:21:52.0047 5728 volmgrx - ok
19:21:52.0125 5728 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:21:52.0125 5728 volsnap - ok
19:21:52.0219 5728 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:21:52.0219 5728 vsmraid - ok
19:21:52.0312 5728 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
19:21:52.0328 5728 VSS - ok
19:21:52.0390 5728 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
19:21:52.0406 5728 W32Time - ok
19:21:52.0499 5728 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:21:52.0499 5728 WacomPen - ok
19:21:52.0531 5728 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:21:52.0531 5728 Wanarp - ok
19:21:52.0531 5728 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:21:52.0531 5728 Wanarpv6 - ok
19:21:52.0577 5728 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
19:21:52.0577 5728 wcncsvc - ok
19:21:52.0640 5728 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:21:52.0640 5728 WcsPlugInService - ok
19:21:52.0749 5728 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:21:52.0749 5728 Wd - ok
19:21:52.0811 5728 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:21:52.0811 5728 Wdf01000 - ok
19:21:52.0874 5728 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:21:52.0874 5728 WdiServiceHost - ok
19:21:52.0889 5728 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:21:52.0889 5728 WdiSystemHost - ok
19:21:52.0967 5728 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
19:21:52.0967 5728 WebClient - ok
19:21:53.0030 5728 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
19:21:53.0030 5728 Wecsvc - ok
19:21:53.0077 5728 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
19:21:53.0077 5728 wercplsupport - ok
19:21:53.0155 5728 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
19:21:53.0155 5728 WerSvc - ok
19:21:53.0233 5728 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
19:21:53.0233 5728 WimFltr - ok
19:21:53.0295 5728 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
19:21:53.0295 5728 WinDefend - ok
19:21:53.0311 5728 WinHttpAutoProxySvc - ok
19:21:53.0404 5728 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
19:21:53.0404 5728 Winmgmt - ok
19:21:53.0529 5728 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
19:21:53.0560 5728 WinRM - ok
19:21:53.0638 5728 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
19:21:53.0654 5728 Wlansvc - ok
19:21:53.0716 5728 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:21:53.0716 5728 WmiAcpi - ok
19:21:53.0794 5728 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
19:21:53.0810 5728 wmiApSrv - ok
19:21:53.0872 5728 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:21:53.0888 5728 WMPNetworkSvc - ok
19:21:53.0935 5728 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
19:21:53.0935 5728 WPCSvc - ok
19:21:54.0028 5728 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
19:21:54.0028 5728 WPDBusEnum - ok
19:21:54.0106 5728 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
19:21:54.0106 5728 WpdUsb - ok
19:21:54.0231 5728 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:21:54.0262 5728 WPFFontCache_v0400 - ok
19:21:54.0356 5728 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:21:54.0356 5728 ws2ifsl - ok
19:21:54.0418 5728 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
19:21:54.0434 5728 wscsvc - ok
19:21:54.0449 5728 WSearch - ok
19:21:54.0512 5728 WSVD (b7f30c50a2e6e46822cd388608e06bb4) C:\Windows\system32\drivers\WSVD.sys
19:21:54.0512 5728 WSVD - ok
19:21:54.0652 5728 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:21:54.0668 5728 wuauserv - ok
19:21:54.0746 5728 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:21:54.0746 5728 WUDFRd - ok
19:21:54.0808 5728 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
19:21:54.0808 5728 wudfsvc - ok
19:21:54.0839 5728 MBR (0x1B8) (c8c6dc722d4ef7ca320585d4bd90474e) \Device\Harddisk0\DR0
19:21:57.0819 5728 \Device\Harddisk0\DR0 - ok
19:21:57.0850 5728 Boot (0x1200) (270b3243ae81a193ddeddfaa453c2f38) \Device\Harddisk0\DR0\Partition0
19:21:57.0850 5728 \Device\Harddisk0\DR0\Partition0 - ok
19:21:57.0881 5728 Boot (0x1200) (56838bff36871812752f8d6c6bebc618) \Device\Harddisk0\DR0\Partition1
19:21:57.0881 5728 \Device\Harddisk0\DR0\Partition1 - ok
19:21:57.0881 5728 ============================================================
19:21:57.0881 5728 Scan finished
|
|
21.04.2012, 19:26
| #17 |
| | tr/crypt.zpack.gen Trojanermeldung bei Antivir zweiter Teil:
__________________Code:
ATTFilter 19:21:57.0881 5728 ============================================================
19:21:57.0897 5620 Detected object count: 0
19:21:57.0897 5620 Actual detected object count: 0
19:23:02.0114 3252 ============================================================
19:23:02.0114 3252 Scan started
19:23:02.0114 3252 Mode: Manual; SigCheck; TDLFS;
19:23:02.0114 3252 ============================================================
19:23:03.0455 3252 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:23:03.0611 3252 ACPI - ok
19:23:03.0689 3252 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:23:03.0705 3252 AdobeFlashPlayerUpdateSvc - ok
19:23:03.0830 3252 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:23:03.0861 3252 adp94xx - ok
19:23:03.0923 3252 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:23:03.0939 3252 adpahci - ok
19:23:04.0048 3252 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:23:04.0064 3252 adpu160m - ok
19:23:04.0095 3252 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:23:04.0111 3252 adpu320 - ok
19:23:04.0204 3252 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
19:23:04.0267 3252 AeLookupSvc - ok
19:23:04.0345 3252 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:23:04.0391 3252 AFD - ok
19:23:04.0501 3252 AgereModemAudio (efbc44fbd75e4f80bd927aebf6e7eade) C:\Windows\system32\agrsmsvc.exe
19:23:04.0547 3252 AgereModemAudio - ok
19:23:04.0610 3252 AgereSoftModem (1cfeba39fc613e45b49d3eddfbcda289) C:\Windows\system32\DRIVERS\AGRSM.sys
19:23:04.0813 3252 AgereSoftModem - ok
19:23:04.0906 3252 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:23:04.0922 3252 agp440 - ok
19:23:04.0953 3252 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:23:04.0969 3252 aic78xx - ok
19:23:05.0078 3252 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
19:23:05.0125 3252 ALG - ok
19:23:05.0234 3252 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
19:23:05.0249 3252 aliide - ok
19:23:05.0390 3252 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:23:05.0391 3252 amdagp - ok
19:23:05.0500 3252 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
19:23:05.0500 3252 amdide - ok
19:23:05.0578 3252 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:23:05.0625 3252 AmdK7 - ok
19:23:05.0718 3252 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:23:05.0765 3252 AmdK8 - ok
19:23:06.0202 3252 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:23:06.0218 3252 AntiVirSchedulerService - ok
19:23:06.0249 3252 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:23:06.0249 3252 AntiVirService - ok
19:23:06.0374 3252 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
19:23:06.0406 3252 Appinfo - ok
19:23:06.0499 3252 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:23:06.0499 3252 Apple Mobile Device - ok
19:23:06.0562 3252 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:23:06.0562 3252 arc - ok
19:23:06.0624 3252 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:23:06.0640 3252 arcsas - ok
19:23:06.0671 3252 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:23:06.0733 3252 AsyncMac - ok
19:23:06.0780 3252 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:23:06.0796 3252 atapi - ok
19:23:06.0858 3252 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:23:06.0889 3252 AudioEndpointBuilder - ok
19:23:06.0905 3252 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
19:23:06.0936 3252 Audiosrv - ok
19:23:07.0014 3252 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
19:23:07.0045 3252 avgntflt - ok
19:23:07.0077 3252 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
19:23:07.0092 3252 avipbb - ok
19:23:07.0139 3252 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
19:23:07.0139 3252 avkmgr - ok
19:23:07.0186 3252 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:23:07.0233 3252 Beep - ok
19:23:07.0326 3252 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
19:23:07.0357 3252 BFE - ok
19:23:07.0435 3252 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
19:23:07.0498 3252 BITS - ok
19:23:07.0560 3252 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:23:07.0607 3252 blbdrive - ok
19:23:07.0669 3252 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:23:07.0685 3252 Bonjour Service - ok
19:23:07.0794 3252 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:23:07.0825 3252 bowser - ok
19:23:07.0872 3252 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:23:07.0919 3252 BrFiltLo - ok
19:23:07.0997 3252 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:23:08.0044 3252 BrFiltUp - ok
19:23:08.0106 3252 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
19:23:08.0153 3252 Browser - ok
19:23:08.0231 3252 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:23:08.0325 3252 Brserid - ok
19:23:08.0371 3252 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:23:08.0418 3252 BrSerWdm - ok
