| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.04.2012, 17:01
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.04.2012, 18:00
| #17 |
 | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 Ich werd das machen wenn ich wieder bei meiner Schwester bin, aber wie ist derzeit deine Einschätzung? Der Rechner macht sonst scheinbar keine Zicken und verschiedene Scanner finden nix mehr. Ist da dennoch noch was Gefährliches übrig oder kann man das noch nicht sagen?
__________________ |
|
21.04.2012, 18:03
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 Ob da noch was ist zeigen die nächsten Logs
__________________
__________________ |
|
29.04.2012, 18:55
| #19 |
| | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 Hier TDDS Killer: Code:
ATTFilter 19:52:23.0322 0300 TDSS rootkit removing tool 2.7.33.0 Apr 24 2012 18:43:43
19:52:23.0790 0300 ============================================================
19:52:23.0790 0300 Current date / time: 2012/04/29 19:52:23.0790
19:52:23.0790 0300 SystemInfo:
19:52:23.0790 0300
19:52:23.0790 0300 OS Version: 6.1.7601 ServicePack: 1.0
19:52:23.0790 0300 Product type: Workstation
19:52:23.0790 0300 ComputerName: JULIAN-PC
19:52:23.0790 0300 UserName: Julian
19:52:23.0790 0300 Windows directory: C:\Windows
19:52:23.0790 0300 System windows directory: C:\Windows
19:52:23.0790 0300 Running under WOW64
19:52:23.0790 0300 Processor architecture: Intel x64
19:52:23.0790 0300 Number of processors: 4
19:52:23.0790 0300 Page size: 0x1000
19:52:23.0790 0300 Boot type: Normal boot
19:52:23.0790 0300 ============================================================
19:52:24.0835 0300 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:52:24.0850 0300 ============================================================
19:52:24.0850 0300 \Device\Harddisk0\DR0:
19:52:24.0850 0300 MBR partitions:
19:52:24.0850 0300 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:52:24.0850 0300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
19:52:24.0850 0300 ============================================================
19:52:24.0866 0300 C: <-> \Device\Harddisk0\DR0\Partition1
19:52:24.0866 0300 ============================================================
19:52:24.0866 0300 Initialize success
19:52:24.0866 0300 ============================================================
19:53:05.0302 3536 ============================================================
19:53:05.0302 3536 Scan started
19:53:05.0302 3536 Mode: Manual; SigCheck; TDLFS;
19:53:05.0302 3536 ============================================================
19:53:06.0004 3536 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:53:06.0082 3536 1394ohci - ok
19:53:06.0113 3536 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:53:06.0129 3536 ACPI - ok
19:53:06.0145 3536 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:53:06.0176 3536 AcpiPmi - ok
19:53:06.0269 3536 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:53:06.0285 3536 AdobeARMservice - ok
19:53:06.0425 3536 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:53:06.0457 3536 AdobeFlashPlayerUpdateSvc - ok
19:53:06.0519 3536 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:53:06.0550 3536 adp94xx - ok
19:53:06.0613 3536 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:53:06.0644 3536 adpahci - ok
19:53:06.0659 3536 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:53:06.0675 3536 adpu320 - ok
19:53:06.0706 3536 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:53:06.0831 3536 AeLookupSvc - ok
19:53:06.0893 3536 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:53:06.0956 3536 AFD - ok
19:53:06.0987 3536 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:53:07.0018 3536 agp440 - ok
19:53:07.0065 3536 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:53:07.0127 3536 ALG - ok
19:53:07.0159 3536 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:53:07.0174 3536 aliide - ok
19:53:07.0237 3536 AMD External Events Utility (87e226c0e11182943d28e8bec61618cd) C:\Windows\system32\atiesrxx.exe
19:53:07.0299 3536 AMD External Events Utility - ok
19:53:07.0361 3536 AMD FUEL Service - ok
19:53:07.0377 3536 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:53:07.0408 3536 amdide - ok
19:53:07.0424 3536 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
19:53:07.0471 3536 amdiox64 - ok
19:53:07.0517 3536 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:53:07.0549 3536 AmdK8 - ok
19:53:08.0173 3536 amdkmdag (446a1aad34191665a8df6092bd8eb5a8) C:\Windows\system32\DRIVERS\atikmdag.sys
19:53:08.0485 3536 amdkmdag - ok
19:53:08.0625 3536 amdkmdap (f8f8a908fdb005a65ddf7238c814eea5) C:\Windows\system32\DRIVERS\atikmpag.sys
19:53:08.0687 3536 amdkmdap - ok
19:53:08.0719 3536 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:53:08.0750 3536 AmdPPM - ok
19:53:08.0781 3536 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
19:53:08.0812 3536 amdsata - ok
19:53:08.0843 3536 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:53:08.0859 3536 amdsbs - ok
19:53:08.0875 3536 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
19:53:08.0875 3536 amdxata - ok
19:53:08.0968 3536 AntiVirSchedulerService (72709089a54bdc1c5b16bc4a4b926567) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:53:08.0984 3536 AntiVirSchedulerService - ok
19:53:09.0031 3536 AntiVirService (42f88bfbb76f7a63e381829479b18518) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:53:09.0046 3536 AntiVirService - ok
19:53:09.0093 3536 AntiVirWebService (3f3c2bd7bddd489aae5410d7e84db904) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:53:09.0140 3536 AntiVirWebService - ok
19:53:09.0187 3536 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:53:09.0218 3536 AODDriver4.01 - ok
19:53:09.0249 3536 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:53:09.0311 3536 AppID - ok
19:53:09.0343 3536 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:53:09.0374 3536 AppIDSvc - ok
19:53:09.0389 3536 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:53:09.0421 3536 Appinfo - ok
19:53:09.0467 3536 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:53:09.0499 3536 arc - ok
19:53:09.0514 3536 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:53:09.0514 3536 arcsas - ok
19:53:09.0561 3536 asmthub3 (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys
19:53:09.0608 3536 asmthub3 - ok
19:53:09.0655 3536 asmtxhci (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys
19:53:09.0717 3536 asmtxhci - ok
19:53:09.0733 3536 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:53:09.0811 3536 AsyncMac - ok
19:53:09.0826 3536 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:53:09.0842 3536 atapi - ok
19:53:09.0873 3536 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
19:53:09.0904 3536 AtiHDAudioService - ok
19:53:09.0935 3536 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
19:53:09.0935 3536 AtiPcie - ok
19:53:10.0013 3536 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:53:10.0107 3536 AudioEndpointBuilder - ok
19:53:10.0107 3536 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:53:10.0138 3536 AudioSrv - ok
19:53:10.0154 3536 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
19:53:10.0169 3536 avgntflt - ok
19:53:10.0201 3536 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
19:53:10.0201 3536 avipbb - ok
19:53:10.0216 3536 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:53:10.0216 3536 avkmgr - ok
19:53:10.0247 3536 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:53:10.0310 3536 AxInstSV - ok
19:53:10.0388 3536 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:53:10.0435 3536 b06bdrv - ok
19:53:10.0481 3536 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:53:10.0528 3536 b57nd60a - ok
19:53:10.0575 3536 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:53:10.0637 3536 BDESVC - ok
19:53:10.0653 3536 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:53:10.0715 3536 Beep - ok
19:53:10.0793 3536 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:53:10.0856 3536 BFE - ok
