| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Telekom verweist auf ZeuS/ZBotWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.11.2012, 18:18
| #1 |
 |  Telekom verweist auf ZeuS/ZBot Hallo zusammen, vor ein paar Tagen wurde ich von der Telekom darauf hingewiesen, dass angeblich ein Computer in unserem Hause durch ZeuS/ZBot infiziert wurde. Auf zwei PCs habe ich mit Malwarebytes oder DE-Cleaner nichts gefunden. Aber auf meinem Laptop hat Malwarebytes 21 infizierte Objekte gefunden, habe die gleich in Quarantäne verschoben. Hier das Logfile: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.09.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Stephan :: STEPHAN-LAPTOP [Administrator] 09.11.2012 16:31:35 mbam-log-2012-11-09 (16-31-35).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 229120 Laufzeit: 5 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 15 HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 6 C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Stephan\AppData\Roaming\Leanol\niteag.exe (Trojan.PWS) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Stephan\Downloads\counter strike setup.exe (PUP.AdBundle) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Stephan\Downloads\SoftonicDownloader_fuer_essentialpim.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Stephan\Downloads\SoftonicDownloader_fuer_firefox.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Michael W Smith.dat (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Defogger habe ich durchlaufen lassen, aber keine Fehlermeldung. Habe auch noch OTL laufen lassen: Die zwei Logfiles davon sind im Anhang. Kann die jemand mal anschauen und analysieren, wäre echt gut. Weiß jetzt nicht ob mein Laptop wieder sauber ist und ob ich meine Passwörter nun ändern sollte. Danke für die Antworten |
|
09.11.2012, 18:36
| #2 | ||
| /// TB-Ausbilder  | Telekom verweist auf ZeuS/ZBot Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich.
Schritt 1: Scan mit aswMBR Schritt 2: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.
__________________ |
|
10.11.2012, 12:23
| #3 |
| | Telekom verweist auf ZeuS/ZBot So Hallo,
__________________erstmal danke für die schnelle Antwort. Hört sich ja nach viel Arbeit an. Aber danke für die Unterstützung. Hab nun die Programme durchlaufen lassen. Hier das Logfile von aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-10 11:56:33
-----------------------------
11:56:33.223 OS Version: Windows x64 6.1.7601 Service Pack 1
11:56:33.223 Number of processors: 2 586 0x170A
11:56:33.239 ComputerName: STEPHAN-LAPTOP UserName: Stephan
11:56:36.452 Initialize success
12:00:44.022 AVAST engine defs: 12110900
12:00:56.923 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:00:56.923 Disk 0 Vendor: ST9500420AS 0006HPM1 Size: 476940MB BusType: 11
12:00:56.939 Disk 0 MBR read successfully
12:00:56.939 Disk 0 MBR scan
12:00:56.939 Disk 0 Windows 7 default MBR code
12:00:56.955 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:00:56.970 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 245306 MB offset 206848
12:00:56.986 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 231531 MB offset 502593536
12:00:57.033 Disk 0 scanning C:\Windows\system32\drivers
12:01:08.904 Service scanning
12:01:31.056 Modules scanning
12:01:31.056 Disk 0 trace - called modules:
12:01:31.072 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:01:31.088 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c42790]
12:01:31.088 3 CLASSPNP.SYS[fffff8800185543f] -> nt!IofCallDriver -> [0xfffffa8004c42040]
12:01:31.103 5 hpdskflt.sys[fffff8800121d189] -> nt!IofCallDriver -> [0xfffffa8004abf520]
12:01:31.103 7 ACPI.sys[fffff88000fb17a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004ab11f0]
12:01:32.320 AVAST engine scan C:\Windows
12:01:34.941 AVAST engine scan C:\Windows\system32
12:04:37.570 AVAST engine scan C:\Windows\system32\drivers
12:04:52.094 AVAST engine scan C:\Users\Stephan
12:13:55.224 AVAST engine scan C:\ProgramData
12:15:22.288 Scan finished successfully
12:15:42.350 Disk 0 MBR has been saved successfully to "C:\Users\Stephan\Desktop\MBR.dat"
12:15:42.365 The log file has been saved successfully to "C:\Users\Stephan\Desktop\aswMBR.txt"
Nun das Logfile von TDSS-Killer: Code:
ATTFilter 12:18:37.0075 4972 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:18:37.0465 4972 ============================================================
12:18:37.0465 4972 Current date / time: 2012/11/10 12:18:37.0465
12:18:37.0465 4972 SystemInfo:
12:18:37.0465 4972
12:18:37.0465 4972 OS Version: 6.1.7601 ServicePack: 1.0
12:18:37.0465 4972 Product type: Workstation
12:18:37.0465 4972 ComputerName: STEPHAN-LAPTOP
12:18:37.0465 4972 UserName: Stephan
12:18:37.0465 4972 Windows directory: C:\Windows
12:18:37.0465 4972 System windows directory: C:\Windows
12:18:37.0465 4972 Running under WOW64
12:18:37.0465 4972 Processor architecture: Intel x64
12:18:37.0465 4972 Number of processors: 2
12:18:37.0465 4972 Page size: 0x1000
12:18:37.0465 4972 Boot type: Normal boot
12:18:37.0465 4972 ============================================================
12:18:38.0511 4972 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:18:38.0511 4972 ============================================================
12:18:38.0511 4972 \Device\Harddisk0\DR0:
12:18:38.0526 4972 MBR partitions:
12:18:38.0526 4972 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:18:38.0526 4972 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DF1D000
12:18:38.0526 4972 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1DF4F800, BlocksNum 0x1C435800
12:18:38.0526 4972 ============================================================
12:18:38.0557 4972 C: <-> \Device\Harddisk0\DR0\Partition2
12:18:38.0589 4972 D: <-> \Device\Harddisk0\DR0\Partition3
12:18:38.0589 4972 ============================================================
12:18:38.0589 4972 Initialize success
12:18:38.0589 4972 ============================================================
12:19:05.0686 2456 ============================================================
12:19:05.0686 2456 Scan started
12:19:05.0686 2456 Mode: Manual; TDLFS;
12:19:05.0686 2456 ============================================================
12:19:06.0201 2456 ================ Scan system memory ========================
12:19:06.0201 2456 System memory - ok
12:19:06.0201 2456 ================ Scan services =============================
12:19:06.0310 2456 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:19:06.0325 2456 1394ohci - ok
12:19:06.0357 2456 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
12:19:06.0357 2456 Accelerometer - ok
12:19:06.0388 2456 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
12:19:06.0403 2456 acedrv11 - ok
12:19:06.0419 2456 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:19:06.0419 2456 ACPI - ok
12:19:06.0435 2456 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:19:06.0435 2456 AcpiPmi - ok
12:19:06.0481 2456 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
12:19:06.0481 2456 adfs - ok
12:19:06.0575 2456 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:19:06.0591 2456 AdobeARMservice - ok
12:19:06.0700 2456 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:19:06.0715 2456 AdobeFlashPlayerUpdateSvc - ok
12:19:06.0747 2456 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:19:06.0762 2456 adp94xx - ok
12:19:06.0793 2456 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:19:06.0793 2456 adpahci - ok
12:19:06.0825 2456 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:19:06.0825 2456 adpu320 - ok
12:19:06.0871 2456 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:19:06.0871 2456 AeLookupSvc - ok
12:19:06.0949 2456 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
12:19:06.0949 2456 AESTFilters - ok
12:19:07.0012 2456 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:19:07.0027 2456 AFD - ok
12:19:07.0059 2456 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:19:07.0059 2456 agp440 - ok
12:19:07.0074 2456 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:19:07.0074 2456 ALG - ok
12:19:07.0090 2456 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:19:07.0090 2456 aliide - ok
12:19:07.0137 2456 [ C8A4C897AB335D885D0ECB9357D1638F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:19:07.0137 2456 AMD External Events Utility - ok
12:19:07.0152 2456 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:19:07.0152 2456 amdide - ok
12:19:07.0168 2456 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:19:07.0183 2456 AmdK8 - ok
12:19:07.0355 2456 [ 85193E1BCEFE65D0A1BEFD4FDA9180F9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:19:07.0558 2456 amdkmdag - ok