19:23:08.0512 3252 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:23:08.0559 3252 BrUsbMdm - ok
19:23:08.0605 3252 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:23:08.0668 3252 BrUsbSer - ok
19:23:08.0761 3252 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys
19:23:08.0793 3252 BthEnum - ok
19:23:08.0902 3252 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:23:08.0949 3252 BTHMODEM - ok
19:23:09.0151 3252 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
19:23:09.0198 3252 BthPan - ok
19:23:09.0307 3252 BTHPORT (671134053d59e23704f08db19f11e10b) C:\Windows\system32\Drivers\BTHport.sys
19:23:09.0370 3252 BTHPORT - ok
19:23:09.0417 3252 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
19:23:09.0448 3252 BthServ - ok
19:23:09.0557 3252 BTHUSB (93d7007e2c660dfcca6ae72622740b14) C:\Windows\system32\Drivers\BTHUSB.sys
19:23:09.0619 3252 BTHUSB - ok
19:23:09.0697 3252 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:23:09.0713 3252 cdfs - ok
19:23:09.0791 3252 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:23:09.0822 3252 cdrom - ok
19:23:09.0900 3252 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:23:09.0947 3252 CertPropSvc - ok
19:23:10.0025 3252 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
19:23:10.0072 3252 circlass - ok
19:23:10.0165 3252 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:23:10.0181 3252 CLFS - ok
19:23:10.0243 3252 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:23:10.0259 3252 clr_optimization_v2.0.50727_32 - ok
19:23:10.0368 3252 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:23:10.0399 3252 clr_optimization_v4.0.30319_32 - ok
19:23:10.0477 3252 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:23:10.0540 3252 CmBatt - ok
19:23:10.0618 3252 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
19:23:10.0618 3252 cmdide - ok
19:23:10.0680 3252 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:23:10.0696 3252 Compbatt - ok
19:23:10.0743 3252 COMSysApp - ok
19:23:10.0805 3252 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:23:10.0805 3252 crcdisk - ok
19:23:10.0867 3252 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:23:10.0914 3252 Crusoe - ok
19:23:11.0008 3252 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
19:23:11.0039 3252 CryptSvc - ok
19:23:11.0133 3252 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:23:11.0179 3252 DcomLaunch - ok
19:23:11.0289 3252 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:23:11.0320 3252 DfsC - ok
19:23:11.0460 3252 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
19:23:11.0538 3252 DFSR - ok
19:23:11.0647 3252 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
19:23:11.0663 3252 Dhcp - ok
19:23:11.0772 3252 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:23:11.0788 3252 disk - ok
19:23:11.0881 3252 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
19:23:11.0913 3252 Dnscache - ok
19:23:12.0006 3252 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
19:23:12.0037 3252 dot3svc - ok
19:23:12.0131 3252 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
19:23:12.0178 3252 DPS - ok
19:23:12.0271 3252 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:23:12.0318 3252 drmkaud - ok
19:23:12.0443 3252 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:23:12.0490 3252 DXGKrnl - ok
19:23:12.0599 3252 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:23:12.0646 3252 E1G60 - ok
19:23:12.0739 3252 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
19:23:12.0771 3252 EapHost - ok
19:23:12.0895 3252 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:23:12.0911 3252 Ecache - ok
19:23:12.0973 3252 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
19:23:12.0989 3252 ehRecvr - ok
19:23:13.0005 3252 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
19:23:13.0036 3252 ehSched - ok
19:23:13.0083 3252 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
19:23:13.0114 3252 ehstart - ok
19:23:13.0223 3252 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:23:13.0239 3252 elxstor - ok
19:23:13.0363 3252 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
19:23:13.0395 3252 EMDMgmt - ok
19:23:13.0551 3252 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:23:13.0582 3252 ErrDev - ok
19:23:13.0691 3252 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
19:23:13.0738 3252 EventSystem - ok
19:23:13.0847 3252 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:23:13.0894 3252 exfat - ok
19:23:13.0972 3252 Fabs - ok
19:23:14.0112 3252 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:23:14.0143 3252 fastfat - ok
19:23:14.0253 3252 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:23:14.0299 3252 fdc - ok
19:23:14.0377 3252 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
19:23:14.0409 3252 fdPHost - ok
19:23:14.0502 3252 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
19:23:14.0549 3252 FDResPub - ok
19:23:14.0705 3252 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:23:14.0705 3252 FileInfo - ok
19:23:14.0783 3252 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:23:14.0830 3252 Filetrace - ok
19:23:14.0986 3252 FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:23:15.0157 3252 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:23:15.0157 3252 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:23:15.0267 3252 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:23:15.0282 3252 flpydisk - ok
19:23:15.0345 3252 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:23:15.0360 3252 FltMgr - ok
19:23:15.0485 3252 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
19:23:15.0547 3252 FontCache - ok
19:23:15.0641 3252 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:23:15.0641 3252 FontCache3.0.0.0 - ok
19:23:15.0735 3252 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
19:23:15.0766 3252 Fs_Rec - ok
19:23:15.0828 3252 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:23:15.0844 3252 gagp30kx - ok
19:23:15.0937 3252 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:23:15.0953 3252 GEARAspiWDM - ok
19:23:16.0031 3252 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
19:23:16.0062 3252 gpsvc - ok
19:23:16.0171 3252 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:23:16.0234 3252 HdAudAddService - ok
19:23:16.0327 3252 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:23:16.0359 3252 HDAudBus - ok
19:23:16.0483 3252 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:23:16.0530 3252 HidBth - ok
19:23:16.0577 3252 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:23:16.0624 3252 HidIr - ok
19:23:16.0733 3252 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
19:23:16.0764 3252 hidserv - ok
19:23:16.0827 3252 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
19:23:16.0858 3252 HidUsb - ok
19:23:16.0951 3252 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
19:23:16.0983 3252 hkmsvc - ok
19:23:17.0029 3252 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:23:17.0045 3252 HpCISSs - ok
19:23:17.0154 3252 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:23:17.0185 3252 HTTP - ok
19:23:17.0263 3252 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:23:17.0263 3252 i2omp - ok
19:23:17.0341 3252 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:23:17.0373 3252 i8042prt - ok
19:23:17.0435 3252 IAANTMON (e03216d695cdc2d223afc0cab4498888) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:23:17.0466 3252 IAANTMON - ok
19:23:17.0591 3252 iaStor (9f1220113a3a7f4f08042c699324d073) C:\Windows\system32\DRIVERS\iaStor.sys
19:23:17.0607 3252 iaStor - ok
19:23:17.0653 3252 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:23:17.0669 3252 iaStorV - ok
19:23:17.0763 3252 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:23:17.0841 3252 idsvc - ok
19:23:17.0950 3252 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:23:17.0965 3252 iirsp - ok
19:23:18.0075 3252 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
19:23:18.0121 3252 IKEEXT - ok
19:23:18.0277 3252 IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
19:23:18.0340 3252 IntcAzAudAddService - ok
19:23:18.0605 3252 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
19:23:18.0621 3252 intelide - ok
19:23:18.0714 3252 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:23:18.0761 3252 intelppm - ok
19:23:18.0870 3252 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
19:23:18.0901 3252 IPBusEnum - ok
19:23:18.0995 3252 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:23:19.0042 3252 IpFilterDriver - ok
19:23:19.0151 3252 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
19:23:19.0167 3252 iphlpsvc - ok
19:23:19.0260 3252 IpInIp - ok
19:23:19.0307 3252 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:23:19.0338 3252 IPMIDRV - ok
19:23:19.0447 3252 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:23:19.0494 3252 IPNAT - ok
19:23:19.0557 3252 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
19:23:19.0588 3252 iPod Service - ok
19:23:19.0666 3252 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:23:19.0713 3252 IRENUM - ok
19:23:19.0806 3252 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:23:19.0822 3252 isapnp - ok
19:23:19.0931 3252 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:23:19.0947 3252 iScsiPrt - ok
19:23:20.0040 3252 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:23:20.0056 3252 iteatapi - ok
19:23:20.0134 3252 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:23:20.0149 3252 iteraid - ok