19:53:10.0965 3536 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:53:11.0059 3536 BITS - ok
19:53:11.0121 3536 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:53:11.0152 3536 blbdrive - ok
19:53:11.0183 3536 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:53:11.0215 3536 bowser - ok
19:53:11.0246 3536 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:53:11.0277 3536 BrFiltLo - ok
19:53:11.0277 3536 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:53:11.0293 3536 BrFiltUp - ok
19:53:11.0339 3536 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:53:11.0402 3536 Browser - ok
19:53:11.0433 3536 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:53:11.0464 3536 Brserid - ok
19:53:11.0495 3536 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:53:11.0527 3536 BrSerWdm - ok
19:53:11.0558 3536 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:53:11.0605 3536 BrUsbMdm - ok
19:53:11.0605 3536 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:53:11.0620 3536 BrUsbSer - ok
19:53:11.0651 3536 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:53:11.0683 3536 BTHMODEM - ok
19:53:11.0714 3536 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:53:11.0745 3536 bthserv - ok
19:53:11.0776 3536 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:53:11.0807 3536 cdfs - ok
19:53:11.0839 3536 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:53:11.0854 3536 cdrom - ok
19:53:11.0870 3536 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:53:11.0932 3536 CertPropSvc - ok
19:53:11.0963 3536 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:53:12.0010 3536 circlass - ok
19:53:12.0041 3536 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:53:12.0073 3536 CLFS - ok
19:53:12.0119 3536 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:53:12.0135 3536 clr_optimization_v2.0.50727_32 - ok
19:53:12.0197 3536 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:53:12.0213 3536 clr_optimization_v2.0.50727_64 - ok
19:53:12.0244 3536 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:53:12.0275 3536 CmBatt - ok
19:53:12.0291 3536 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:53:12.0291 3536 cmdide - ok
19:53:12.0353 3536 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:53:12.0385 3536 CNG - ok
19:53:12.0400 3536 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:53:12.0400 3536 Compbatt - ok
19:53:12.0431 3536 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:53:12.0463 3536 CompositeBus - ok
19:53:12.0478 3536 COMSysApp - ok
19:53:12.0603 3536 CPUCooLServer (f4fd82f5d6617a45cc3c4b9d4e7df2c0) C:\Program Files (x86)\CPUCooL\CooLSrv.exe
19:53:12.0634 3536 CPUCooLServer ( UnsignedFile.Multi.Generic ) - warning
19:53:12.0634 3536 CPUCooLServer - detected UnsignedFile.Multi.Generic (1)
19:53:12.0650 3536 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:53:12.0665 3536 crcdisk - ok
19:53:12.0712 3536 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:53:12.0790 3536 CryptSvc - ok
19:53:12.0868 3536 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:53:12.0915 3536 DcomLaunch - ok
19:53:12.0962 3536 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:53:13.0009 3536 defragsvc - ok
19:53:13.0040 3536 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:53:13.0087 3536 DfsC - ok
19:53:13.0118 3536 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:53:13.0165 3536 Dhcp - ok
19:53:13.0180 3536 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:53:13.0211 3536 discache - ok
19:53:13.0243 3536 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:53:13.0243 3536 Disk - ok
19:53:13.0274 3536 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:53:13.0305 3536 Dnscache - ok
19:53:13.0352 3536 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:53:13.0414 3536 dot3svc - ok
19:53:13.0445 3536 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:53:13.0508 3536 DPS - ok
19:53:13.0539 3536 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:53:13.0570 3536 drmkaud - ok
19:53:13.0633 3536 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:53:13.0648 3536 DXGKrnl - ok
19:53:13.0679 3536 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:53:13.0726 3536 EapHost - ok
19:53:13.0976 3536 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:53:14.0038 3536 ebdrv - ok
19:53:14.0163 3536 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:53:14.0210 3536 EFS - ok
19:53:14.0288 3536 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:53:14.0366 3536 ehRecvr - ok
19:53:14.0413 3536 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:53:14.0444 3536 ehSched - ok
19:53:14.0553 3536 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:53:14.0600 3536 elxstor - ok
19:53:14.0600 3536 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:53:14.0631 3536 ErrDev - ok
19:53:14.0693 3536 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:53:14.0771 3536 EventSystem - ok
19:53:14.0803 3536 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:53:14.0834 3536 exfat - ok
19:53:14.0849 3536 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:53:14.0881 3536 fastfat - ok
19:53:14.0959 3536 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:53:15.0021 3536 Fax - ok
19:53:15.0052 3536 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:53:15.0068 3536 fdc - ok
19:53:15.0115 3536 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:53:15.0161 3536 fdPHost - ok
19:53:15.0193 3536 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:53:15.0239 3536 FDResPub - ok
19:53:15.0271 3536 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:53:15.0302 3536 FileInfo - ok
19:53:15.0317 3536 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:53:15.0395 3536 Filetrace - ok
19:53:15.0411 3536 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:53:15.0411 3536 flpydisk - ok
19:53:15.0442 3536 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:53:15.0489 3536 FltMgr - ok
19:53:15.0551 3536 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
19:53:15.0598 3536 FontCache - ok
19:53:15.0692 3536 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:53:15.0707 3536 FontCache3.0.0.0 - ok
19:53:15.0739 3536 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:53:15.0754 3536 FsDepends - ok
19:53:15.0785 3536 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:53:15.0785 3536 Fs_Rec - ok
19:53:15.0832 3536 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:53:15.0848 3536 fvevol - ok
19:53:15.0863 3536 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:53:15.0879 3536 gagp30kx - ok
19:53:15.0957 3536 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:53:16.0004 3536 gpsvc - ok
19:53:16.0019 3536 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:53:16.0051 3536 hcw85cir - ok
19:53:16.0113 3536 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:53:16.0144 3536 HdAudAddService - ok
19:53:16.0175 3536 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:53:16.0207 3536 HDAudBus - ok
19:53:16.0222 3536 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:53:16.0253 3536 HidBatt - ok
19:53:16.0285 3536 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:53:16.0331 3536 HidBth - ok
19:53:16.0363 3536 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:53:16.0394 3536 HidIr - ok
19:53:16.0425 3536 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:53:16.0472 3536 hidserv - ok
19:53:16.0519 3536 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:53:16.0550 3536 HidUsb - ok
19:53:16.0581 3536 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:53:16.0628 3536 hkmsvc - ok
19:53:16.0659 3536 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:53:16.0706 3536 HomeGroupListener - ok
19:53:16.0737 3536 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:53:16.0768 3536 HomeGroupProvider - ok
19:53:16.0799 3536 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:53:16.0799 3536 HpSAMD - ok
19:53:16.0877 3536 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:53:16.0940 3536 HTTP - ok
19:53:16.0955 3536 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:53:16.0971 3536 hwpolicy - ok