12:19:07.0605 2456 [ 60AB0B979198DA597B7251B3C7444F7E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:19:07.0605 2456 amdkmdap - ok
12:19:07.0620 2456 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:19:07.0620 2456 AmdPPM - ok
12:19:07.0651 2456 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:19:07.0651 2456 amdsata - ok
12:19:07.0683 2456 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:19:07.0683 2456 amdsbs - ok
12:19:07.0698 2456 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:19:07.0698 2456 amdxata - ok
12:19:07.0729 2456 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:19:07.0729 2456 AppID - ok
12:19:07.0745 2456 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:19:07.0745 2456 AppIDSvc - ok
12:19:07.0761 2456 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:19:07.0776 2456 Appinfo - ok
12:19:07.0807 2456 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:19:07.0807 2456 arc - ok
12:19:07.0823 2456 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:19:07.0823 2456 arcsas - ok
12:19:07.0854 2456 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:19:07.0854 2456 AsyncMac - ok
12:19:07.0854 2456 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:19:07.0870 2456 atapi - ok
12:19:08.0026 2456 [ 85193E1BCEFE65D0A1BEFD4FDA9180F9 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:19:08.0073 2456 atikmdag - ok
12:19:08.0119 2456 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:19:08.0135 2456 AudioEndpointBuilder - ok
12:19:08.0151 2456 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:19:08.0151 2456 AudioSrv - ok
12:19:08.0182 2456 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:19:08.0182 2456 AxInstSV - ok
12:19:08.0213 2456 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:19:08.0213 2456 b06bdrv - ok
12:19:08.0244 2456 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:19:08.0244 2456 b57nd60a - ok
12:19:08.0322 2456 [ FB4FDA64F2E8552EAEB5986C3F34462C ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:19:08.0369 2456 BCM43XX - ok
12:19:08.0400 2456 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:19:08.0400 2456 BDESVC - ok
12:19:08.0416 2456 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:19:08.0416 2456 Beep - ok
12:19:08.0463 2456 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:19:08.0478 2456 BFE - ok
12:19:08.0525 2456 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\Windows\SysWOW64\bgsvcgen.exe
12:19:08.0525 2456 bgsvcgen - ok
12:19:08.0556 2456 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:19:08.0587 2456 BITS - ok
12:19:08.0619 2456 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:19:08.0619 2456 blbdrive - ok
12:19:08.0650 2456 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:19:08.0650 2456 bowser - ok
12:19:08.0681 2456 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:19:08.0681 2456 BrFiltLo - ok
12:19:08.0697 2456 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:19:08.0697 2456 BrFiltUp - ok
12:19:08.0728 2456 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:19:08.0728 2456 Browser - ok
12:19:08.0759 2456 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:19:08.0759 2456 Brserid - ok
12:19:08.0790 2456 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:19:08.0790 2456 BrSerWdm - ok
12:19:08.0821 2456 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:19:08.0853 2456 BrUsbMdm - ok
12:19:08.0899 2456 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:19:08.0931 2456 BrUsbSer - ok
12:19:08.0977 2456 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:19:08.0977 2456 BthEnum - ok
12:19:08.0977 2456 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:19:08.0993 2456 BTHMODEM - ok
12:19:09.0009 2456 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:19:09.0009 2456 BthPan - ok
12:19:09.0055 2456 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:19:09.0055 2456 BTHPORT - ok
12:19:09.0071 2456 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:19:09.0071 2456 bthserv - ok
12:19:09.0102 2456 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:19:09.0102 2456 BTHUSB - ok
12:19:09.0118 2456 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:19:09.0118 2456 cdfs - ok
12:19:09.0133 2456 [ 9EDD76D0800A022AE10B9243D0224E72 ] cdrbsdrv C:\Windows\system32\drivers\cdrbsdrv.sys
12:19:09.0149 2456 cdrbsdrv - ok
12:19:09.0165 2456 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:19:09.0165 2456 cdrom - ok
12:19:09.0180 2456 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:19:09.0196 2456 CertPropSvc - ok
12:19:09.0196 2456 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:19:09.0196 2456 circlass - ok
12:19:09.0227 2456 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:19:09.0243 2456 CLFS - ok
12:19:09.0289 2456 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:19:09.0289 2456 clr_optimization_v2.0.50727_32 - ok
12:19:09.0321 2456 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:19:09.0336 2456 clr_optimization_v2.0.50727_64 - ok
12:19:09.0367 2456 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:19:09.0383 2456 clr_optimization_v4.0.30319_32 - ok
12:19:09.0399 2456 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:19:09.0399 2456 clr_optimization_v4.0.30319_64 - ok
12:19:09.0430 2456 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:19:09.0430 2456 CmBatt - ok
12:19:09.0461 2456 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:19:09.0461 2456 cmdide - ok
12:19:09.0492 2456 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:19:09.0492 2456 CNG - ok
12:19:09.0539 2456 [ 040FF3B09F26926A3792E047DB0F47DD ] cnnctfy2 C:\Windows\system32\DRIVERS\cnnctfy2.sys
12:19:09.0539 2456 cnnctfy2 - ok
12:19:09.0617 2456 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
12:19:09.0617 2456 Com4QLBEx - ok
12:19:09.0633 2456 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:19:09.0648 2456 Compbatt - ok
12:19:09.0664 2456 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:19:09.0664 2456 CompositeBus - ok
12:19:09.0679 2456 COMSysApp - ok
12:19:09.0711 2456 [ 87371905486DB648AC56B37A5909CBA0 ] Connectify C:\Program Files (x86)\Connectify\ConnectifyService.exe
12:19:09.0711 2456 Connectify - ok
12:19:09.0835 2456 [ AB82A8885AB9687D82AA51A4B4F62E2D ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
12:19:09.0835 2456 CoordinatorServiceHost - ok
12:19:09.0867 2456 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:19:09.0867 2456 crcdisk - ok
12:19:09.0898 2456 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:19:09.0898 2456 CryptSvc - ok
12:19:09.0929 2456 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
12:19:09.0929 2456 CVirtA - ok
12:19:09.0960 2456 [ 98C413E1A2FB6E5A4C101C25B3D0B275 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
12:19:09.0991 2456 CVPND - ok
12:19:10.0007 2456 [ 79AF0E203D089AF442A3F70ED00A37FB ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
12:19:10.0023 2456 CVPNDRVA - ok
12:19:10.0038 2456 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:19:10.0054 2456 DcomLaunch - ok
12:19:10.0085 2456 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:19:10.0085 2456 defragsvc - ok
12:19:10.0116 2456 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:19:10.0116 2456 DfsC - ok
12:19:10.0147 2456 dgderdrv - ok
12:19:10.0194 2456 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
12:19:10.0194 2456 dg_ssudbus - ok
12:19:10.0225 2456 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:19:10.0241 2456 Dhcp - ok
12:19:10.0257 2456 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:19:10.0257 2456 discache - ok
12:19:10.0288 2456 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:19:10.0288 2456 Disk - ok
12:19:10.0319 2456 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
12:19:10.0319 2456 DNE - ok
12:19:10.0350 2456 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:19:10.0350 2456 Dnscache - ok
12:19:10.0381 2456 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:19:10.0381 2456 dot3svc - ok
12:19:10.0428 2456 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:19:10.0428 2456 Dot4 - ok
12:19:10.0475 2456 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:19:10.0475 2456 Dot4Print - ok
12:19:10.0537 2456 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:19:10.0537 2456 dot4usb - ok
12:19:10.0569 2456 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:19:10.0569 2456 DPS - ok
12:19:10.0584 2456 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:19:10.0584 2456 drmkaud - ok
12:19:10.0615 2456 [ 9F98D7AFA293947A0DFC6FFD4671FE70 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:19:10.0615 2456 dtsoftbus01 - ok