19:23:20.0259 3252 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:23:20.0259 3252 kbdclass - ok
19:23:20.0352 3252 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
19:23:20.0383 3252 kbdhid - ok
19:23:20.0508 3252 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:23:20.0524 3252 KeyIso - ok
19:23:20.0664 3252 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
19:23:20.0680 3252 KSecDD - ok
19:23:20.0789 3252 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
19:23:20.0867 3252 KtmRm - ok
19:23:20.0992 3252 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
19:23:21.0007 3252 LanmanServer - ok
19:23:21.0101 3252 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
19:23:21.0132 3252 LanmanWorkstation - ok
19:23:21.0257 3252 LgBttPort (4dd47b5af0b24871ebb9efc012a7474e) C:\Windows\system32\DRIVERS\lgbtport.sys
19:23:21.0273 3252 LgBttPort - ok
19:23:21.0382 3252 lgbusenum (1d038ca6c529203087a990e5e97887b4) C:\Windows\system32\DRIVERS\lgbtbus.sys
19:23:21.0413 3252 lgbusenum - ok
19:23:21.0522 3252 LGVMODEM (26f1976a330195d62a6224c76968cf0d) C:\Windows\system32\DRIVERS\lgvmodem.sys
19:23:21.0538 3252 LGVMODEM - ok
19:23:21.0647 3252 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:23:21.0678 3252 lltdio - ok
19:23:21.0772 3252 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
19:23:21.0819 3252 lltdsvc - ok
19:23:21.0912 3252 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
19:23:21.0943 3252 lmhosts - ok
19:23:22.0053 3252 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:23:22.0068 3252 LSI_FC - ok
19:23:22.0177 3252 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:23:22.0177 3252 LSI_SAS - ok
19:23:22.0287 3252 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:23:22.0302 3252 LSI_SCSI - ok
19:23:22.0396 3252 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:23:22.0427 3252 luafv - ok
19:23:22.0521 3252 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
19:23:22.0536 3252 MBAMProtector - ok
19:23:22.0614 3252 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:23:22.0645 3252 MBAMService - ok
19:23:22.0739 3252 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
19:23:22.0770 3252 Mcx2Svc - ok
19:23:22.0864 3252 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:23:22.0879 3252 megasas - ok
19:23:22.0989 3252 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:23:23.0020 3252 MegaSR - ok
19:23:23.0082 3252 Microsoft SharePoint Workspace Audit Service - ok
19:23:23.0145 3252 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:23:23.0191 3252 MMCSS - ok
19:23:23.0301 3252 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:23:23.0332 3252 Modem - ok
19:23:23.0441 3252 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:23:23.0457 3252 monitor - ok
19:23:23.0566 3252 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:23:23.0581 3252 mouclass - ok
19:23:23.0675 3252 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
19:23:23.0706 3252 mouhid - ok
19:23:23.0815 3252 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:23:23.0831 3252 MountMgr - ok
19:23:23.0893 3252 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:23:23.0909 3252 mpio - ok
19:23:24.0003 3252 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:23:24.0034 3252 mpsdrv - ok
19:23:24.0143 3252 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
19:23:24.0174 3252 MpsSvc - ok
19:23:24.0268 3252 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:23:24.0283 3252 Mraid35x - ok
19:23:24.0408 3252 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:23:24.0439 3252 MRxDAV - ok
19:23:24.0549 3252 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:23:24.0595 3252 mrxsmb - ok
19:23:24.0720 3252 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:23:24.0736 3252 mrxsmb10 - ok
19:23:24.0861 3252 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:23:24.0892 3252 mrxsmb20 - ok
19:23:25.0001 3252 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
19:23:25.0017 3252 msahci - ok
19:23:25.0110 3252 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:23:25.0126 3252 msdsm - ok
19:23:25.0204 3252 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
19:23:25.0235 3252 MSDTC - ok
19:23:25.0344 3252 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:23:25.0375 3252 Msfs - ok
19:23:25.0469 3252 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:23:25.0485 3252 msisadrv - ok
19:23:25.0578 3252 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
19:23:25.0625 3252 MSiSCSI - ok
19:23:25.0719 3252 msiserver - ok
19:23:25.0812 3252 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:23:25.0843 3252 MSKSSRV - ok
19:23:25.0937 3252 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:23:25.0984 3252 MSPCLOCK - ok
19:23:26.0077 3252 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:23:26.0124 3252 MSPQM - ok
19:23:26.0249 3252 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:23:26.0265 3252 MsRPC - ok
19:23:26.0358 3252 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:23:26.0374 3252 mssmbios - ok
19:23:26.0467 3252 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:23:26.0514 3252 MSTEE - ok
19:23:26.0623 3252 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:23:26.0639 3252 Mup - ok
19:23:26.0748 3252 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
19:23:26.0779 3252 napagent - ok
19:23:26.0889 3252 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:23:26.0904 3252 NativeWifiP - ok
19:23:27.0013 3252 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:23:27.0045 3252 NDIS - ok
19:23:27.0138 3252 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:23:27.0169 3252 NdisTapi - ok
19:23:27.0263 3252 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:23:27.0310 3252 Ndisuio - ok
19:23:27.0419 3252 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:23:27.0450 3252 NdisWan - ok
19:23:27.0575 3252 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:23:27.0591 3252 NDProxy - ok
19:23:27.0700 3252 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:23:27.0731 3252 NetBIOS - ok
19:23:27.0856 3252 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:23:27.0887 3252 netbt - ok
19:23:27.0981 3252 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:23:27.0996 3252 Netlogon - ok
19:23:28.0090 3252 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
19:23:28.0121 3252 Netman - ok
19:23:28.0215 3252 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
19:23:28.0261 3252 netprofm - ok
19:23:28.0386 3252 netr28 (b05ffe38336193a9b988b00b230c5b80) C:\Windows\system32\DRIVERS\netr28.sys
19:23:28.0402 3252 netr28 - ok
19:23:28.0480 3252 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:23:28.0495 3252 NetTcpPortSharing - ok
19:23:28.0605 3252 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:23:28.0620 3252 nfrd960 - ok
19:23:28.0714 3252 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
19:23:28.0761 3252 NlaSvc - ok
19:23:28.0870 3252 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:23:28.0885 3252 Npfs - ok
19:23:28.0979 3252 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
19:23:29.0026 3252 nsi - ok
19:23:29.0119 3252 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:23:29.0151 3252 nsiproxy - ok
19:23:29.0291 3252 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:23:29.0369 3252 Ntfs - ok
19:23:29.0463 3252 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:23:29.0525 3252 ntrigdigi - ok
19:23:29.0650 3252 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:23:29.0681 3252 Null - ok
19:23:29.0775 3252 NVHDA (11be4b269549173cff542591e4be2c08) C:\Windows\system32\drivers\nvhda32v.sys
19:23:29.0775 3252 NVHDA - ok
19:23:30.0040 3252 nvlddmkm (440690da4358d9682dbcc56da7d419ab) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:23:30.0321 3252 nvlddmkm - ok
19:23:30.0430 3252 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:23:30.0445 3252 nvraid - ok
19:23:30.0555 3252 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:23:30.0555 3252 nvstor - ok
19:23:30.0679 3252 nvsvc (11e1dc466c3e384c1a697b95dc5aa785) C:\Windows\system32\nvvsvc.exe
19:23:30.0695 3252 nvsvc - ok
19:23:30.0835 3252 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:23:30.0851 3252 nv_agp - ok
19:23:30.0929 3252 NwlnkFlt - ok
19:23:31.0054 3252 NwlnkFwd - ok
19:23:31.0163 3252 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
19:23:31.0210 3252 ohci1394 - ok
19:23:31.0288 3252 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:23:31.0303 3252 ose - ok
19:23:31.0491 3252 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:23:32.0052 3252 osppsvc - ok
19:23:32.0255 3252 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:23:32.0302 3252 p2pimsvc - ok
19:23:32.0333 3252 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:23:32.0380 3252 p2psvc - ok
19:23:32.0458 3252 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:23:32.0520 3252 Parport - ok
19:23:32.0614 3252 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:23:32.0629 3252 partmgr - ok
19:23:32.0676 3252 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:23:32.0707 3252 Parvdm - ok
19:23:32.0754 3252 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
19:23:32.0785 3252 PcaSvc - ok
19:23:32.0879 3252 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:23:32.0879 3252 pci - ok