19:53:16.0987 3536 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:53:17.0002 3536 i8042prt - ok
19:53:17.0049 3536 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
19:53:17.0080 3536 iaStorV - ok
19:53:17.0205 3536 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:53:17.0221 3536 idsvc - ok
19:53:17.0236 3536 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:53:17.0236 3536 iirsp - ok
19:53:17.0314 3536 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:53:17.0377 3536 IKEEXT - ok
19:53:17.0579 3536 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
19:53:17.0611 3536 IntcAzAudAddService - ok
19:53:17.0720 3536 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:53:17.0735 3536 intelide - ok
19:53:17.0767 3536 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
19:53:17.0798 3536 intelppm - ok
19:53:17.0829 3536 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:53:17.0876 3536 IPBusEnum - ok
19:53:17.0891 3536 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:53:17.0907 3536 IpFilterDriver - ok
19:53:17.0969 3536 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:53:18.0047 3536 iphlpsvc - ok
19:53:18.0079 3536 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:53:18.0079 3536 IPMIDRV - ok
19:53:18.0094 3536 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:53:18.0141 3536 IPNAT - ok
19:53:18.0157 3536 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:53:18.0188 3536 IRENUM - ok
19:53:18.0203 3536 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:53:18.0219 3536 isapnp - ok
19:53:18.0235 3536 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:53:18.0250 3536 iScsiPrt - ok
19:53:18.0266 3536 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:53:18.0281 3536 kbdclass - ok
19:53:18.0297 3536 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:53:18.0313 3536 kbdhid - ok
19:53:18.0344 3536 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:53:18.0375 3536 KeyIso - ok
19:53:18.0391 3536 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:53:18.0422 3536 KSecDD - ok
19:53:18.0437 3536 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:53:18.0453 3536 KSecPkg - ok
19:53:18.0469 3536 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:53:18.0531 3536 ksthunk - ok
19:53:18.0562 3536 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:53:18.0609 3536 KtmRm - ok
19:53:18.0671 3536 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:53:18.0734 3536 LanmanServer - ok
19:53:18.0859 3536 LanmanWorkstation (8894127d3e00b885bb5611d35d6de529) C:\Windows\System32\aptw5h2td.dll
19:53:18.0890 3536 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning
19:53:18.0890 3536 LanmanWorkstation - detected UnsignedFile.Multi.Generic (1)
19:53:18.0937 3536 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:53:19.0015 3536 lltdio - ok
19:53:19.0061 3536 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:53:19.0139 3536 lltdsvc - ok
19:53:19.0171 3536 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:53:19.0233 3536 lmhosts - ok
19:53:19.0264 3536 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:53:19.0295 3536 LSI_FC - ok
19:53:19.0311 3536 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:53:19.0327 3536 LSI_SAS - ok
19:53:19.0342 3536 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:53:19.0358 3536 LSI_SAS2 - ok
19:53:19.0358 3536 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:53:19.0373 3536 LSI_SCSI - ok
19:53:19.0389 3536 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:53:19.0436 3536 luafv - ok
19:53:19.0483 3536 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:53:19.0514 3536 MBAMProtector - ok
19:53:19.0607 3536 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:53:19.0639 3536 MBAMService - ok
19:53:19.0670 3536 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:53:19.0701 3536 Mcx2Svc - ok
19:53:19.0717 3536 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:53:19.0732 3536 megasas - ok
19:53:19.0779 3536 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:53:19.0810 3536 MegaSR - ok
19:53:19.0857 3536 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:53:19.0904 3536 MMCSS - ok
19:53:19.0935 3536 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:53:19.0982 3536 Modem - ok
19:53:19.0997 3536 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:53:20.0044 3536 monitor - ok
19:53:20.0075 3536 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:53:20.0091 3536 mouclass - ok
19:53:20.0091 3536 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:53:20.0122 3536 mouhid - ok
19:53:20.0138 3536 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:53:20.0169 3536 mountmgr - ok
19:53:20.0185 3536 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:53:20.0200 3536 mpio - ok
19:53:20.0200 3536 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:53:20.0231 3536 mpsdrv - ok
19:53:20.0309 3536 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:53:20.0356 3536 MpsSvc - ok
19:53:20.0372 3536 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:53:20.0387 3536 MRxDAV - ok
19:53:20.0419 3536 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:53:20.0481 3536 mrxsmb - ok
19:53:20.0497 3536 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:53:20.0512 3536 mrxsmb10 - ok
19:53:20.0528 3536 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:53:20.0543 3536 mrxsmb20 - ok
19:53:20.0559 3536 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:53:20.0575 3536 msahci - ok
19:53:20.0590 3536 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:53:20.0606 3536 msdsm - ok
19:53:20.0637 3536 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:53:20.0684 3536 MSDTC - ok
19:53:20.0699 3536 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:53:20.0762 3536 Msfs - ok
19:53:20.0793 3536 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:53:20.0855 3536 mshidkmdf - ok
19:53:20.0871 3536 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:53:20.0871 3536 msisadrv - ok
19:53:20.0902 3536 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:53:20.0980 3536 MSiSCSI - ok
19:53:20.0980 3536 msiserver - ok
19:53:21.0011 3536 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:53:21.0058 3536 MSKSSRV - ok
19:53:21.0074 3536 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:53:21.0121 3536 MSPCLOCK - ok
19:53:21.0136 3536 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:53:21.0167 3536 MSPQM - ok
19:53:21.0214 3536 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:53:21.0230 3536 MsRPC - ok
19:53:21.0245 3536 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:53:21.0261 3536 mssmbios - ok
19:53:21.0261 3536 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:53:21.0308 3536 MSTEE - ok
19:53:21.0323 3536 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:53:21.0323 3536 MTConfig - ok
19:53:21.0355 3536 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
19:53:21.0355 3536 MTsensor - ok
19:53:21.0370 3536 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:53:21.0370 3536 Mup - ok
19:53:21.0417 3536 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:53:21.0464 3536 napagent - ok
19:53:21.0511 3536 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:53:21.0573 3536 NativeWifiP - ok
19:53:21.0667 3536 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:53:21.0698 3536 NDIS - ok
19:53:21.0713 3536 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:53:21.0760 3536 NdisCap - ok
19:53:21.0791 3536 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:53:21.0823 3536 NdisTapi - ok
19:53:21.0838 3536 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:53:21.0885 3536 Ndisuio - ok
19:53:21.0901 3536 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:53:21.0963 3536 NdisWan - ok
19:53:21.0979 3536 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:53:22.0010 3536 NDProxy - ok
19:53:22.0025 3536 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:53:22.0057 3536 NetBIOS - ok
19:53:22.0088 3536 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:53:22.0119 3536 NetBT - ok