12:19:10.0662 2456 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:19:10.0693 2456 DXGKrnl - ok
12:19:10.0725 2456 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:19:10.0725 2456 EapHost - ok
12:19:10.0803 2456 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:19:10.0881 2456 ebdrv - ok
12:19:10.0912 2456 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:19:10.0912 2456 EFS - ok
12:19:10.0943 2456 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:19:10.0959 2456 ehRecvr - ok
12:19:10.0990 2456 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:19:10.0990 2456 ehSched - ok
12:19:11.0021 2456 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:19:11.0021 2456 elxstor - ok
12:19:11.0052 2456 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
12:19:11.0052 2456 enecir - ok
12:19:11.0068 2456 [ E17EB95358F396E27D573A1B20F891F8 ] enecirhid C:\Windows\system32\DRIVERS\enecirhid.sys
12:19:11.0068 2456 enecirhid - ok
12:19:11.0083 2456 [ 8492D808C79BD6FE439F77BE84956CDF ] enecirhidma C:\Windows\system32\DRIVERS\enecirhidma.sys
12:19:11.0083 2456 enecirhidma - ok
12:19:11.0115 2456 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:19:11.0115 2456 ErrDev - ok
12:19:11.0177 2456 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:19:11.0177 2456 EventSystem - ok
12:19:11.0208 2456 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:19:11.0208 2456 exfat - ok
12:19:11.0239 2456 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:19:11.0239 2456 fastfat - ok
12:19:11.0271 2456 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:19:11.0286 2456 Fax - ok
12:19:11.0317 2456 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:19:11.0317 2456 fdc - ok
12:19:11.0333 2456 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:19:11.0333 2456 fdPHost - ok
12:19:11.0349 2456 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:19:11.0349 2456 FDResPub - ok
12:19:11.0380 2456 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:19:11.0395 2456 FileInfo - ok
12:19:11.0395 2456 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:19:11.0395 2456 Filetrace - ok
12:19:11.0473 2456 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:19:11.0489 2456 FLEXnet Licensing Service - ok
12:19:11.0536 2456 [ F1A9C61436E12A637A647870DD6D9EEF ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:19:11.0567 2456 FLEXnet Licensing Service 64 - ok
12:19:11.0614 2456 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:19:11.0614 2456 flpydisk - ok
12:19:11.0645 2456 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:19:11.0645 2456 FltMgr - ok
12:19:11.0692 2456 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:19:11.0723 2456 FontCache - ok
12:19:11.0754 2456 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:19:11.0754 2456 FontCache3.0.0.0 - ok
12:19:11.0770 2456 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:19:11.0770 2456 FsDepends - ok
12:19:11.0785 2456 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:19:11.0801 2456 Fs_Rec - ok
12:19:11.0817 2456 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:19:11.0817 2456 fvevol - ok
12:19:11.0848 2456 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:19:11.0848 2456 gagp30kx - ok
12:19:11.0863 2456 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:19:11.0895 2456 gpsvc - ok
12:19:11.0941 2456 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:19:11.0941 2456 gupdate - ok
12:19:11.0957 2456 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:19:11.0973 2456 gupdatem - ok
12:19:11.0973 2456 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:19:11.0973 2456 hcw85cir - ok
12:19:12.0004 2456 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:19:12.0004 2456 HdAudAddService - ok
12:19:12.0019 2456 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:19:12.0019 2456 HDAudBus - ok
12:19:12.0035 2456 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:19:12.0035 2456 HidBatt - ok
12:19:12.0066 2456 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:19:12.0066 2456 HidBth - ok
12:19:12.0082 2456 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:19:12.0082 2456 HidIr - ok
12:19:12.0097 2456 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:19:12.0113 2456 hidserv - ok
12:19:12.0129 2456 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:19:12.0129 2456 HidUsb - ok
12:19:12.0160 2456 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:19:12.0160 2456 hkmsvc - ok
12:19:12.0175 2456 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:19:12.0191 2456 HomeGroupListener - ok
12:19:12.0207 2456 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:19:12.0207 2456 HomeGroupProvider - ok
12:19:12.0269 2456 [ 170233B8D743EFE35F462A5D516B93E3 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:19:12.0269 2456 HP Support Assistant Service - ok
12:19:12.0316 2456 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:19:12.0316 2456 HPDrvMntSvc.exe - ok
12:19:12.0363 2456 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
12:19:12.0363 2456 hpdskflt - ok
12:19:12.0409 2456 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:19:12.0425 2456 hpqcxs08 - ok
12:19:12.0425 2456 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:19:12.0441 2456 hpqddsvc - ok
12:19:12.0456 2456 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:19:12.0456 2456 HpqKbFiltr - ok
12:19:12.0503 2456 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:19:12.0519 2456 hpqwmiex - ok
12:19:12.0550 2456 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:19:12.0550 2456 HpSAMD - ok
12:19:12.0597 2456 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:19:12.0612 2456 HPSLPSVC - ok
12:19:12.0643 2456 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
12:19:12.0643 2456 hpsrv - ok
12:19:12.0690 2456 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:19:12.0706 2456 HTTP - ok
12:19:12.0737 2456 hwdatacard - ok
12:19:12.0753 2456 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:19:12.0753 2456 hwpolicy - ok
12:19:12.0768 2456 hwusbdev - ok
12:19:12.0799 2456 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:19:12.0799 2456 i8042prt - ok
12:19:12.0831 2456 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:19:12.0831 2456 iaStorV - ok
12:19:12.0924 2456 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:19:12.0924 2456 IDriverT - ok
12:19:12.0955 2456 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:19:12.0987 2456 idsvc - ok
12:19:13.0033 2456 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:19:13.0033 2456 iirsp - ok
12:19:13.0080 2456 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:19:13.0096 2456 IKEEXT - ok
12:19:13.0111 2456 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:19:13.0111 2456 intelide - ok
12:19:13.0143 2456 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:19:13.0143 2456 intelppm - ok
12:19:13.0174 2456 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:19:13.0174 2456 IPBusEnum - ok
12:19:13.0205 2456 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:19:13.0205 2456 IpFilterDriver - ok
12:19:13.0252 2456 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:19:13.0267 2456 iphlpsvc - ok
12:19:13.0299 2456 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:19:13.0299 2456 IPMIDRV - ok
12:19:13.0330 2456 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:19:13.0345 2456 IPNAT - ok
12:19:13.0345 2456 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:19:13.0345 2456 IRENUM - ok
12:19:13.0377 2456 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:19:13.0377 2456 isapnp - ok
12:19:13.0392 2456 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:19:13.0392 2456 iScsiPrt - ok
12:19:13.0455 2456 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
12:19:13.0455 2456 JMCR - ok
12:19:13.0470 2456 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:19:13.0470 2456 kbdclass - ok
12:19:13.0501 2456 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:19:13.0501 2456 kbdhid - ok
12:19:13.0517 2456 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:19:13.0517 2456 KeyIso - ok
12:19:13.0533 2456 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:19:13.0533 2456 KSecDD - ok
12:19:13.0548 2456 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:19:13.0548 2456 KSecPkg - ok
12:19:13.0564 2456 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:19:13.0564 2456 ksthunk - ok
12:19:13.0595 2456 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:19:13.0595 2456 KtmRm - ok
12:19:13.0626 2456 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:19:13.0642 2456 LanmanServer - ok
12:19:13.0657 2456 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:19:13.0673 2456 LanmanWorkstation - ok