19:23:32.0957 3252 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:23:32.0973 3252 pciide - ok
19:23:33.0004 3252 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:23:33.0019 3252 pcmcia - ok
19:23:33.0097 3252 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:23:33.0175 3252 PEAUTH - ok
19:23:33.0285 3252 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
19:23:33.0363 3252 pla - ok
19:23:33.0425 3252 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
19:23:33.0456 3252 PlugPlay - ok
19:23:33.0550 3252 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:23:33.0581 3252 PNRPAutoReg - ok
19:23:33.0612 3252 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
19:23:33.0628 3252 PNRPsvc - ok
19:23:33.0737 3252 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
19:23:33.0784 3252 PolicyAgent - ok
19:23:33.0831 3252 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:23:33.0862 3252 PptpMiniport - ok
19:23:33.0924 3252 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
19:23:33.0955 3252 Processor - ok
19:23:34.0049 3252 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
19:23:34.0080 3252 ProfSvc - ok
19:23:34.0127 3252 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:23:34.0143 3252 ProtectedStorage - ok
19:23:34.0221 3252 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:23:34.0252 3252 PSched - ok
19:23:34.0361 3252 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:23:34.0423 3252 ql2300 - ok
19:23:34.0486 3252 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:23:34.0501 3252 ql40xx - ok
19:23:34.0564 3252 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
19:23:34.0579 3252 QWAVE - ok
19:23:34.0626 3252 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:23:34.0626 3252 QWAVEdrv - ok
19:23:34.0689 3252 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:23:34.0720 3252 RasAcd - ok
19:23:34.0782 3252 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
19:23:34.0798 3252 RasAuto - ok
19:23:34.0860 3252 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:23:34.0891 3252 Rasl2tp - ok
19:23:34.0969 3252 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
19:23:35.0001 3252 RasMan - ok
19:23:35.0079 3252 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:23:35.0094 3252 RasPppoe - ok
19:23:35.0157 3252 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:23:35.0172 3252 RasSstp - ok
19:23:35.0250 3252 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:23:35.0281 3252 rdbss - ok
19:23:35.0344 3252 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:23:35.0375 3252 RDPCDD - ok
19:23:35.0422 3252 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:23:35.0453 3252 rdpdr - ok
19:23:35.0484 3252 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:23:35.0515 3252 RDPENCDD - ok
19:23:35.0609 3252 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
19:23:35.0625 3252 RDPWD - ok
19:23:35.0703 3252 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
19:23:35.0734 3252 RemoteAccess - ok
19:23:35.0796 3252 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
19:23:35.0827 3252 RemoteRegistry - ok
19:23:35.0890 3252 RFCOMM (34cc78c06587718c2ad6d3aa83b1f072) C:\Windows\system32\DRIVERS\rfcomm.sys
19:23:35.0921 3252 RFCOMM - ok
19:23:35.0999 3252 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
19:23:36.0030 3252 RpcLocator - ok
19:23:36.0124 3252 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
19:23:36.0155 3252 RpcSs - ok
19:23:36.0217 3252 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:23:36.0264 3252 rspndr - ok
19:23:36.0342 3252 RTL8169 (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:23:36.0358 3252 RTL8169 - ok
19:23:36.0420 3252 RTSTOR (b0538dea03e088b80482ca939f4e8740) C:\Windows\system32\drivers\RTSTOR.SYS
19:23:36.0420 3252 RTSTOR - ok
19:23:36.0483 3252 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
19:23:36.0498 3252 SamSs - ok
19:23:36.0561 3252 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:23:36.0561 3252 sbp2port - ok
19:23:36.0654 3252 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
19:23:36.0685 3252 SCardSvr - ok
19:23:36.0795 3252 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
19:23:36.0826 3252 Schedule - ok
19:23:36.0904 3252 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
19:23:36.0919 3252 SCPolicySvc - ok
19:23:36.0966 3252 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
19:23:36.0982 3252 SDRSVC - ok
19:23:37.0060 3252 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:23:37.0107 3252 secdrv - ok
19:23:37.0153 3252 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
19:23:37.0200 3252 seclogon - ok
19:23:37.0263 3252 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
19:23:37.0309 3252 SENS - ok
19:23:37.0372 3252 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:23:37.0419 3252 Serenum - ok
19:23:37.0481 3252 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:23:37.0543 3252 Serial - ok
19:23:37.0590 3252 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:23:37.0606 3252 sermouse - ok
19:23:37.0684 3252 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
19:23:37.0715 3252 SessionEnv - ok
19:23:37.0793 3252 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:23:37.0809 3252 sffdisk - ok
19:23:37.0871 3252 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:23:37.0887 3252 sffp_mmc - ok
19:23:37.0949 3252 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:23:37.0980 3252 sffp_sd - ok
19:23:38.0043 3252 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:23:38.0089 3252 sfloppy - ok
19:23:38.0152 3252 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
19:23:38.0183 3252 SharedAccess - ok
19:23:38.0261 3252 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
19:23:38.0277 3252 ShellHWDetection - ok
19:23:38.0355 3252 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:23:38.0370 3252 sisagp - ok
19:23:38.0417 3252 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:23:38.0433 3252 SiSRaid2 - ok
19:23:38.0464 3252 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:23:38.0479 3252 SiSRaid4 - ok
19:23:38.0620 3252 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
19:23:38.0776 3252 slsvc - ok
19:23:38.0869 3252 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
19:23:38.0901 3252 SLUINotify - ok
19:23:38.0963 3252 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:23:38.0994 3252 Smb - ok
19:23:39.0072 3252 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
19:23:39.0088 3252 SNMPTRAP - ok
19:23:39.0150 3252 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:23:39.0166 3252 spldr - ok
19:23:39.0213 3252 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
19:23:39.0244 3252 Spooler - ok
19:23:39.0306 3252 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:23:39.0322 3252 srv - ok
19:23:39.0400 3252 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:23:39.0415 3252 srv2 - ok
19:23:39.0462 3252 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:23:39.0478 3252 srvnet - ok
19:23:39.0525 3252 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
19:23:39.0571 3252 SSDPSRV - ok
19:23:39.0634 3252 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:23:39.0649 3252 ssmdrv - ok
19:23:39.0727 3252 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
19:23:39.0743 3252 SstpSvc - ok
19:23:39.0821 3252 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
19:23:39.0852 3252 stisvc - ok
19:23:39.0915 3252 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:23:39.0915 3252 swenum - ok
19:23:39.0977 3252 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
19:23:40.0008 3252 swprv - ok
19:23:40.0086 3252 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:23:40.0102 3252 Symc8xx - ok
19:23:40.0149 3252 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:23:40.0164 3252 Sym_hi - ok
19:23:40.0211 3252 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:23:40.0227 3252 Sym_u3 - ok
19:23:40.0273 3252 SynTP (55f6e55cc2430ca8713387106fa79817) C:\Windows\system32\DRIVERS\SynTP.sys
19:23:40.0273 3252 SynTP - ok
19:23:40.0383 3252 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
19:23:40.0414 3252 SysMain - ok
19:23:40.0476 3252 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
19:23:40.0492 3252 TabletInputService - ok
19:23:40.0539 3252 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
19:23:40.0585 3252 TapiSrv - ok
19:23:40.0617 3252 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
19:23:40.0663 3252 TBS - ok
19:23:40.0788 3252 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:23:40.0851 3252 Tcpip - ok
19:23:40.0944 3252 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:23:40.0991 3252 Tcpip6 - ok
19:23:41.0116 3252 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:23:41.0131 3252 tcpipreg - ok
19:23:41.0163 3252 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:23:41.0209 3252 TDPIPE - ok
19:23:41.0272 3252 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:23:41.0287 3252 TDTCP - ok
19:23:41.0381 3252 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:23:41.0397 3252 tdx - ok
19:23:41.0459 3252 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:23:41.0475 3252 TermDD - ok
19:23:41.0553 3252 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
19:23:41.0599 3252 TermService - ok
19:23:41.0740 3252 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
19:23:41.0755 3252 Themes - ok
19:23:41.0802 3252 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