19:53:22.0135 3536 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:53:22.0135 3536 Netlogon - ok
19:53:22.0197 3536 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:53:22.0244 3536 Netman - ok
19:53:22.0275 3536 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:53:22.0322 3536 netprofm - ok
19:53:22.0415 3536 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:53:22.0431 3536 NetTcpPortSharing - ok
19:53:22.0462 3536 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:53:22.0462 3536 nfrd960 - ok
19:53:22.0509 3536 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:53:22.0571 3536 NlaSvc - ok
19:53:22.0587 3536 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:53:22.0603 3536 Npfs - ok
19:53:22.0618 3536 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:53:22.0665 3536 nsi - ok
19:53:22.0681 3536 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:53:22.0712 3536 nsiproxy - ok
19:53:22.0837 3536 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
19:53:22.0868 3536 Ntfs - ok
19:53:23.0024 3536 ntiopnp (69e894c5a09c6a6e6372e35653bb05f3) C:\Windows\system32\drivers\ntiopnp.sys
19:53:23.0055 3536 ntiopnp - ok
19:53:23.0086 3536 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:53:23.0133 3536 Null - ok
19:53:23.0180 3536 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
19:53:23.0195 3536 nvraid - ok
19:53:23.0211 3536 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
19:53:23.0227 3536 nvstor - ok
19:53:23.0258 3536 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:53:23.0258 3536 nv_agp - ok
19:53:23.0273 3536 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:53:23.0305 3536 ohci1394 - ok
19:53:23.0351 3536 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:53:23.0398 3536 p2pimsvc - ok
19:53:23.0445 3536 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:53:23.0476 3536 p2psvc - ok
19:53:23.0523 3536 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:53:23.0554 3536 Parport - ok
19:53:23.0570 3536 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:53:23.0585 3536 partmgr - ok
19:53:23.0601 3536 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:53:23.0648 3536 PcaSvc - ok
19:53:23.0648 3536 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:53:23.0663 3536 pci - ok
19:53:23.0695 3536 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:53:23.0695 3536 pciide - ok
19:53:23.0726 3536 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:53:23.0741 3536 pcmcia - ok
19:53:23.0741 3536 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:53:23.0757 3536 pcw - ok
19:53:23.0788 3536 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:53:23.0835 3536 PEAUTH - ok
19:53:23.0913 3536 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:53:23.0929 3536 PerfHost - ok
19:53:24.0038 3536 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:53:24.0100 3536 pla - ok
19:53:24.0163 3536 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:53:24.0194 3536 PlugPlay - ok
19:53:24.0209 3536 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:53:24.0241 3536 PNRPAutoReg - ok
19:53:24.0272 3536 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:53:24.0287 3536 PNRPsvc - ok
19:53:24.0350 3536 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:53:24.0397 3536 PolicyAgent - ok
19:53:24.0443 3536 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:53:24.0475 3536 Power - ok
19:53:24.0802 3536 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:53:24.0865 3536 PptpMiniport - ok
19:53:24.0896 3536 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:53:24.0927 3536 Processor - ok
19:53:24.0974 3536 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:53:25.0052 3536 ProfSvc - ok
19:53:25.0083 3536 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:53:25.0083 3536 ProtectedStorage - ok
19:53:25.0114 3536 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:53:25.0161 3536 Psched - ok
19:53:25.0255 3536 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:53:25.0286 3536 ql2300 - ok
19:53:25.0426 3536 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:53:25.0442 3536 ql40xx - ok
19:53:25.0489 3536 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:53:25.0504 3536 QWAVE - ok
19:53:25.0520 3536 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:53:25.0567 3536 QWAVEdrv - ok
19:53:25.0582 3536 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:53:25.0629 3536 RasAcd - ok
19:53:25.0707 3536 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:53:25.0754 3536 RasAgileVpn - ok
19:53:25.0754 3536 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:53:25.0785 3536 RasAuto - ok
19:53:25.0816 3536 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:53:25.0847 3536 Rasl2tp - ok
19:53:25.0894 3536 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:53:25.0910 3536 RasMan - ok
19:53:25.0925 3536 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:53:25.0957 3536 RasPppoe - ok
19:53:25.0957 3536 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:53:25.0988 3536 RasSstp - ok
19:53:26.0035 3536 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:53:26.0050 3536 rdbss - ok
19:53:26.0066 3536 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:53:26.0097 3536 rdpbus - ok
19:53:26.0128 3536 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:53:26.0175 3536 RDPCDD - ok
19:53:26.0191 3536 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:53:26.0237 3536 RDPENCDD - ok
19:53:26.0237 3536 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:53:26.0269 3536 RDPREFMP - ok
19:53:26.0300 3536 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:53:26.0331 3536 RDPWD - ok
19:53:26.0378 3536 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:53:26.0393 3536 rdyboost - ok
19:53:26.0409 3536 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:53:26.0456 3536 RemoteAccess - ok
19:53:26.0503 3536 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:53:26.0534 3536 RemoteRegistry - ok
19:53:26.0549 3536 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:53:26.0596 3536 RpcEptMapper - ok
19:53:26.0627 3536 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:53:26.0659 3536 RpcLocator - ok
19:53:26.0705 3536 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:53:26.0752 3536 RpcSs - ok
19:53:26.0783 3536 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:53:26.0799 3536 rspndr - ok
19:53:26.0846 3536 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:53:26.0861 3536 RTL8167 - ok
19:53:26.0877 3536 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:53:26.0893 3536 SamSs - ok
19:53:26.0908 3536 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:53:26.0924 3536 sbp2port - ok
19:53:26.0955 3536 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:53:27.0002 3536 SCardSvr - ok
19:53:27.0002 3536 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:53:27.0033 3536 scfilter - ok
19:53:27.0111 3536 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:53:27.0158 3536 Schedule - ok
19:53:27.0173 3536 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:53:27.0189 3536 SCPolicySvc - ok
19:53:27.0220 3536 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:53:27.0267 3536 SDRSVC - ok
19:53:27.0329 3536 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:53:27.0376 3536 secdrv - ok
19:53:27.0392 3536 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:53:27.0407 3536 seclogon - ok
19:53:27.0439 3536 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:53:27.0470 3536 SENS - ok
19:53:27.0485 3536 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:53:27.0501 3536 SensrSvc - ok
19:53:27.0517 3536 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:53:27.0532 3536 Serenum - ok
19:53:27.0563 3536 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:53:27.0595 3536 Serial - ok
19:53:27.0626 3536 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:53:27.0657 3536 sermouse - ok
19:53:27.0704 3536 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:53:27.0766 3536 SessionEnv - ok