12:19:13.0704 2456 [ AC2E68E3421AF857B8D438414E7AE31C ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:19:13.0704 2456 LightScribeService - ok
12:19:13.0720 2456 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:19:13.0720 2456 lltdio - ok
12:19:13.0751 2456 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:19:13.0751 2456 lltdsvc - ok
12:19:13.0767 2456 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:19:13.0767 2456 lmhosts - ok
12:19:13.0782 2456 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:19:13.0798 2456 LSI_FC - ok
12:19:13.0813 2456 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:19:13.0813 2456 LSI_SAS - ok
12:19:13.0829 2456 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:19:13.0845 2456 LSI_SAS2 - ok
12:19:13.0845 2456 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:19:13.0860 2456 LSI_SCSI - ok
12:19:13.0876 2456 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:19:13.0876 2456 luafv - ok
12:19:13.0907 2456 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:19:13.0907 2456 Mcx2Svc - ok
12:19:13.0938 2456 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:19:13.0954 2456 megasas - ok
12:19:13.0969 2456 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:19:13.0969 2456 MegaSR - ok
12:19:14.0047 2456 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:19:14.0063 2456 Microsoft Office Groove Audit Service - ok
12:19:14.0079 2456 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:19:14.0094 2456 MMCSS - ok
12:19:14.0094 2456 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:19:14.0094 2456 Modem - ok
12:19:14.0110 2456 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:19:14.0125 2456 monitor - ok
12:19:14.0141 2456 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:19:14.0141 2456 mouclass - ok
12:19:14.0157 2456 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:19:14.0157 2456 mouhid - ok
12:19:14.0172 2456 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:19:14.0172 2456 mountmgr - ok
12:19:14.0235 2456 [ DAE3C509F33059BC4D48A8925F476FB4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:19:14.0235 2456 MozillaMaintenance - ok
12:19:14.0281 2456 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:19:14.0281 2456 mpio - ok
12:19:14.0313 2456 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:19:14.0313 2456 mpsdrv - ok
12:19:14.0344 2456 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:19:14.0359 2456 MpsSvc - ok
12:19:14.0391 2456 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:19:14.0391 2456 MRxDAV - ok
12:19:14.0422 2456 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:19:14.0422 2456 mrxsmb - ok
12:19:14.0437 2456 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:19:14.0453 2456 mrxsmb10 - ok
12:19:14.0453 2456 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:19:14.0469 2456 mrxsmb20 - ok
12:19:14.0484 2456 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:19:14.0484 2456 msahci - ok
12:19:14.0500 2456 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:19:14.0500 2456 msdsm - ok
12:19:14.0515 2456 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:19:14.0531 2456 MSDTC - ok
12:19:14.0562 2456 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:19:14.0562 2456 Msfs - ok
12:19:14.0578 2456 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:19:14.0578 2456 mshidkmdf - ok
12:19:14.0578 2456 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:19:14.0578 2456 msisadrv - ok
12:19:14.0609 2456 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:19:14.0609 2456 MSiSCSI - ok
12:19:14.0625 2456 msiserver - ok
12:19:14.0640 2456 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:19:14.0640 2456 MSKSSRV - ok
12:19:14.0656 2456 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:19:14.0656 2456 MSPCLOCK - ok
12:19:14.0656 2456 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:19:14.0671 2456 MSPQM - ok
12:19:14.0687 2456 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:19:14.0703 2456 MsRPC - ok
12:19:14.0703 2456 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:19:14.0703 2456 mssmbios - ok
12:19:14.0718 2456 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:19:14.0718 2456 MSTEE - ok
12:19:14.0734 2456 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:19:14.0734 2456 MTConfig - ok
12:19:14.0749 2456 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:19:14.0749 2456 Mup - ok
12:19:14.0781 2456 [ 07B2740CF3294B98380B9E1BF8AB05B8 ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
12:19:14.0781 2456 NanoServiceMain - ok
12:19:14.0812 2456 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:19:14.0812 2456 napagent - ok
12:19:14.0843 2456 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:19:14.0843 2456 NativeWifiP - ok
12:19:14.0890 2456 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:19:14.0905 2456 NDIS - ok
12:19:14.0937 2456 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:19:14.0937 2456 NdisCap - ok
12:19:14.0952 2456 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:19:14.0968 2456 NdisTapi - ok
12:19:14.0983 2456 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:19:14.0983 2456 Ndisuio - ok
12:19:15.0015 2456 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:19:15.0015 2456 NdisWan - ok
12:19:15.0030 2456 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:19:15.0046 2456 NDProxy - ok
12:19:15.0093 2456 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:19:15.0108 2456 Net Driver HPZ12 - ok
12:19:15.0108 2456 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:19:15.0108 2456 NetBIOS - ok
12:19:15.0155 2456 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:19:15.0155 2456 NetBT - ok
12:19:15.0155 2456 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:19:15.0171 2456 Netlogon - ok
12:19:15.0186 2456 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:19:15.0186 2456 Netman - ok
12:19:15.0202 2456 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:19:15.0217 2456 netprofm - ok
12:19:15.0264 2456 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:19:15.0264 2456 NetTcpPortSharing - ok
12:19:15.0280 2456 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:19:15.0280 2456 nfrd960 - ok
12:19:15.0342 2456 [ 3B704ABD2CD6B987B527B36AAB6C6968 ] NitroReaderDriverReadSpool C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
12:19:15.0342 2456 NitroReaderDriverReadSpool - ok
12:19:15.0358 2456 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:19:15.0373 2456 NlaSvc - ok
12:19:15.0451 2456 [ 8ACF8E802087880B821EC985FEACCD72 ] NMSAccess64 C:\Program Files\CDBurnerXP\NMSAccessU.exe
12:19:15.0451 2456 NMSAccess64 - ok
12:19:15.0498 2456 [ A82F339386766C585C3CF0C10AA9A002 ] NNSALPC C:\Windows\system32\DRIVERS\NNSAlpc.sys
12:19:15.0498 2456 NNSALPC - ok
12:19:15.0545 2456 [ 2A0C5D3890FC56254CBFA8D2A2DFA62C ] NNSHTTP C:\Windows\system32\DRIVERS\NNSHttp.sys
12:19:15.0545 2456 NNSHTTP - ok
12:19:15.0576 2456 [ 27F12CE54A0319527E599ACD193B86F5 ] NNSIDS C:\Windows\system32\DRIVERS\NNSIds.sys
12:19:15.0576 2456 NNSIDS - ok
12:19:15.0607 2456 [ 02D6C70D0CA4040C81698A2014019E0A ] NNSNAHSL C:\Windows\system32\DRIVERS\NNSNAHSL.sys
12:19:15.0607 2456 NNSNAHSL - ok
12:19:15.0623 2456 [ 488A615DDA26640FBEAC945678208E23 ] NNSPICC C:\Windows\system32\DRIVERS\NNSPicc.sys
12:19:15.0623 2456 NNSPICC - ok
12:19:15.0670 2456 [ 7A07299FB6BCE5F563B852FE930B5311 ] NNSPIHSW C:\Windows\system32\DRIVERS\NNSPihsw.sys
12:19:15.0685 2456 NNSPIHSW - ok
12:19:15.0701 2456 [ 643FE52EA4C41E806B6906CF0C786D24 ] NNSPOP3 C:\Windows\system32\DRIVERS\NNSPop3.sys
12:19:15.0701 2456 NNSPOP3 - ok
12:19:15.0717 2456 [ A5DFD37B6E05E976DD70DF5D202C9BCA ] NNSPROT C:\Windows\system32\DRIVERS\NNSProt.sys
12:19:15.0717 2456 NNSPROT - ok
12:19:15.0732 2456 [ A0C7A228D06B1E9FC5AB4AC7B50FE612 ] NNSPRV C:\Windows\system32\DRIVERS\NNSPrv.sys
12:19:15.0732 2456 NNSPRV - ok
12:19:15.0748 2456 [ F41B212F242B02AE54317E073CC9D02E ] NNSSMTP C:\Windows\system32\DRIVERS\NNSSmtp.sys
12:19:15.0748 2456 NNSSMTP - ok
12:19:15.0763 2456 [ B6D8243E45687B3791CBDABBE2697699 ] NNSSTRM C:\Windows\system32\DRIVERS\NNSStrm.sys
12:19:15.0763 2456 NNSSTRM - ok
12:19:15.0779 2456 [ 1257C0FB4765B6D33F9EAEA326995ABA ] NNSTLSC C:\Windows\system32\DRIVERS\NNSTlsc.sys
12:19:15.0779 2456 NNSTLSC - ok
12:19:15.0810 2456 [ C31FA031335EFF434B2D94278E74BCCE ] npf C:\Windows\system32\drivers\npf.sys
12:19:15.0810 2456 npf - ok
12:19:15.0826 2456 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:19:15.0826 2456 Npfs - ok
12:19:15.0857 2456 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:19:15.0857 2456 nsi - ok