19:23:41.0833 3252 THREADORDER - ok
19:23:41.0880 3252 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
19:23:41.0911 3252 TrkWks - ok
19:23:41.0958 3252 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
19:23:41.0974 3252 TrustedInstaller - ok
19:23:42.0067 3252 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:23:42.0114 3252 tssecsrv - ok
19:23:42.0177 3252 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:23:42.0192 3252 tunmp - ok
19:23:42.0255 3252 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:23:42.0270 3252 tunnel - ok
19:23:42.0364 3252 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:23:42.0379 3252 uagp35 - ok
19:23:42.0457 3252 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:23:42.0473 3252 udfs - ok
19:23:42.0535 3252 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
19:23:42.0582 3252 UI0Detect - ok
19:23:42.0676 3252 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:23:42.0691 3252 uliagpkx - ok
19:23:42.0738 3252 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:23:42.0754 3252 uliahci - ok
19:23:42.0801 3252 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:23:42.0816 3252 UlSata - ok
19:23:42.0847 3252 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:23:42.0863 3252 ulsata2 - ok
19:23:42.0972 3252 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:23:42.0988 3252 umbus - ok
19:23:43.0050 3252 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
19:23:43.0081 3252 upnphost - ok
19:23:43.0128 3252 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
19:23:43.0144 3252 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
19:23:43.0144 3252 USBAAPL - detected UnsignedFile.Multi.Generic (1)
19:23:43.0222 3252 usbbus (9419faac6552a51542dbba02971c841c) C:\Windows\system32\DRIVERS\lgusbbus.sys
19:23:43.0253 3252 usbbus - ok
19:23:43.0315 3252 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:23:43.0347 3252 usbccgp - ok
19:23:43.0393 3252 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:23:43.0440 3252 usbcir - ok
19:23:43.0487 3252 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\Windows\system32\DRIVERS\lgusbdiag.sys
19:23:43.0518 3252 UsbDiag - ok
19:23:43.0612 3252 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:23:43.0643 3252 usbehci - ok
19:23:43.0690 3252 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:23:43.0737 3252 usbhub - ok
19:23:43.0799 3252 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\Windows\system32\DRIVERS\lgusbmodem.sys
19:23:43.0830 3252 USBModem - ok
19:23:43.0908 3252 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
19:23:43.0971 3252 usbohci - ok
19:23:44.0033 3252 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:23:44.0064 3252 usbprint - ok
19:23:44.0111 3252 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:23:44.0142 3252 USBSTOR - ok
19:23:44.0236 3252 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:23:44.0267 3252 usbuhci - ok
19:23:44.0329 3252 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:23:44.0376 3252 usbvideo - ok
19:23:44.0423 3252 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
19:23:44.0470 3252 UxSms - ok
19:23:44.0579 3252 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
19:23:44.0626 3252 vds - ok
19:23:44.0688 3252 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:23:44.0719 3252 vga - ok
19:23:44.0797 3252 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:23:44.0844 3252 VgaSave - ok
19:23:44.0891 3252 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:23:44.0891 3252 viaagp - ok
19:23:44.0969 3252 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:23:45.0000 3252 ViaC7 - ok
19:23:45.0031 3252 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
19:23:45.0047 3252 viaide - ok
19:23:45.0125 3252 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:23:45.0125 3252 volmgr - ok
19:23:45.0203 3252 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:23:45.0219 3252 volmgrx - ok
19:23:45.0297 3252 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:23:45.0312 3252 volsnap - ok
19:23:45.0390 3252 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:23:45.0406 3252 vsmraid - ok
19:23:45.0484 3252 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
19:23:45.0546 3252 VSS - ok
19:23:45.0671 3252 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
19:23:45.0702 3252 W32Time - ok
19:23:45.0780 3252 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:23:45.0811 3252 WacomPen - ok
19:23:45.0889 3252 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:23:45.0921 3252 Wanarp - ok
19:23:45.0921 3252 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:23:45.0936 3252 Wanarpv6 - ok
19:23:46.0014 3252 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
19:23:46.0045 3252 wcncsvc - ok
19:23:46.0108 3252 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
19:23:46.0139 3252 WcsPlugInService - ok
19:23:46.0248 3252 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:23:46.0264 3252 Wd - ok
19:23:46.0295 3252 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:23:46.0326 3252 Wdf01000 - ok
19:23:46.0342 3252 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:23:46.0373 3252 WdiServiceHost - ok
19:23:46.0373 3252 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
19:23:46.0404 3252 WdiSystemHost - ok
19:23:46.0529 3252 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
19:23:46.0560 3252 WebClient - ok
19:23:46.0607 3252 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
19:23:46.0638 3252 Wecsvc - ok
19:23:46.0732 3252 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
19:23:46.0747 3252 wercplsupport - ok
19:23:46.0810 3252 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
19:23:46.0857 3252 WerSvc - ok
19:23:46.0919 3252 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
19:23:46.0935 3252 WimFltr - ok
19:23:46.0997 3252 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
19:23:47.0013 3252 WinDefend - ok
19:23:47.0028 3252 WinHttpAutoProxySvc - ok
19:23:47.0122 3252 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
19:23:47.0153 3252 Winmgmt - ok
19:23:47.0231 3252 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
19:23:47.0325 3252 WinRM - ok
19:23:47.0434 3252 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
19:23:47.0449 3252 Wlansvc - ok
19:23:47.0543 3252 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:23:47.0559 3252 WmiAcpi - ok
19:23:47.0621 3252 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
19:23:47.0652 3252 wmiApSrv - ok
19:23:47.0730 3252 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:23:47.0793 3252 WMPNetworkSvc - ok
19:23:47.0886 3252 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
19:23:47.0917 3252 WPCSvc - ok
19:23:47.0995 3252 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
19:23:48.0011 3252 WPDBusEnum - ok
19:23:48.0105 3252 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
19:23:48.0120 3252 WpdUsb - ok
19:23:48.0276 3252 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:23:48.0292 3252 WPFFontCache_v0400 - ok
19:23:48.0417 3252 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:23:48.0432 3252 ws2ifsl - ok
19:23:48.0541 3252 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
19:23:48.0557 3252 wscsvc - ok
19:23:48.0635 3252 WSearch - ok
19:23:48.0713 3252 WSVD (b7f30c50a2e6e46822cd388608e06bb4) C:\Windows\system32\drivers\WSVD.sys
19:23:48.0713 3252 WSVD - ok
19:23:48.0853 3252 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
19:23:48.0947 3252 wuauserv - ok
19:23:49.0009 3252 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:23:49.0041 3252 WUDFRd - ok
19:23:49.0134 3252 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
19:23:49.0150 3252 wudfsvc - ok
19:23:49.0181 3252 MBR (0x1B8) (c8c6dc722d4ef7ca320585d4bd90474e) \Device\Harddisk0\DR0
19:23:52.0317 3252 \Device\Harddisk0\DR0 - ok
19:23:52.0348 3252 Boot (0x1200) (270b3243ae81a193ddeddfaa453c2f38) \Device\Harddisk0\DR0\Partition0
19:23:52.0348 3252 \Device\Harddisk0\DR0\Partition0 - ok
19:23:52.0379 3252 Boot (0x1200) (56838bff36871812752f8d6c6bebc618) \Device\Harddisk0\DR0\Partition1
19:23:52.0379 3252 \Device\Harddisk0\DR0\Partition1 - ok
19:23:52.0379 3252 ============================================================
19:23:52.0379 3252 Scan finished
19:23:52.0379 3252 ============================================================
19:23:52.0379 5192 Detected object count: 2
19:23:52.0379 5192 Actual detected object count: 2
19:26:05.0166 5192 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:26:05.0166 5192 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:26:05.0166 5192 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
19:26:05.0166 5192 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
21.04.2012, 20:58
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | tr/crypt.zpack.gen Trojanermeldung bei Antivir Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
22.04.2012, 16:08
| #19 |
| | tr/crypt.zpack.gen Trojanermeldung bei Antivir erledigt: Combofix Logfile: Code:
ATTFilter ComboFix 12-04-22.01 - ******* 22.04.2012 16:56:32.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3068.1897 [GMT 2:00]
ausgeführt von:: c:\users\*******\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\lgcenter.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-22 bis 2012-04-22 ))))))))))))))))))))))))))))))
.