19:53:27.0782 3536 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:53:27.0797 3536 sffdisk - ok
19:53:27.0797 3536 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:53:27.0829 3536 sffp_mmc - ok
19:53:27.0829 3536 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:53:27.0860 3536 sffp_sd - ok
19:53:27.0860 3536 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:53:27.0875 3536 sfloppy - ok
19:53:27.0938 3536 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:53:28.0000 3536 SharedAccess - ok
19:53:28.0047 3536 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:53:28.0078 3536 ShellHWDetection - ok
19:53:28.0094 3536 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:53:28.0094 3536 SiSRaid2 - ok
19:53:28.0109 3536 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:53:28.0125 3536 SiSRaid4 - ok
19:53:28.0141 3536 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:53:28.0187 3536 Smb - ok
19:53:28.0219 3536 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:53:28.0265 3536 SNMPTRAP - ok
19:53:28.0343 3536 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
19:53:28.0359 3536 speedfan - ok
19:53:28.0375 3536 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:53:28.0390 3536 spldr - ok
19:53:28.0421 3536 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:53:28.0453 3536 Spooler - ok
19:53:28.0702 3536 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:53:28.0796 3536 sppsvc - ok
19:53:28.0889 3536 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:53:28.0936 3536 sppuinotify - ok
19:53:28.0999 3536 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:53:29.0061 3536 srv - ok
19:53:29.0123 3536 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:53:29.0155 3536 srv2 - ok
19:53:29.0186 3536 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:53:29.0186 3536 srvnet - ok
19:53:29.0248 3536 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:53:29.0295 3536 SSDPSRV - ok
19:53:29.0295 3536 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:53:29.0311 3536 SstpSvc - ok
19:53:29.0373 3536 Steam Client Service - ok
19:53:29.0404 3536 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:53:29.0435 3536 stexstor - ok
19:53:29.0498 3536 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:53:29.0545 3536 stisvc - ok
19:53:29.0560 3536 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:53:29.0576 3536 swenum - ok
19:53:29.0623 3536 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:53:29.0669 3536 swprv - ok
19:53:29.0763 3536 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:53:29.0810 3536 SysMain - ok
19:53:29.0966 3536 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:53:30.0013 3536 TabletInputService - ok
19:53:30.0059 3536 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:53:30.0137 3536 TapiSrv - ok
19:53:30.0169 3536 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:53:30.0184 3536 TBS - ok
19:53:30.0356 3536 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:53:30.0387 3536 Tcpip - ok
19:53:30.0637 3536 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:53:30.0668 3536 TCPIP6 - ok
19:53:30.0730 3536 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:53:30.0793 3536 tcpipreg - ok
19:53:30.0824 3536 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:53:30.0839 3536 TDPIPE - ok
19:53:30.0871 3536 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:53:30.0902 3536 TDTCP - ok
19:53:30.0933 3536 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:53:31.0011 3536 tdx - ok
19:53:31.0011 3536 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:53:31.0027 3536 TermDD - ok
19:53:31.0105 3536 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:53:31.0167 3536 TermService - ok
19:53:31.0183 3536 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:53:31.0198 3536 Themes - ok
19:53:31.0229 3536 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:53:31.0261 3536 THREADORDER - ok
19:53:31.0276 3536 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:53:31.0307 3536 TrkWks - ok
19:53:31.0354 3536 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:53:31.0417 3536 TrustedInstaller - ok
19:53:31.0432 3536 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:53:31.0463 3536 tssecsrv - ok
19:53:31.0495 3536 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:53:31.0526 3536 TsUsbFlt - ok
19:53:31.0541 3536 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:53:31.0588 3536 TsUsbGD - ok
19:53:31.0635 3536 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:53:31.0697 3536 tunnel - ok
19:53:31.0713 3536 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:53:31.0729 3536 uagp35 - ok
19:53:31.0760 3536 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:53:31.0775 3536 udfs - ok
19:53:31.0807 3536 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:53:31.0822 3536 UI0Detect - ok
19:53:31.0838 3536 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:53:31.0838 3536 uliagpkx - ok
19:53:31.0869 3536 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:53:31.0885 3536 umbus - ok
19:53:31.0900 3536 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:53:31.0947 3536 UmPass - ok
19:53:31.0947 3536 Update-Service - ok
19:53:31.0994 3536 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:53:32.0056 3536 upnphost - ok
19:53:32.0072 3536 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
19:53:32.0103 3536 usbccgp - ok
19:53:32.0134 3536 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:53:32.0150 3536 usbcir - ok
19:53:32.0165 3536 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys
19:53:32.0212 3536 usbehci - ok
19:53:32.0275 3536 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys
19:53:32.0306 3536 usbhub - ok
19:53:32.0321 3536 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
19:53:32.0337 3536 usbohci - ok
19:53:32.0353 3536 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:53:32.0384 3536 usbprint - ok
19:53:32.0415 3536 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:53:32.0431 3536 USBSTOR - ok
19:53:32.0446 3536 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
19:53:32.0477 3536 usbuhci - ok
19:53:32.0509 3536 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:53:32.0571 3536 UxSms - ok
19:53:32.0602 3536 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:53:32.0618 3536 VaultSvc - ok
19:53:32.0633 3536 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:53:32.0649 3536 vdrvroot - ok
19:53:32.0696 3536 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:53:32.0743 3536 vds - ok
19:53:32.0774 3536 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:53:32.0789 3536 vga - ok
19:53:32.0805 3536 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:53:32.0836 3536 VgaSave - ok
19:53:32.0867 3536 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:53:32.0883 3536 vhdmp - ok
19:53:32.0899 3536 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:53:32.0899 3536 viaide - ok
19:53:32.0914 3536 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:53:32.0930 3536 volmgr - ok
19:53:32.0961 3536 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:53:32.0977 3536 volmgrx - ok
19:53:33.0008 3536 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:53:33.0008 3536 volsnap - ok
19:53:33.0039 3536 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:53:33.0055 3536 vsmraid - ok
19:53:33.0164 3536 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:53:33.0226 3536 VSS - ok
19:53:33.0335 3536 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
19:53:33.0382 3536 vwifibus - ok
19:53:33.0445 3536 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:53:33.0491 3536 W32Time - ok
19:53:33.0507 3536 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:53:33.0523 3536 WacomPen - ok
19:53:33.0569 3536 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:53:33.0616 3536 WANARP - ok
19:53:33.0632 3536 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:53:33.0663 3536 Wanarpv6 - ok
19:53:33.0772 3536 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:53:33.0803 3536 WatAdminSvc - ok