12:19:15.0873 2456 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:19:15.0873 2456 nsiproxy - ok
12:19:15.0919 2456 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:19:15.0951 2456 Ntfs - ok
12:19:15.0982 2456 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:19:15.0982 2456 Null - ok
12:19:16.0013 2456 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:19:16.0029 2456 nvraid - ok
12:19:16.0044 2456 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:19:16.0044 2456 nvstor - ok
12:19:16.0091 2456 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:19:16.0091 2456 nv_agp - ok
12:19:16.0169 2456 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:19:16.0185 2456 odserv - ok
12:19:16.0200 2456 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:19:16.0200 2456 ohci1394 - ok
12:19:16.0263 2456 [ C047929133A6516DA1C4162563BB5D5F ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\VPNService.exe
12:19:16.0278 2456 OkayFreedom VPN Starter Service - ok
12:19:16.0309 2456 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:19:16.0309 2456 ose - ok
12:19:16.0341 2456 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:19:16.0356 2456 p2pimsvc - ok
12:19:16.0372 2456 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:19:16.0372 2456 p2psvc - ok
12:19:16.0403 2456 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:19:16.0403 2456 Parport - ok
12:19:16.0419 2456 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:19:16.0434 2456 partmgr - ok
12:19:16.0450 2456 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:19:16.0450 2456 PcaSvc - ok
12:19:16.0481 2456 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:19:16.0481 2456 pci - ok
12:19:16.0497 2456 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:19:16.0497 2456 pciide - ok
12:19:16.0528 2456 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:19:16.0528 2456 pcmcia - ok
12:19:16.0559 2456 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:19:16.0559 2456 pcw - ok
12:19:16.0575 2456 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:19:16.0606 2456 PEAUTH - ok
12:19:16.0668 2456 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:19:16.0668 2456 PerfHost - ok
12:19:16.0715 2456 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:19:16.0746 2456 pla - ok
12:19:16.0793 2456 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:19:16.0809 2456 PlugPlay - ok
12:19:16.0855 2456 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:19:16.0855 2456 Pml Driver HPZ12 - ok
12:19:16.0887 2456 [ 06841F5CD8410B6BDC0B5A631B8F8787 ] pnetmdm C:\Windows\system32\DRIVERS\pnetmdm64.sys
12:19:16.0887 2456 pnetmdm - ok
12:19:16.0902 2456 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:19:16.0902 2456 PNRPAutoReg - ok
12:19:16.0933 2456 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:19:16.0933 2456 PNRPsvc - ok
12:19:16.0949 2456 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:19:16.0965 2456 PolicyAgent - ok
12:19:16.0980 2456 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:19:16.0996 2456 Power - ok
12:19:17.0011 2456 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:19:17.0011 2456 PptpMiniport - ok
12:19:17.0043 2456 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:19:17.0043 2456 Processor - ok
12:19:17.0089 2456 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:19:17.0089 2456 ProfSvc - ok
12:19:17.0105 2456 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:19:17.0105 2456 ProtectedStorage - ok
12:19:17.0136 2456 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:19:17.0136 2456 Psched - ok
12:19:17.0183 2456 [ 943ECA8A96D9F36EB3AF1F012216ADEB ] PSINAflt C:\Windows\system32\DRIVERS\PSINAflt.sys
12:19:17.0183 2456 PSINAflt - ok
12:19:17.0214 2456 [ CD5869D68E270C128AE6D871FE2DE761 ] PSINFile C:\Windows\system32\DRIVERS\PSINFile.sys
12:19:17.0214 2456 PSINFile - ok
12:19:17.0261 2456 [ 455A23DEDCCE1D381887603B6F27F322 ] PSINKNC C:\Windows\system32\DRIVERS\psinknc.sys
12:19:17.0261 2456 PSINKNC - ok
12:19:17.0277 2456 [ 3BAA93657716BA8FC253BEBD683A328C ] PSINProc C:\Windows\system32\DRIVERS\PSINProc.sys
12:19:17.0277 2456 PSINProc - ok
12:19:17.0292 2456 [ 5F1894391EF5AE210FBCCA90ABC66437 ] PSINProt C:\Windows\system32\DRIVERS\PSINProt.sys
12:19:17.0292 2456 PSINProt - ok
12:19:17.0339 2456 [ E437C22DD66BA8F763F01D02C9713F8D ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
12:19:17.0339 2456 PSKMAD - ok
12:19:17.0355 2456 [ 98A9D3236C6301503571DE79B86E8538 ] PSUAService C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
12:19:17.0355 2456 PSUAService - ok
12:19:17.0433 2456 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:19:17.0464 2456 ql2300 - ok
12:19:17.0479 2456 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:19:17.0479 2456 ql40xx - ok
12:19:17.0511 2456 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:19:17.0511 2456 QWAVE - ok
12:19:17.0542 2456 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:19:17.0542 2456 QWAVEdrv - ok
12:19:17.0589 2456 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
12:19:17.0589 2456 RapiMgr - ok
12:19:17.0604 2456 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:19:17.0604 2456 RasAcd - ok
12:19:17.0620 2456 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:19:17.0620 2456 RasAgileVpn - ok
12:19:17.0635 2456 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:19:17.0635 2456 RasAuto - ok
12:19:17.0667 2456 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:19:17.0667 2456 Rasl2tp - ok
12:19:17.0698 2456 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:19:17.0698 2456 RasMan - ok
12:19:17.0713 2456 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:19:17.0713 2456 RasPppoe - ok
12:19:17.0729 2456 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:19:17.0729 2456 RasSstp - ok
12:19:17.0776 2456 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:19:17.0776 2456 rdbss - ok
12:19:17.0807 2456 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:19:17.0807 2456 rdpbus - ok
12:19:17.0807 2456 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:19:17.0807 2456 RDPCDD - ok
12:19:17.0854 2456 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:19:17.0854 2456 RDPENCDD - ok
12:19:17.0869 2456 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:19:17.0869 2456 RDPREFMP - ok
12:19:17.0901 2456 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:19:17.0901 2456 RDPWD - ok
12:19:17.0932 2456 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:19:17.0932 2456 rdyboost - ok
12:19:17.0947 2456 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:19:17.0963 2456 RemoteAccess - ok
12:19:17.0979 2456 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:19:17.0979 2456 RemoteRegistry - ok
12:19:18.0010 2456 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:19:18.0025 2456 RFCOMM - ok
12:19:18.0057 2456 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:19:18.0057 2456 ROOTMODEM - ok
12:19:18.0072 2456 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:19:18.0072 2456 RpcEptMapper - ok
12:19:18.0103 2456 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:19:18.0103 2456 RpcLocator - ok
12:19:18.0135 2456 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:19:18.0135 2456 RpcSs - ok
12:19:18.0150 2456 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:19:18.0150 2456 rspndr - ok
12:19:18.0197 2456 [ 52959C47105E18B4377F77A821D945CE ] rsvcdwdr C:\Windows\system32\DRIVERS\rsvcdwdr.sys
12:19:18.0197 2456 rsvcdwdr - ok
12:19:18.0228 2456 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:19:18.0228 2456 RTL8167 - ok
12:19:18.0244 2456 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:19:18.0244 2456 SamSs - ok
12:19:18.0291 2456 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x64\Sandra.sys
12:19:18.0291 2456 SANDRA - ok
12:19:18.0353 2456 [ 6858620E6EF1DF704366ACD45A317AD2 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe
12:19:18.0353 2456 SandraAgentSrv - ok
12:19:18.0400 2456 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:19:18.0400 2456 sbp2port - ok
12:19:18.0431 2456 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:19:18.0431 2456 SCardSvr - ok
12:19:18.0462 2456 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:19:18.0462 2456 scfilter - ok
12:19:18.0493 2456 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:19:18.0509 2456 Schedule - ok
12:19:18.0540 2456 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:19:18.0540 2456 SCPolicySvc - ok
12:19:18.0571 2456 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
12:19:18.0571 2456 sdbus - ok
12:19:18.0587 2456 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:19:18.0603 2456 SDRSVC - ok