.
2012-04-22 15:02 . 2012-04-22 15:02 -------- d-----w- c:\users\Gast\AppData\Local\temp
2012-04-22 15:02 . 2012-04-22 15:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-21 16:36 . 2012-04-21 16:36 -------- d-----w- C:\_OTL
2012-04-21 09:33 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D078AEC-A0AC-4195-81AF-A71F7B86D66C}\mpengine.dll
2012-04-15 14:18 . 2012-04-15 14:54 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-14 20:02 . 2012-04-14 20:02 -------- d-----w- c:\program files\ESET
2012-04-11 01:10 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 01:10 . 2012-02-29 15:11 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 01:10 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 01:10 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 01:09 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 01:09 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 01:02 . 2012-04-11 01:02 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-04-07 18:41 . 2012-04-07 18:41 -------- d-----w- c:\program files\7-Zip
2012-04-07 17:04 . 2012-04-07 17:04 -------- d-----w- c:\programdata\WindowsSearch
2012-04-05 19:59 . 2012-04-06 23:31 -------- d-----w- c:\users\*******\Ebooks_Calibre
2012-04-05 19:58 . 2012-04-05 20:08 -------- d-----w- c:\users\*******\AppData\Roaming\calibre
2012-04-05 19:58 . 2012-04-05 19:58 -------- d-----w- c:\program files\Calibre2
2012-03-29 18:26 . 2012-03-29 18:28 -------- d-----w- c:\program files\ALDI Bestellsoftware
2012-03-28 16:10 . 2012-03-28 16:10 -------- d-----w- c:\program files\iPod
2012-03-28 16:10 . 2012-03-28 16:11 -------- d-----w- c:\program files\iTunes
2012-03-28 09:00 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-28 09:00 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-28 09:00 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-28 09:00 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-28 09:00 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-28 09:00 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-28 09:00 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-28 09:00 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-15 14:54 . 2012-02-26 20:07 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-10-03 19:41 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 12:38 . 2011-11-27 21:31 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-02-14 10:09 . 2012-02-14 10:09 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2011-11-11 59240]
"ApplePhotoStreams"="c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2011-11-11 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KeybdUtility"="c:\program files\LG Software\LG OSD\HotKey.exe" [2008-06-09 2867200]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-10 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-10 92704]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-21 178712]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-14 222504]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2008-07-22 357376]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-19 258512]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 253088]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 14:54]
.
2012-04-22 c:\windows\Tasks\User_Feed_Synchronization-{79CDFA36-96EB-4BAB-8459-53F9FFBDCA6D}.job
- c:\windows\system32\msfeedssync.exe [2012-04-10 08:09]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\*******\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\*******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-04-22 17:02
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-04-22 17:05:20
ComboFix-quarantined-files.txt 2012-04-22 15:05
.
Vor Suchlauf: 10 Verzeichnis(se), 91.971.915.776 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 91.905.998.848 Bytes frei
.
- - End Of File - - 85F8D72C4C9EF4CEBF00CDFD9AF5063E
|
|
22.04.2012, 19:59
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | tr/crypt.zpack.gen Trojanermeldung bei Antivir Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.04.2012, 17:27
| #21 |
| | tr/crypt.zpack.gen Trojanermeldung bei Antivir So, einmal das GMER: GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-04-27 18:16:20
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 FUJITSU_ rev.0000
Running: 3ncid3re.exe; Driver: C:\Users\*******\AppData\Local\Temp\pxliifow.sys
---- System - GMER 1.0.15 ----
SSDT 8D5609F6 ZwCreateSection
SSDT 8D560A00 ZwRequestWaitReplyPort
SSDT 8D5609FB ZwSetContextThread
SSDT 8D560A05 ZwSetSecurityObject
SSDT 8D560A0A ZwSystemDebugControl
SSDT 8D560997 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 215 828F0998 4 Bytes [F6, 09, 56, 8D]
.text ntkrnlpa.exe!KeSetEvent + 539 828F0CBC 4 Bytes [00, 0A, 56, 8D]
.text ntkrnlpa.exe!KeSetEvent + 56D 828F0CF0 4 Bytes [FB, 09, 56, 8D] {STI ; OR [ESI-0x73], EDX}
.text ntkrnlpa.exe!KeSetEvent + 5D1 828F0D54 4 Bytes [05, 0A, 56, 8D]
.text ntkrnlpa.exe!KeSetEvent + 619 828F0D9C 4 Bytes [0A, 0A, 56, 8D]
.text ...
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8E60E340, 0x3E9407, 0xE8000020]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----
Library C:\Users\*******\Desktop\3ncid3re.exe (*** hidden *** ) @ C:\Users\Martina\Desktop\3ncid3re.exe [5840] 0x00400000
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000df052969b
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000df052969b (not active ControlSet)
---- EOF - GMER 1.0.15 ----
und einmal das OSAM: OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:22:52 on 27.04.2012 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLCFG32.CPL "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Apple Mobile USB Driver" (USBAAPL) - "Apple, Inc." - C:\Windows\System32\Drivers\usbaapl.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\Users\Martina\AppData\Local\Temp\catchme.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "pxliifow" (pxliifow) - "GMER" - C:\pxliifow.sys (Hidden registry entry, rootkit activity) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys "WSVD" (WSVD) - "CyberLink" - C:\Windows\system32\drivers\WSVD.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\VISSHE.DLL {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "ESET" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "ApplePhotoStreams" - "Apple Inc." - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe "iCloudServices" - "Apple Inc." - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "BCSSync" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices "FreePDF Assistant" - "shbox.de" - C:\Program Files\FreePDF_XP\fpassist.exe "IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "KeybdUtility" - "LG Electronics" - C:\Program Files\LG Software\LG OSD\HotKey.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "UCam_Menu" - "CyberLink Corp." - "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "GEngine Port Monitor" - ? - C:\Windows\system32\gengpmon.dll (File found, but it contains no detailed information) "Redirected Port" - ? - C:\Windows\system32\redmonnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe "Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] aswMBR folgt... und hier das aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-27 18:51:12
-----------------------------
18:51:12.102 OS Version: Windows 6.0.6002 Service Pack 2
18:51:12.102 Number of processors: 2 586 0xF0D
18:51:12.102 ComputerName: MARTINA-PC UserName: Martina
18:51:13.132 Initialize success
18:51:17.936 AVAST engine defs: 12042700
18:51:38.934 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:51:38.981 Disk 0 Vendor: FUJITSU_ 0000 Size: 305245MB BusType: 3
18:51:39.184 Disk 0 MBR read successfully
18:51:39.184 Disk 0 MBR scan
18:51:39.215 Disk 0 unknown MBR code
18:51:39.230 Disk 0 Partition 1 00 12 Compaq diag NTFS 1536 MB offset 2048
18:51:39.246 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 151552 MB offset 3147776
18:51:39.308 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152155 MB offset 313526272
18:51:39.355 Disk 0 scanning sectors +625139712
18:51:39.527 Disk 0 scanning C:\Windows\system32\drivers
18:52:02.630 Service scanning
18:52:29.228 Modules scanning
18:52:40.747 Disk 0 trace - called modules:
18:52:41.293 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:52:41.308 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86e0cac8]
18:52:41.308 3 CLASSPNP.SYS[8afa18b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85da4028]
18:52:41.308 Scan finished successfully