19:53:33.0913 3536 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:53:33.0991 3536 wbengine - ok
19:53:34.0084 3536 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:53:34.0115 3536 WbioSrvc - ok
19:53:34.0162 3536 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:53:34.0193 3536 wcncsvc - ok
19:53:34.0209 3536 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:53:34.0240 3536 WcsPlugInService - ok
19:53:34.0287 3536 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:53:34.0303 3536 Wd - ok
19:53:34.0349 3536 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:53:34.0396 3536 Wdf01000 - ok
19:53:34.0412 3536 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:53:34.0490 3536 WdiServiceHost - ok
19:53:34.0490 3536 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:53:34.0505 3536 WdiSystemHost - ok
19:53:34.0537 3536 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:53:34.0552 3536 WebClient - ok
19:53:34.0568 3536 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:53:34.0599 3536 Wecsvc - ok
19:53:34.0615 3536 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:53:34.0630 3536 wercplsupport - ok
19:53:34.0646 3536 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:53:34.0677 3536 WerSvc - ok
19:53:34.0724 3536 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:53:34.0771 3536 WfpLwf - ok
19:53:34.0786 3536 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:53:34.0802 3536 WIMMount - ok
19:53:34.0817 3536 WinDefend - ok
19:53:34.0817 3536 WinHttpAutoProxySvc - ok
19:53:34.0864 3536 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:53:34.0880 3536 Winmgmt - ok
19:53:35.0067 3536 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:53:35.0129 3536 WinRM - ok
19:53:35.0239 3536 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:53:35.0270 3536 WinUsb - ok
19:53:35.0348 3536 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:53:35.0379 3536 Wlansvc - ok
19:53:35.0410 3536 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:53:35.0426 3536 WmiAcpi - ok
19:53:35.0488 3536 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:53:35.0535 3536 wmiApSrv - ok
19:53:35.0582 3536 WMPNetworkSvc - ok
19:53:35.0613 3536 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:53:35.0644 3536 WPCSvc - ok
19:53:35.0675 3536 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:53:35.0691 3536 WPDBusEnum - ok
19:53:35.0707 3536 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:53:35.0722 3536 ws2ifsl - ok
19:53:35.0738 3536 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:53:35.0785 3536 wscsvc - ok
19:53:35.0800 3536 WSearch - ok
19:53:35.0972 3536 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:53:36.0050 3536 wuauserv - ok
19:53:36.0175 3536 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:53:36.0253 3536 WudfPf - ok
19:53:36.0299 3536 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:53:36.0346 3536 WUDFRd - ok
19:53:36.0377 3536 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:53:36.0393 3536 wudfsvc - ok
19:53:36.0424 3536 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:53:36.0440 3536 WwanSvc - ok
19:53:36.0471 3536 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:53:36.0580 3536 \Device\Harddisk0\DR0 - ok
19:53:36.0596 3536 Boot (0x1200) (4677957391e86b8b5f4ad1eb4d7e8860) \Device\Harddisk0\DR0\Partition0
19:53:36.0596 3536 \Device\Harddisk0\DR0\Partition0 - ok
19:53:36.0627 3536 Boot (0x1200) (c85f178e05abb4c41ceea2483385973b) \Device\Harddisk0\DR0\Partition1
19:53:36.0627 3536 \Device\Harddisk0\DR0\Partition1 - ok
19:53:36.0627 3536 ============================================================
19:53:36.0627 3536 Scan finished
19:53:36.0627 3536 ============================================================
19:53:36.0643 2916 Detected object count: 2
19:53:36.0643 2916 Actual detected object count: 2
19:53:56.0174 2916 CPUCooLServer ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:56.0174 2916 CPUCooLServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:53:56.0190 2916 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user
19:53:56.0190 2916 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.04.2012, 12:26
| #20 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.04.2012, 14:04
| #21 |
| | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7Code:
ATTFilter ComboFix 12-04-31.02 - Julian 30.04.2012 14:59:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8190.6852 [GMT 2:00]
ausgeführt von:: c:\users\Julian\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\hg5xs67k.default\weave\toFetch
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-28 bis 2012-04-30 ))))))))))))))))))))))))))))))
.
.
2012-04-30 13:02 . 2012-04-30 13:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-30 08:56 . 2012-04-30 08:56 -------- d-----w- c:\programdata\ATI
2012-04-30 08:56 . 2012-04-30 08:56 -------- d-----w- c:\program files (x86)\AMD AVT
2012-04-30 08:56 . 2012-04-30 08:56 -------- d-----w- c:\program files (x86)\AMD APP
2012-04-30 08:51 . 2012-04-30 08:51 -------- d-----w- C:\AMD
2012-04-29 17:25 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{070E51FC-72CA-4E1D-B85B-3E394850B04B}\mpengine.dll
2012-04-22 07:40 . 2012-04-22 07:40 289280 ----a-w- c:\windows\system32\aptw5h2td.dll
2012-04-21 14:18 . 2012-04-21 14:18 -------- d-----w- c:\users\Julian\Users
2012-04-21 13:56 . 2012-04-21 13:56 -------- d-----w- C:\_OTL
2012-04-14 15:40 . 2012-04-14 15:40 -------- d-----w- c:\program files (x86)\Secure Banking
2012-04-14 14:50 . 2012-04-14 14:50 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-04-14 14:50 . 2012-04-14 14:50 -------- d-----w- c:\program files (x86)\Java
2012-04-14 13:50 . 2012-04-14 13:50 -------- d-----w- c:\program files (x86)\ESET
2012-04-10 15:38 . 2012-04-14 15:38 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-10 14:45 . 2012-04-14 15:39 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-09 14:55 . 2012-04-09 14:55 -------- d-----w- c:\program files\7-Zip
2012-04-09 14:14 . 2012-04-09 14:14 -------- d-----w- c:\users\Julian\AppData\Roaming\QuickScan
2012-04-09 14:09 . 2012-04-09 14:09 -------- d-----w- c:\users\Julian\AppData\Roaming\Malwarebytes
2012-04-09 14:09 . 2012-04-09 14:09 -------- d-----w- c:\programdata\Malwarebytes
2012-04-09 14:09 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-09 14:09 . 2012-04-14 13:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-06 05:22 . 2012-04-06 05:22 11174400 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-04-06 02:22 . 2012-04-06 02:22 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-04-06 02:16 . 2012-04-06 02:16 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-04-06 02:16 . 2012-04-06 02:16 503808 ----a-w- c:\windows\system32\atieclxx.exe
2012-04-06 02:16 . 2012-04-06 02:16 236544 ----a-w- c:\windows\system32\atiesrxx.exe
2012-04-06 02:14 . 2012-04-06 02:14 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-04-06 02:14 . 2012-04-06 02:14 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-04-06 02:14 . 2012-04-06 02:14 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-04-06 02:14 . 2012-04-06 02:14 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-04-06 02:10 . 2012-04-06 02:10 26181632 ----a-w- c:\windows\system32\atio6axx.dll
2012-04-06 01:50 . 2012-04-06 01:50 19753984 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-04-06 01:35 . 2012-04-06 01:35 1120768 ----a-w- c:\windows\system32\atiumd6v.dll
2012-04-06 01:34 . 2012-04-06 01:34 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-04-06 01:34 . 2012-04-06 01:34 4731904 ----a-w- c:\windows\system32\atiumd6a.dll
2012-04-06 01:34 . 2012-04-06 01:34 6203392 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-04-06 01:30 . 2012-04-06 01:30 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-04-06 01:30 . 2012-04-06 01:30 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-04-06 01:30 . 2012-04-06 01:30 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-04-06 01:30 . 2012-04-06 01:30 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-04-06 01:29 . 2012-04-06 01:29 16090624 ----a-w- c:\windows\system32\aticaldd64.dll