12:19:18.0634 2456 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:19:18.0634 2456 secdrv - ok
12:19:18.0649 2456 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:19:18.0649 2456 seclogon - ok
12:19:18.0665 2456 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:19:18.0665 2456 SENS - ok
12:19:18.0681 2456 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:19:18.0681 2456 SensrSvc - ok
12:19:18.0696 2456 Sentinel - ok
12:19:18.0712 2456 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:19:18.0712 2456 Serenum - ok
12:19:18.0727 2456 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:19:18.0743 2456 Serial - ok
12:19:18.0759 2456 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:19:18.0759 2456 sermouse - ok
12:19:18.0759 2456 serviceIEConfig - ok
12:19:18.0790 2456 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:19:18.0805 2456 SessionEnv - ok
12:19:18.0821 2456 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:19:18.0821 2456 sffdisk - ok
12:19:18.0837 2456 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:19:18.0837 2456 sffp_mmc - ok
12:19:18.0852 2456 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:19:18.0852 2456 sffp_sd - ok
12:19:18.0852 2456 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:19:18.0852 2456 sfloppy - ok
12:19:18.0899 2456 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:19:18.0915 2456 SharedAccess - ok
12:19:18.0930 2456 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:19:18.0946 2456 ShellHWDetection - ok
12:19:18.0961 2456 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:19:18.0977 2456 SiSRaid2 - ok
12:19:18.0993 2456 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:19:18.0993 2456 SiSRaid4 - ok
12:19:19.0133 2456 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:19:19.0211 2456 Skype C2C Service - ok
12:19:19.0258 2456 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:19:19.0258 2456 SkypeUpdate - ok
12:19:19.0273 2456 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:19:19.0289 2456 Smb - ok
12:19:19.0305 2456 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:19:19.0305 2456 SNMPTRAP - ok
12:19:19.0367 2456 [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
12:19:19.0383 2456 SolidWorks Licensing Service - ok
12:19:19.0445 2456 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
12:19:19.0445 2456 speedfan - ok
12:19:19.0461 2456 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:19:19.0461 2456 spldr - ok
12:19:19.0492 2456 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:19:19.0492 2456 Spooler - ok
12:19:19.0570 2456 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:19:19.0632 2456 sppsvc - ok
12:19:19.0663 2456 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:19:19.0663 2456 sppuinotify - ok
12:19:19.0695 2456 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\System32\Drivers\sptd.sys
12:19:19.0726 2456 sptd - ok
12:19:19.0741 2456 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:19:19.0757 2456 srv - ok
12:19:19.0773 2456 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:19:19.0788 2456 srv2 - ok
12:19:19.0819 2456 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:19:19.0819 2456 srvnet - ok
12:19:19.0835 2456 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:19:19.0835 2456 SSDPSRV - ok
12:19:19.0851 2456 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:19:19.0851 2456 SstpSvc - ok
12:19:19.0960 2456 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
12:19:19.0960 2456 ssudmdm - ok
12:19:20.0194 2456 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
12:19:20.0194 2456 STacSV - ok
12:19:20.0225 2456 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
12:19:20.0225 2456 StarOpen - ok
12:19:20.0287 2456 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
12:19:20.0303 2456 StarWindServiceAE - ok
12:19:20.0319 2456 Steam Client Service - ok
12:19:20.0365 2456 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:19:20.0365 2456 stexstor - ok
12:19:20.0412 2456 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:19:20.0412 2456 STHDA - ok
12:19:20.0459 2456 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:19:20.0459 2456 stisvc - ok
12:19:20.0490 2456 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:19:20.0490 2456 swenum - ok
12:19:20.0506 2456 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:19:20.0521 2456 swprv - ok
12:19:20.0553 2456 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:19:20.0568 2456 SynTP - ok
12:19:20.0615 2456 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:19:20.0646 2456 SysMain - ok
12:19:20.0662 2456 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:19:20.0662 2456 TabletInputService - ok
12:19:20.0709 2456 [ 8502BFC9C990567E4049358EC063D621 ] tap0801 C:\Windows\system32\DRIVERS\tap0801.sys
12:19:20.0709 2456 tap0801 - ok
12:19:20.0740 2456 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
12:19:20.0740 2456 tap0901 - ok
12:19:20.0771 2456 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
12:19:20.0771 2456 taphss - ok
12:19:20.0787 2456 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:19:20.0802 2456 TapiSrv - ok
12:19:20.0818 2456 [ 927D0CDB3F96EFC1E98FB1A2C9FB67AD ] tapoas C:\Windows\system32\DRIVERS\tapoas.sys
12:19:20.0818 2456 tapoas - ok
12:19:20.0833 2456 [ 93F0F5EF8A4CA261372DF98B31B2BD05 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
12:19:20.0833 2456 tbhsd - ok
12:19:20.0865 2456 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:19:20.0865 2456 TBS - ok
12:19:20.0911 2456 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:19:20.0943 2456 Tcpip - ok
12:19:20.0989 2456 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:19:20.0989 2456 TCPIP6 - ok
12:19:21.0021 2456 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:19:21.0021 2456 tcpipreg - ok
12:19:21.0052 2456 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:19:21.0052 2456 TDPIPE - ok
12:19:21.0083 2456 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:19:21.0083 2456 TDTCP - ok
12:19:21.0099 2456 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:19:21.0099 2456 tdx - ok
12:19:21.0208 2456 [ 9C1F776825207C203CB44CA3C63B5A6E ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
12:19:21.0255 2456 TeamViewer7 - ok
12:19:21.0270 2456 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:19:21.0286 2456 TermDD - ok
12:19:21.0301 2456 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:19:21.0333 2456 TermService - ok
12:19:21.0348 2456 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes C:\Windows\system32\themeservice.dll
12:19:21.0348 2456 Themes - ok
12:19:21.0395 2456 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:19:21.0395 2456 THREADORDER - ok
12:19:21.0426 2456 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:19:21.0442 2456 TrkWks - ok
12:19:21.0489 2456 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:19:21.0489 2456 TrustedInstaller - ok
12:19:21.0504 2456 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:19:21.0504 2456 tssecsrv - ok
12:19:21.0551 2456 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:19:21.0551 2456 TsUsbFlt - ok
12:19:21.0582 2456 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:19:21.0598 2456 tunnel - ok
12:19:21.0645 2456 [ 711561440FDC396CB6E4C69C13375A38 ] tvnserver C:\Program Files (x86)\TightVNC\tvnserver.exe
12:19:21.0676 2456 tvnserver - ok
12:19:21.0691 2456 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:19:21.0707 2456 uagp35 - ok
12:19:21.0723 2456 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:19:21.0723 2456 udfs - ok
12:19:21.0738 2456 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:19:21.0738 2456 UI0Detect - ok
12:19:21.0769 2456 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:19:21.0769 2456 uliagpkx - ok
12:19:21.0785 2456 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:19:21.0801 2456 umbus - ok
12:19:21.0816 2456 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:19:21.0816 2456 UmPass - ok
12:19:21.0832 2456 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:19:21.0832 2456 upnphost - ok
12:19:21.0863 2456 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:19:21.0863 2456 usbaudio - ok
12:19:21.0879 2456 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:19:21.0894 2456 usbccgp - ok
12:19:21.0910 2456 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:19:21.0910 2456 usbcir - ok
12:19:21.0941 2456 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:19:21.0941 2456 usbehci - ok
12:19:21.0957 2456 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:19:21.0957 2456 usbhub - ok
12:19:21.0972 2456 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:19:21.0972 2456 usbohci - ok