19:16:40.034 Disk 0 MBR has been saved successfully to "C:\Users\Martina\Desktop\MBR.dat"
19:16:40.049 The log file has been saved successfully to "C:\Users\Martina\Desktop\aswMBR.txt"
|
|
27.04.2012, 18:57
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | tr/crypt.zpack.gen Trojanermeldung bei Antivir Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.04.2012, 13:31
| #23 |
| | tr/crypt.zpack.gen Trojanermeldung bei Antivir erledigt: Das fixen dauert nur in paar Sekunden, kann das stimmen? Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-28 14:25:34
-----------------------------
14:25:34.594 OS Version: Windows 6.0.6002 Service Pack 2
14:25:34.594 Number of processors: 2 586 0xF0D
14:25:34.594 ComputerName: *******-PC UserName: *******
14:25:35.327 Initialize success
14:25:40.600 AVAST engine defs: 12042700
14:25:59.039 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:25:59.039 Disk 0 Vendor: FUJITSU_ 0000 Size: 305245MB BusType: 3
14:25:59.054 Disk 0 MBR read successfully
14:25:59.054 Disk 0 MBR scan
14:25:59.070 Disk 0 Windows VISTA default MBR code
14:25:59.086 Disk 0 Partition 1 00 12 Compaq diag NTFS 1536 MB offset 2048
14:25:59.101 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 151552 MB offset 3147776
14:25:59.132 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152155 MB offset 313526272
14:25:59.132 Disk 0 scanning sectors +625139712
14:25:59.226 Disk 0 scanning C:\Windows\system32\drivers
14:26:12.299 Service scanning
14:26:42.532 Modules scanning
14:26:49.130 Disk 0 trace - called modules:
14:26:49.146 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:26:49.162 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8689e1d0]
14:26:49.162 3 CLASSPNP.SYS[8afa38b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85da4028]
14:26:49.177 Scan finished successfully
14:28:41.996 Disk 0 MBR has been saved successfully to "C:\Users\*******\Desktop\MBR.dat"
14:28:41.996 The log file has been saved successfully to "C:\Users\*******\Desktop\aswMBR.txt"
|
|
28.04.2012, 14:17
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | tr/crypt.zpack.gen Trojanermeldung bei Antivir Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.05.2012, 17:05
| #25 |
| | tr/crypt.zpack.gen Trojanermeldung bei Antivir Einmal Malewarebyte: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.05.01.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19222 Martina :: *******-PC [Administrator] Schutz: Deaktiviert 01.05.2012 16:08:40 mbam-log-2012-05-01 (16-08-40).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 401271 Laufzeit: 1 Stunde(n), 52 Minute(n), 11 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 05/01/2012 at 06:23 PM
Application Version : 5.0.1148
Core Rules Database Version : 8535
Trace Rules Database Version: 6347
Scan type : Quick Scan
Total Scan Time : 00:10:46
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 682
Memory threats detected : 0
Registry items scanned : 27195
Registry threats detected : 0
File items scanned : 10271
File threats detected : 96
Adware.Tracking Cookie
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\R69X3XT1.txt [ /zanox.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\9CGUZDL3.txt [ /fastclick.net ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\4MUVRVJG.txt [ /ad2.adfarm1.adition.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\1NK9D1G4.txt [ /apmebf.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\ASI6QR9L.txt [ /ww251.smartadserver.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\K2BD5RBC.txt [ /deutschepostag.112.2o7.net ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\BMN30Q3F.txt [ /dyntracker.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\NRWVMROJ.txt [ /invitemedia.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\EHUNMPZN.txt [ /webmasterplan.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\OWUS46WT.txt [ /amazon-adsystem.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\5GWNWHA6.txt [ /track.effiliation.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\ULVOGE4Z.txt [ /smartadserver.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\0WG3EI4S.txt [ /ad4.adfarm1.adition.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\7YO0MLIO.txt [ /doubleclick.net ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\7OD0LS9J.txt [ /e2.emediate.se ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\FPMTO6DA.txt [ /adfarm1.adition.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\SW2RCJ7V.txt [ /ad.360yield.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\JNU1HR8Z.txt [ /ad.zanox.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\1TVVTRPC.txt [ /track.effiliation.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\1U9XNZ5E.txt [ /im.banner.t-online.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\RKE88CJW.txt [ /revsci.net ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\MV0HG8C8.txt [ /www.googleadservices.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\5RJJ1ABW.txt [ /autoscout24.112.2o7.net ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\W6XG6FHR.txt [ /eas.apm.emediate.eu ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\29M30F2F.txt [ /statse.webtrendslive.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\69ER2NEM.txt [ /mediaplex.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\BX1G1YW0.txt [ /clickfuse.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\WPQTGHNT.txt [ /tracking.mobile.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\3X8NMM48.txt [ /adtech.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\PYYEL0FY.txt [ /ad.yieldmanager.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\9E713V9O.txt [ /atdmt.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\BCIRDUN0.txt [ /tracking.quisma.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\NP90CFIW.txt [ /tradedoubler.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\D5B1YKF5.txt [ /www.etracker.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\IR9C4XH7.txt [ /zanox-affiliate.de ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\DY6GZHJF.txt [ Cookie:gast@tracking.quisma.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\DMWI2LOY.txt [ Cookie:gast@statse.webtrendslive.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\8DG2TD0W.txt [ Cookie:gast@www.burstnet.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\HIH1LEI4.txt [ Cookie:gast@invitemedia.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZUOO86T5.txt [ Cookie:gast@adserver.mitfahrzentrale.de/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\67FWMQ0P.txt [ Cookie:gast@www.googleadservices.com/pagead/conversion/1071668411/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\NPJA3YWW.txt [ Cookie:gast@stat.aldi.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\6WL2AXMD.txt [ Cookie:gast@adfarm1.adition.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\3SC9ON5C.txt [ Cookie:gast@ad4.adfarm1.adition.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\6N4TO5NC.txt [ Cookie:gast@doubleclick.net/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZJFIL740.txt [ Cookie:gast@eyewonder.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\NQSINMJZ.txt [ Cookie:gast@traffictrack.de/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\6PIUUEZL.txt [ Cookie:gast@ad.yieldmanager.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\RLOBWIM6.txt [ Cookie:gast@tradedoubler.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\JLZTLUAD.txt [ Cookie:gast@smartadserver.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\F8O5KI87.txt [ Cookie:gast@apmebf.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\XLKRN5IJ.txt [ Cookie:gast@mediaplex.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\WW230KV3.txt [ Cookie:gast@germanwings.112.2o7.net/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\BFDY1WT9.txt [ Cookie:gast@ww251.smartadserver.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\WBOOR3HM.txt [ Cookie:gast@xiti.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\CERW909E.txt [ Cookie:gast@specificclick.net/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\OYK5RPU6.txt [ Cookie:gast@yieldmanager.net/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z1BDQFPU.txt [ Cookie:gast@ad3.adfarm1.adition.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\32Z9J8I8.txt [ Cookie:gast@www.googleadservices.com/pagead/conversion/1071459391/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\A563EFPO.txt [ Cookie:gast@ad2.adfarm1.adition.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\9NYW23I3.txt [ Cookie:gast@adtech.de/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\QT04LYGO.txt [ Cookie:gast@imrworldwide.com/cgi-bin ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\TFWIYSVX.txt [ Cookie:gast@advertising.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\NS9VLTNT.txt [ Cookie:gast@zanox-affiliate.de/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZNG8NRIK.txt [ Cookie:gast@serving-sys.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZTW5VD1Z.txt [ Cookie:gast@webmasterplan.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\5UEK96IF.txt [ Cookie:gast@ads.mikinimedia.de/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\EXGQ8HYL.txt [ Cookie:gast@adviva.net/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\EYNIGD6J.txt [ Cookie:gast@clickfuse.com/ ]