2012-04-06 01:25 . 2012-04-06 01:25 13764096 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-04-06 01:23 . 2012-04-06 01:23 7431680 ----a-w- c:\windows\system32\atiumd64.dll
2012-04-06 01:22 . 2012-04-06 01:22 4795904 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-04-06 01:11 . 2012-04-06 01:11 514560 ----a-w- c:\windows\system32\atiadlxx.dll
2012-04-06 01:11 . 2012-04-06 01:11 360448 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-04-06 01:11 . 2012-04-06 01:11 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2012-04-06 01:11 . 2012-04-06 01:11 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-04-06 01:11 . 2012-04-06 01:11 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-04-06 01:11 . 2012-04-06 01:11 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-04-06 01:10 . 2012-04-06 01:10 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-04-06 01:10 . 2012-04-06 01:10 343040 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-04-06 01:09 . 2012-04-06 01:09 44544 ----a-w- c:\windows\system32\atiu9p64.dll
2012-04-06 01:09 . 2012-04-06 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-04-06 01:06 . 2012-04-06 01:06 54784 ----a-w- c:\windows\system32\atimpc64.dll
2012-04-06 01:06 . 2012-04-06 01:06 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2012-04-06 01:06 . 2012-04-06 01:06 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-04-06 01:06 . 2012-04-06 01:06 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-04-05 20:34 . 2012-04-05 20:34 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-04-05 20:34 . 2012-04-05 20:34 74752 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-04-05 20:34 . 2012-04-05 20:34 64512 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-04-05 20:33 . 2012-04-05 20:33 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-04-05 20:33 . 2012-04-05 20:33 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-04-05 20:33 . 2012-04-05 20:33 16457216 ----a-w- c:\windows\system32\amdocl64.dll
2012-04-05 20:32 . 2012-04-05 20:32 13007872 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-04-05 20:32 . 2012-04-05 20:32 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-04-05 20:32 . 2012-04-05 20:32 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 15:39 . 2011-12-24 22:07 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-14 14:50 . 2011-12-24 22:34 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-06 02:21 . 2011-09-08 17:34 909312 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-04-06 02:20 . 2011-09-08 17:32 1067520 ----a-w- c:\windows\system32\aticfx64.dll
2012-04-06 02:13 . 2011-09-08 17:24 6800896 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-04-06 02:00 . 2011-12-24 21:50 64000 ----a-w- c:\windows\system32\coinst.dll
2012-04-06 01:54 . 2011-09-08 17:16 7479296 ----a-w- c:\windows\system32\atidxx64.dll
2012-04-06 01:09 . 2011-09-08 16:52 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-04-06 01:09 . 2011-09-08 16:51 41984 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-04-06 01:09 . 2011-09-08 16:51 32256 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-03-09 12:07 . 2012-03-09 12:07 29184 ----a-w- c:\windows\system32\kdbsdk64.dll
2012-03-09 12:06 . 2012-03-09 12:06 24576 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2012-02-26 16:48 . 2012-02-26 16:48 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-26 16:48 . 2012-02-26 16:48 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-26 16:48 . 2012-02-26 16:48 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-02-26 16:48 . 2012-02-26 16:48 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-02-26 16:48 . 2012-02-26 16:48 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-02-26 16:48 . 2012-02-26 16:48 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-02-26 16:48 . 2012-02-26 16:48 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-02-26 16:48 . 2012-02-26 16:48 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-02-26 16:48 . 2012-02-26 16:48 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-02-26 16:48 . 2012-02-26 16:48 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-02-26 16:48 . 2012-02-26 16:48 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-26 16:48 . 2012-02-26 16:48 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-02-26 16:48 . 2012-02-26 16:48 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-02-26 16:48 . 2012-02-26 16:48 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-02-26 16:48 . 2012-02-26 16:48 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-02-26 16:48 . 2012-02-26 16:48 222208 ----a-w- c:\windows\system32\msls31.dll
2012-02-26 16:48 . 2012-02-26 16:48 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-26 16:48 . 2012-02-26 16:48 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-02-26 16:48 . 2012-02-26 16:48 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-02-26 16:48 . 2012-02-26 16:48 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-02-26 16:48 . 2012-02-26 16:48 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-02-26 16:48 . 2012-02-26 16:48 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-26 16:48 . 2012-02-26 16:48 12288 ----a-w- c:\windows\system32\mshta.exe
2012-02-26 16:48 . 2012-02-26 16:48 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-02-26 16:48 . 2012-02-26 16:48 114176 ----a-w- c:\windows\system32\admparse.dll
2012-02-26 16:48 . 2012-02-26 16:48 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-26 16:48 . 2012-02-26 16:48 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-02-26 16:48 . 2012-02-26 16:48 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-02-26 16:48 . 2012-02-26 16:48 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-02-26 16:48 . 2012-02-26 16:48 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-02-26 16:48 . 2012-02-26 16:48 448512 ----a-w- c:\windows\system32\html.iec
2012-02-26 16:48 . 2012-02-26 16:48 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-26 16:48 . 2012-02-26 16:48 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-02-26 16:48 . 2012-02-26 16:48 160256 ----a-w- c:\windows\system32\wextract.exe
2012-02-23 12:32 . 2012-02-23 12:32 95760 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2012-02-23 08:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-17 06:38 . 2012-03-14 15:20 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 15:20 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 15:20 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 15:20 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-15 18:29 . 2011-12-24 22:20 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-02-10 06:36 . 2012-03-14 15:24 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 05:38 . 2012-03-14 15:24 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-02-03 04:34 . 2012-03-14 15:24 3145728 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-11-21 01:18 1515688 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-11-21 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-03-29 1242448]
"SecureBanking"="c:\program files (x86)\Secure Banking\v1.4\SecureBanking.exe" [2012-03-11 294912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-11-21 901800]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 Update-Service;Update-Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-05 361984]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-12-15 463824]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Update-Service-Installer-Service REG_MULTI_SZ Update-Service-Installer-Service
Update-Service REG_MULTI_SZ Update-Service
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 15:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2780776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://de.ask.com/?l=dis&o=APN10023&gct=hp
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\hg5xs67k.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-30 15:03:33
ComboFix-quarantined-files.txt 2012-04-30 13:03
.