12:19:21.0988 2456 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:19:22.0003 2456 usbprint - ok
12:19:22.0019 2456 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:19:22.0019 2456 usbscan - ok
12:19:22.0050 2456 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:19:22.0050 2456 USBSTOR - ok
12:19:22.0081 2456 [ C44D96B1CDDE705B23F55AB423CCA73D ] USBTINSP C:\Windows\system32\DRIVERS\tinspusb.sys
12:19:22.0097 2456 USBTINSP - ok
12:19:22.0113 2456 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:19:22.0113 2456 usbuhci - ok
12:19:22.0128 2456 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:19:22.0128 2456 usbvideo - ok
12:19:22.0159 2456 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
12:19:22.0175 2456 usb_rndisx - ok
12:19:22.0191 2456 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:19:22.0191 2456 UxSms - ok
12:19:22.0222 2456 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:19:22.0222 2456 VaultSvc - ok
12:19:22.0237 2456 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:19:22.0237 2456 vdrvroot - ok
12:19:22.0269 2456 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:19:22.0269 2456 vds - ok
12:19:22.0315 2456 [ 6305ED64B6B4E96AEC8BECA423498EC0 ] vfsFPService C:\Windows\system32\vfsFPService.exe
12:19:22.0331 2456 vfsFPService - ok
12:19:22.0362 2456 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:19:22.0362 2456 vga - ok
12:19:22.0393 2456 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:19:22.0393 2456 VgaSave - ok
12:19:22.0409 2456 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:19:22.0409 2456 vhdmp - ok
12:19:22.0425 2456 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:19:22.0425 2456 viaide - ok
12:19:22.0456 2456 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:19:22.0456 2456 volmgr - ok
12:19:22.0487 2456 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:19:22.0487 2456 volmgrx - ok
12:19:22.0503 2456 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:19:22.0518 2456 volsnap - ok
12:19:22.0534 2456 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:19:22.0549 2456 vsmraid - ok
12:19:22.0596 2456 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:19:22.0627 2456 VSS - ok
12:19:22.0643 2456 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:19:22.0643 2456 vwifibus - ok
12:19:22.0674 2456 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:19:22.0674 2456 vwififlt - ok
12:19:22.0705 2456 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:19:22.0705 2456 vwifimp - ok
12:19:22.0737 2456 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:19:22.0737 2456 W32Time - ok
12:19:22.0768 2456 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:19:22.0768 2456 WacomPen - ok
12:19:22.0783 2456 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:19:22.0783 2456 WANARP - ok
12:19:22.0783 2456 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:19:22.0799 2456 Wanarpv6 - ok
12:19:22.0846 2456 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:19:22.0877 2456 WatAdminSvc - ok
12:19:22.0924 2456 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:19:22.0955 2456 wbengine - ok
12:19:22.0971 2456 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:19:22.0971 2456 WbioSrvc - ok
12:19:23.0017 2456 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
12:19:23.0017 2456 WcesComm - ok
12:19:23.0049 2456 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:19:23.0064 2456 wcncsvc - ok
12:19:23.0080 2456 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:19:23.0080 2456 WcsPlugInService - ok
12:19:23.0095 2456 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:19:23.0111 2456 Wd - ok
12:19:23.0142 2456 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:19:23.0158 2456 Wdf01000 - ok
12:19:23.0173 2456 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:19:23.0173 2456 WdiServiceHost - ok
12:19:23.0173 2456 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:19:23.0189 2456 WdiSystemHost - ok
12:19:23.0205 2456 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:19:23.0205 2456 WebClient - ok
12:19:23.0220 2456 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:19:23.0220 2456 Wecsvc - ok
12:19:23.0236 2456 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:19:23.0236 2456 wercplsupport - ok
12:19:23.0251 2456 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:19:23.0251 2456 WerSvc - ok
12:19:23.0283 2456 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:19:23.0283 2456 WfpLwf - ok
12:19:23.0298 2456 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:19:23.0298 2456 WIMMount - ok
12:19:23.0314 2456 WinDefend - ok
12:19:23.0314 2456 WinHttpAutoProxySvc - ok
12:19:23.0361 2456 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:19:23.0376 2456 Winmgmt - ok
12:19:23.0423 2456 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:19:23.0470 2456 WinRM - ok
12:19:23.0501 2456 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:19:23.0501 2456 WinUsb - ok
12:19:23.0517 2456 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:19:23.0532 2456 Wlansvc - ok
12:19:23.0641 2456 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:19:23.0657 2456 wlidsvc - ok
12:19:23.0688 2456 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:19:23.0688 2456 WmiAcpi - ok
12:19:23.0704 2456 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:19:23.0704 2456 wmiApSrv - ok
12:19:23.0719 2456 WMPNetworkSvc - ok
12:19:23.0735 2456 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:19:23.0735 2456 WPCSvc - ok
12:19:23.0766 2456 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:19:23.0766 2456 WPDBusEnum - ok
12:19:23.0782 2456 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:19:23.0797 2456 ws2ifsl - ok
12:19:23.0797 2456 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:19:23.0797 2456 wscsvc - ok
12:19:23.0813 2456 WSearch - ok
12:19:23.0875 2456 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:19:23.0938 2456 wuauserv - ok
12:19:23.0969 2456 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:19:23.0969 2456 WudfPf - ok
12:19:23.0985 2456 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:19:23.0985 2456 WUDFRd - ok
12:19:24.0000 2456 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:19:24.0000 2456 wudfsvc - ok
12:19:24.0031 2456 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:19:24.0031 2456 WwanSvc - ok
12:19:24.0078 2456 ================ Scan global ===============================
12:19:24.0109 2456 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:19:24.0125 2456 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:19:24.0141 2456 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:19:24.0156 2456 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:19:24.0187 2456 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:19:24.0187 2456 [Global] - ok
12:19:24.0187 2456 ================ Scan MBR ==================================
12:19:24.0203 2456 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:19:24.0531 2456 \Device\Harddisk0\DR0 - ok
12:19:24.0531 2456 ================ Scan VBR ==================================
12:19:24.0531 2456 [ A24B48C8617FB380121209F37E0C26CC ] \Device\Harddisk0\DR0\Partition1
12:19:24.0546 2456 \Device\Harddisk0\DR0\Partition1 - ok
12:19:24.0577 2456 [ 4299AEC2BA0965C5C7C85D8E9D9D41B4 ] \Device\Harddisk0\DR0\Partition2
12:19:24.0577 2456 \Device\Harddisk0\DR0\Partition2 - ok
12:19:24.0593 2456 [ 02229EAD5EAF3CA2FFFB3E319FE9E3CB ] \Device\Harddisk0\DR0\Partition3
12:19:24.0593 2456 \Device\Harddisk0\DR0\Partition3 - ok
12:19:24.0593 2456 ============================================================
12:19:24.0593 2456 Scan finished
12:19:24.0593 2456 ============================================================
12:19:24.0609 5620 Detected object count: 0
12:19:24.0609 5620 Actual detected object count: 0
|
|
10.11.2012, 12:26
| #4 | ||
| /// TB-Ausbilder | Telekom verweist auf ZeuS/ZBot Dann bitte jetzt Combofix ausführen. Schritt 1: Scan mit Combofix Schritt 2: Liste der installierten Programme (Combofix) Bitte suche und poste mir die folgende Datei:
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
10.11.2012, 13:37
| #5 |
| | Telekom verweist auf ZeuS/ZBot Combofix erfolgreich durchgeführt. Combofix.txt: [CODE] Combofix Logfile: Code:
ATTFilter ComboFix 12-11-09.02 - Stephan 10.11.2012 12:31:55.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4063.2022 [GMT 1:00]
ausgeführt von:: c:\users\Stephan\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\explorer.exe.tmp
c:\windows\IsUn0407.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-10-10 bis 2012-11-10 ))))))))))))))))))))))))))))))
.
.