C:\USERS\GAST\AppData\Roaming\Microsoft\Windows\Cookies\Low\JPOLOPZG.txt [ Cookie:gast@2o7.net/ ]
C:\USERS\*******\Cookies\R69X3XT1.txt [ Cookie:*******@zanox.com/ ]
C:\USERS\*******\Cookies\4MUVRVJG.txt [ Cookie:*******@ad2.adfarm1.adition.com/ ]
C:\USERS\*******\Cookies\1NK9D1G4.txt [ Cookie:*******@apmebf.com/ ]
C:\USERS\*******\Cookies\ASI6QR9L.txt [ Cookie:*******@ww251.smartadserver.com/ ]
C:\USERS\*******\Cookies\K2BD5RBC.txt [ Cookie:*******@deutschepostag.112.2o7.net/ ]
C:\USERS\*******\Cookies\BMN30Q3F.txt [ Cookie:*******@dyntracker.com/ ]
C:\USERS\*******\Cookies\NRWVMROJ.txt [ Cookie:*******@invitemedia.com/ ]
C:\USERS\*******\Cookies\EHUNMPZN.txt [ Cookie:*******@webmasterplan.com/ ]
C:\USERS\*******\Cookies\5GWNWHA6.txt [ Cookie:*******@track.effiliation.com/servlet/ ]
C:\USERS\*******\Cookies\ULVOGE4Z.txt [ Cookie:*******@smartadserver.com/ ]
C:\USERS\*******\Cookies\0WG3EI4S.txt [ Cookie:*******@ad4.adfarm1.adition.com/ ]
C:\USERS\*******\Cookies\7YO0MLIO.txt [ Cookie:*******@doubleclick.net/ ]
C:\USERS\*******\Cookies\7OD0LS9J.txt [ Cookie:*******@e2.emediate.se/ ]
C:\USERS\*******\Cookies\JNU1HR8Z.txt [ Cookie:*******@ad.zanox.com/ ]
C:\USERS\*******\Cookies\1TVVTRPC.txt [ Cookie:*******@track.effiliation.com/ ]
C:\USERS\*******\Cookies\RKE88CJW.txt [ Cookie:*******@revsci.net/ ]
C:\USERS\*******\Cookies\5RJJ1ABW.txt [ Cookie:*******@autoscout24.112.2o7.net/ ]
C:\USERS\*******\Cookies\W6XG6FHR.txt [ Cookie:*******@eas.apm.emediate.eu/ ]
C:\USERS\*******\Cookies\BX1G1YW0.txt [ Cookie:*******@clickfuse.com/ ]
C:\USERS\*******\Cookies\WPQTGHNT.txt [ Cookie:*******@tracking.mobile.de/ ]
C:\USERS\*******\Cookies\3X8NMM48.txt [ Cookie:*******@adtech.de/ ]
C:\USERS\*******\Cookies\9E713V9O.txt [ Cookie:*******@atdmt.com/ ]
C:\USERS\*******\Cookies\BCIRDUN0.txt [ Cookie:*******@tracking.quisma.com/ ]
C:\USERS\*******\Cookies\NP90CFIW.txt [ Cookie:*******@tradedoubler.com/ ]
C:\USERS\*******\Cookies\D5B1YKF5.txt [ Cookie:*******@www.etracker.de/ ]
C:\USERS\*******\Cookies\IR9C4XH7.txt [ Cookie:*******@zanox-affiliate.de/ ]
|
|
02.05.2012, 12:23
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | tr/crypt.zpack.gen Trojanermeldung bei AntivirZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.05.2012, 21:52
| #27 |
| | tr/crypt.zpack.gen Trojanermeldung bei Antivir mein Fehler, hier das neue File: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 05/04/2012 at 10:45 PM
Application Version : 5.0.1148
Core Rules Database Version : 8557
Trace Rules Database Version: 6369
Scan type : Complete Scan
Total Scan Time : 02:11:21
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 701
Memory threats detected : 0
Registry items scanned : 34164
Registry threats detected : 0
File items scanned : 181193
File threats detected : 41
Adware.Tracking Cookie
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\9QOVELOA.txt [ /zanox.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\VP963P6N.txt [ /traffictrack.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\TE2XVX0O.txt [ /fastclick.net ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\49NK53OJ.txt [ /apmebf.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\U605IGBB.txt [ /invitemedia.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\OS9Z7XIS.txt [ /webmasterplan.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\BIIM0CYO.txt [ /www.zanox-affiliate.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\C5AZKJ2X.txt [ /doubleclick.net ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\D8H9125R.txt [ /xxxlmoebelhaeuser.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\PBKXNN87.txt [ /www.xxxlmoebelhaeuser.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\4ZB5TLFD.txt [ /ad.zanox.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\90H8IM0E.txt [ /imrworldwide.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\QBBJK4I2.txt [ /mediaplex.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\AF01VUJ2.txt [ /atdmt.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\XTKUFXZL.txt [ /tradedoubler.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\AQM5Q22A.txt [ /tracking.quisma.com ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\7CLII0PN.txt [ /www.etracker.de ]
C:\Users\*******\AppData\Roaming\Microsoft\Windows\Cookies\KEYW4H3C.txt [ /zanox-affiliate.de ]
C:\USERS\*******\AppData\Roaming\Microsoft\Windows\Cookies\1O8ECS5I.txt [ Cookie:*******@zanox.com/ ]
C:\USERS\*******\AppData\Roaming\Microsoft\Windows\Cookies\2B2Q3OFB.txt [ Cookie:*******@webmasterplan.com/ ]
C:\USERS\*******\AppData\Roaming\Microsoft\Windows\Cookies\PM51O1VA.txt [ Cookie:*******@ad.zanox.com/ ]
C:\USERS\*******\Cookies\1O8ECS5I.txt [ Cookie:*******@zanox.com/ ]
C:\USERS\*******\Cookies\VP963P6N.txt [ Cookie:*******@traffictrack.de/ ]
C:\USERS\*******\Cookies\49NK53OJ.txt [ Cookie:*******@apmebf.com/ ]
C:\USERS\*******\Cookies\U605IGBB.txt [ Cookie:*******@invitemedia.com/ ]
C:\USERS\*******\Cookies\2B2Q3OFB.txt [ Cookie:*******@webmasterplan.com/ ]
C:\USERS\*******\Cookies\BIIM0CYO.txt [ Cookie:*******@www.zanox-affiliate.de/ ]
C:\USERS\*******\Cookies\C5AZKJ2X.txt [ Cookie:*******@doubleclick.net/ ]
C:\USERS\*******\Cookies\PM51O1VA.txt [ Cookie:*******@ad.zanox.com/ ]
C:\USERS\*******\Cookies\90H8IM0E.txt [ Cookie:*******@imrworldwide.com/cgi-bin ]
C:\USERS\*******\Cookies\AF01VUJ2.txt [ Cookie:*******@atdmt.com/ ]
C:\USERS\*******\Cookies\XTKUFXZL.txt [ Cookie:*******@tradedoubler.com/ ]
C:\USERS\*******\Cookies\AQM5Q22A.txt [ Cookie:*******@tracking.quisma.com/ ]
C:\USERS\*******\Cookies\7CLII0PN.txt [ Cookie:*******@www.etracker.de/ ]
C:\USERS\*******\Cookies\KEYW4H3C.txt [ Cookie:*******@zanox-affiliate.de/ ]
earlyexperience.partyaccount.com [ C:\USERS\*******\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYCASINO\COOKIES.TXT ]
.partyaccount.com [ C:\USERS\*******\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
secure.partyaccount.com [ C:\USERS\*******\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
ad.yieldmanager.com [ C:\USERS\*******\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
ad.yieldmanager.com [ C:\USERS\*******\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
earlyexperience.partyaccount.com [ C:\USERS\*******\APPDATA\ROAMING\MOZILLA-CACHE\PARTY\PARTYPOKER\COOKIES.TXT ]
|
|
04.05.2012, 22:21
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | tr/crypt.zpack.gen Trojanermeldung bei Antivir Sieht ok aus, da wurden nur Cookies gefunden. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2012, 19:35
| #29 |
| | tr/crypt.zpack.gen Trojanermeldung bei Antivir Super, vielen Dank! Mit dem Cookies kann sie leben, soviel ist das eh nicht, wo sie sich einloggt... Die Probleme sind alle weg! Kam auch schon länger keine Fehlermeldung mehr von Avira... |
|
06.05.2012, 18:35
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | tr/crypt.zpack.gen Trojanermeldung bei Antivir Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt. Mit Hilfe von OTL kannst du auch viele Tools entfernen: Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Adobe - Andere Version des Adobe Flash Player installieren Notfalls kann man auch von Chip.de runterladen => http://filepony.de/?q=Flash+Player Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu tr/crypt.zpack.gen Trojanermeldung bei Antivir |
| adobe, antivir, avira, bonjour, converter, defender, desktop, dll, document, download, entfernen, excel, explorer, microsoft, mp3, nicht möglich, nvidia, plug-in, rundll, scan, software, svchost.exe, system, trojaner, virus, windows, windows media player, wmp |
Linear-Darstellung