Vor Suchlauf: 10 Verzeichnis(se), 75.902.775.296 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 75.906.555.904 Bytes frei
.
- - End Of File - - CC9D0B55DF120B7244CB1D125E22F5B9
|
|
30.04.2012, 17:22
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.05.2012, 12:05
| #23 |
| | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-05 12:54:44
-----------------------------
12:54:44.380 OS Version: Windows x64 6.1.7601 Service Pack 1
12:54:44.380 Number of processors: 4 586 0xA00
12:54:44.381 ComputerName: JULIAN-PC UserName: Julian
12:54:44.905 Initialize success
12:59:49.896 AVAST engine defs: 12050500
13:00:09.672 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:00:09.674 Disk 0 Vendor: SAMSUNG_HD160JJ/P ZM100-36 Size: 152627MB BusType: 3
13:00:09.691 Disk 0 MBR read successfully
13:00:09.694 Disk 0 MBR scan
13:00:09.698 Disk 0 Windows 7 default MBR code
13:00:09.706 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:00:09.716 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152525 MB offset 206848
13:00:09.767 Disk 0 scanning C:\Windows\system32\drivers
13:00:16.383 Service scanning
13:00:31.496 Modules scanning
13:00:31.510 Disk 0 trace - called modules:
13:00:31.530 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:00:31.538 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007a99790]
13:00:31.878 3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> [0xfffffa800790f9b0]
13:00:31.888 5 ACPI.sys[fffff88000f047a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80079d8060]
13:00:32.370 AVAST engine scan C:\Windows
13:00:34.281 AVAST engine scan C:\Windows\system32
13:02:20.667 AVAST engine scan C:\Windows\system32\drivers
13:02:28.445 AVAST engine scan C:\Users\Julian
13:02:53.801 AVAST engine scan C:\ProgramData
13:04:39.384 Scan finished successfully
13:04:55.238 Disk 0 MBR has been saved successfully to "C:\Users\Julian\Desktop\MBR.dat"
13:04:55.241 The log file has been saved successfully to "C:\Users\Julian\Desktop\aswMBR.txt"
|
|
06.05.2012, 18:14
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.05.2012, 18:15
| #25 |
| | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 Super Anti Spyware Vollscan: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 05/13/2012 at 04:23 PM
Application Version : 5.0.1148
Core Rules Database Version : 8590
Trace Rules Database Version: 6402
Scan type : Complete Scan
Total Scan Time : 00:40:16
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 519
Memory threats detected : 0
Registry items scanned : 63623
Registry threats detected : 0
File items scanned : 149402
File threats detected : 28
Adware.Tracking Cookie
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\julian@doubleclick[1].txt [ /doubleclick ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\julian@eaeacom.112.2o7[1].txt [ /eaeacom.112.2o7 ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\0ACQEGTY.txt [ /ad.zanox.com ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\75WRPHU7.txt [ /apmebf.com ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\RMGZYNIX.txt [ /mediaplex.com ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\GL8FR98S.txt [ /smartadserver.com ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\TTI3JEAI.txt [ /zanox.com ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\EGC8T7FH.txt [ /tracking.quisma.com ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\S2DSTJYS.txt [ /zanox-affiliate.de ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\DWC2XINV.txt [ /fastclick.net ]
C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Cookies\MJ6U4QIQ.txt [ /www.zanox-affiliate.de ]
C:\USERS\JULIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\julian@ad2.adfarm1.adition[1].txt [ Cookie:julian@ad2.adfarm1.adition.com/ ]
C:\USERS\JULIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\julian@vlc-media-player.de.trustloads[2].txt [ Cookie:julian@vlc-media-player.de.trustloads.com/ ]
C:\USERS\JULIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\julian@atdmt[2].txt [ Cookie:julian@atdmt.com/ ]
C:\USERS\JULIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\julian@c.atdmt[2].txt [ Cookie:julian@c.atdmt.com/ ]
C:\USERS\JULIAN\AppData\Roaming\Microsoft\Windows\Cookies\Low\julian@googleads.g.doubleclick[1].txt [ Cookie:julian@googleads.g.doubleclick.net/ ]
C:\USERS\JULIAN\Cookies\0ACQEGTY.txt [ Cookie:julian@ad.zanox.com/ ]
C:\USERS\JULIAN\Cookies\75WRPHU7.txt [ Cookie:julian@apmebf.com/ ]
C:\USERS\JULIAN\Cookies\RMGZYNIX.txt [ Cookie:julian@mediaplex.com/ ]
C:\USERS\JULIAN\Cookies\TTI3JEAI.txt [ Cookie:julian@zanox.com/ ]
C:\USERS\JULIAN\Cookies\EGC8T7FH.txt [ Cookie:julian@tracking.quisma.com/ ]
C:\USERS\JULIAN\Cookies\julian@eaeacom.112.2o7[1].txt [ Cookie:julian@eaeacom.112.2o7.net/ ]
C:\USERS\JULIAN\Cookies\DWC2XINV.txt [ Cookie:julian@fastclick.net/ ]
C:\USERS\JULIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JULIAN@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\JULIAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JULIAN@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
.doubleclick.net [ C:\USERS\JULIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HG5XS67K.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JULIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HG5XS67K.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\JULIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HG5XS67K.DEFAULT\COOKIES.SQLITE ]
Code:
ATTFilter Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.05.13.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Julian :: JULIAN-PC [Administrator] Schutz: Aktiviert 13.05.2012 16:29:57 mbam-log-2012-05-13 (16-29-57).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 284696 Laufzeit: 16 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
14.05.2012, 08:14
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu TR/ATRAPS.Gen und TR/Dropper.Gen7 gefunden - Win7 |
| acrobat update, adobe, antivir, avira searchfree toolbar, canon, converter, defender, desktop, e-banking, explorer, fehlalarm, file, firefox, helper, hijack, hijackthis, home, logfile, mozilla, mp3, pdf, plug-in, realtek, svchost.exe, system, tr/dropper.gen, trojan, usb, windows, windows 7 64 bit, windows 7 home, wmp |
Linear-Darstellung