2012-11-10 11:43 . 2011-03-10 16:05 57928 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2012-11-10 11:40 . 2012-11-10 11:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-09 15:20 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{33236DC5-341A-47C5-A143-106C52302430}\mpengine.dll
2012-11-09 15:19 . 2012-11-09 15:19 -------- d-----w- c:\users\Stephan\AppData\Roaming\Malwarebytes
2012-11-09 15:18 . 2012-11-09 15:18 -------- d-----w- c:\programdata\Malwarebytes
2012-11-09 15:18 . 2012-11-09 15:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-09 15:18 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-29 21:48 . 2012-11-01 20:40 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2012-10-26 11:59 . 2012-10-26 11:59 -------- d-----w- C:\Temp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-09 15:14 . 2012-04-04 08:25 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-09 15:14 . 2011-06-30 09:46 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-11 07:25 . 2010-07-19 16:08 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-05 07:30 . 2012-10-05 07:30 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2012-09-19 08:02 . 2012-09-19 08:02 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-09-19 08:02 . 2012-09-19 08:02 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-09-14 19:19 . 2012-10-11 07:33 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-11 07:33 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-11 10:29 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-11 10:29 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-11 10:29 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-11 10:29 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-28 08:05 . 2012-09-11 07:10 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-08-28 08:04 . 2012-08-28 08:04 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-08-28 08:04 . 2012-08-28 08:04 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-08-28 08:04 . 2012-08-28 08:04 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-08-28 08:04 . 2012-08-28 08:04 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2012-08-28 08:04 . 2012-08-28 08:04 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2012-08-28 08:04 . 2012-08-28 08:04 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2012-08-28 08:04 . 2012-08-28 08:04 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2012-08-28 08:04 . 2012-08-28 08:04 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-08-28 08:04 . 2012-08-28 08:04 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-08-28 08:04 . 2012-08-28 08:04 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2012-08-28 08:04 . 2012-08-28 08:04 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2012-08-28 08:04 . 2012-08-28 08:04 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2012-08-28 08:04 . 2012-08-28 08:04 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2012-08-28 08:04 . 2012-08-28 08:04 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2012-08-28 08:04 . 2012-08-28 08:04 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2012-08-28 08:04 . 2012-09-11 07:10 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-08-28 08:04 . 2012-08-28 08:04 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2012-08-28 08:04 . 2012-08-28 08:04 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2012-08-28 08:04 . 2012-08-28 08:04 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2012-08-28 08:04 . 2012-08-28 08:04 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2012-08-28 08:04 . 2012-08-28 08:04 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2012-08-28 08:04 . 2012-08-28 08:04 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-08-28 08:04 . 2012-08-28 08:04 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2012-08-28 08:04 . 2012-08-28 08:04 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2012-08-28 08:04 . 2012-08-28 08:04 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2012-08-28 08:04 . 2012-08-28 08:04 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2012-08-28 08:04 . 2012-08-28 08:04 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-08-28 08:04 . 2012-08-28 08:04 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2012-08-28 08:04 . 2012-08-28 08:04 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2012-08-24 18:05 . 2012-10-11 07:33 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-11 07:33 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-23 12:09 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-23 12:09 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-23 12:09 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-23 12:09 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-23 12:09 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-23 12:09 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-23 12:10 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-23 12:09 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-23 12:10 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-23 12:09 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-23 12:09 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-23 12:09 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-23 12:09 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-23 12:10 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-23 12:10 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-23 12:10 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-23 12:09 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-23 12:09 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-23 12:09 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 12:10 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 12:10 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-23 12:10 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 21:11 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 21:11 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 21:11 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 21:11 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-27 15:16 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-11 10:28 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-11 10:28 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-11 10:28 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-11 10:29 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-11 10:28 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-11 10:29 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-11 10:29 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-11 10:29 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-11 07:34 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-11 07:34 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-31 21432]
"Spotify Web Helper"="c:\users\Stephan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-28 1199576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-05-20 500792]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-12 343168]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2012-07-13 37152]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\G:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2012-06-27 33320]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 14848]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 6656]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-27 1315592]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [2010-07-13 41576]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2011-08-18 30720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBTINSP;TI-Nspire(TM) Handheld or TI Network Bridge Device Driver;c:\windows\system32\DRIVERS\tinspusb.sys [2012-06-28 142848]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-05 1255736]
R4 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-02-04 341296]
R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2012-06-27 68648]
R4 OkayFreedom VPN Starter Service;OkayFreedom VPN Starter Service;c:\program files (x86)\OkayFreedom\VPNService.exe [2012-07-11 296576]
R4 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe [2009-06-13 68760]
R4 serviceIEConfig;IEConfig 1und1/WEB.DE/GMX Edition;c:\windows\SysWOW64\ieconfig_1und1_svc.exe [2010-08-06 1439120]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-07-27 828912]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]
R4 tvnserver;TightVNC Server;c:\program files (x86)\TightVNC\tvnserver.exe [2010-07-08 815704]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2012-05-24 31344]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-05 254528]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2012-06-27 89128]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2012-06-27 116776]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2012-06-27 113192]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2012-06-27 93224]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2012-06-27 116776]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2012-06-27 304680]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2012-06-27 109096]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2012-06-27 112680]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2012-07-12 219688]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2012-06-27 105000]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2012-07-13 205352]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-12 204288]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2012-05-02 65536]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2012-07-13 140064]
S2 NMSAccess64;NMSAccess64;c:\program files\CDBurnerXP\NMSAccessU.exe [2009-01-12 82872]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-07-13 167464]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2012-07-13 119336]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2012-07-13 123944]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2012-07-13 130088]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2012-07-13 36640]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2009-06-03 721712]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-20 140712]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [2011-03-10 57928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-03-19 09:15 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 16:02 114688 ----a-w- c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 15:14]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-26 15:54]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-26 15:54]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3297239125-2328300800-1345024381-1001Core.job
- c:\users\Stephan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-18 19:56]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3297239125-2328300800-1345024381-1001UA.job
- c:\users\Stephan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-18 19:56]
.
2012-11-06 c:\windows\Tasks\HPCeeScheduleForStephan.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 02:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-09-21 17:40 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-09-21 17:40 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-09-21 17:40 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-09-21 17:40 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.web.de
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://go.web.de/suchbox/webdesuche?su=%s
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\2vqi1t0n.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.spiegel.de/
FF - prefs.js: keyword.URL - hxxp://www.google.de/search?ie=UTF-8&q=
FF - prefs.js: network.proxy.ftp - 212.7.192.91
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 212.7.192.91
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 212.7.192.91
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 212.7.192.91
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2011-11-20 20:20; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0407.EXE
AddRemove-Rainbow Sentinel Driver - c:\windows\SYSTEM32\RNBOSENT\SETUPX86.EXE
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\serviceIEConfig]
"ImagePath"="c:\windows\SysWOW64\ieconfig_1und1_svc.exe /startedbyscm:016FE01B-40E31F2D-serviceIEConfig"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3297239125-2328300800-1345024381-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:61,1f,bb,5b,1d,52,44,81,61,3d,2d,fb,df,f0,ba,81,dc,25,a5,92,79,b1,e0,
e0,52,99,f4,18,c0,04,a8,d9,2d,25,56,9f,51,6d,0b,8e,c4,26,fd,f2,b2,0e,09,8f,\
"??"=hex:36,5c,cf,b3,7e,2b,a9,90,e7,31,12,20,12,5a,da,46
.
[HKEY_USERS\S-1-5-21-3297239125-2328300800-1345024381-1001\Software\SecuROM\License information*]
"datasecu"=hex:47,80,5f,47,7e,94,a0,96,ed,09,4a,0b,7c,10,c6,5a,0a,e6,de,be,90,
7e,14,1a,31,50,66,b3,74,e5,29,02,71,89,e4,d7,4b,2e,f5,43,9a,28,ad,6c,db,7a,\
"rkeysecu"=hex:1f,ea,3d,19,3b,29,11,31,7b,12,99,0d,cb,b4,3e,c1
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\bgsvcgen.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-11-10 12:50:58 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-11-10 11:50
.
Vor Suchlauf: 21 Verzeichnis(se), 87.753.572.352 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 87.078.920.192 Bytes frei
.
- - End Of File - - 4396852E4AE172E19E02F178560428F5
Und die Add-remove Programs.txt: Code:
ATTFilter Update for Microsoft Office 2007 (KB2508958) 3Dconnexion Plug-in for Acrobat 3D Adobe AIR Adobe Anchor Service CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Recommended Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Extra Settings CS4 Adobe Color Video Profiles CS CS4 Adobe Connect Add-in Adobe CSI CS4 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Drive CS4 Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Linguistics CS4 Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe Photoshop 7.0 Adobe Photoshop CS4 Adobe Photoshop CS4 Support Adobe Reader X (10.1.4) - Deutsch Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Shockwave Player 11.6 Adobe Type Support CS4 Adobe Update Manager CS4 Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB AIO_Scan Alarm für Cobra 11 - Das Syndikat Apple Application Support Apple Software Update µTorrent Audacity 2.0 Audiograbber 1.83 SE Bewerbungsfoto-/Passbild-Generator v3.5a BlueJ 3.0.5 BufferChm C5200 C5200_Help Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Pro Control Center CCC Help English Cheat Engine 6.1 Chinese Traditional Fonts Support For Adobe Reader X Connect Copy Counter Strike 1.6 FULL v44 DAEMON Tools Lite DAEMON Tools Toolbar Destinations DeviceDiscovery DivX-Setup DocProc Driver San Francisco Dropbox DVD Menu Pack for HP MediaSmart Video DWGeditor e-Sword EssentialPIM Fax FileZilla Client 3.5.3 Free Audio CD Burner version 1.4 Free PDF to Word Doc Converter v1.1 Free YouTube to MP3 Converter version 3.11.26.706 Google Chrome Google Earth Google Update Helper GPBaseService2 Guardian Of Data v2.1 Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Customer Experience Enhancements HP MediaSmart DVD HP MediaSmart Music HP MediaSmart Photo HP MediaSmart Video HP MediaSmart Webcam HP Quick Launch Buttons HP Support Assistant HP Update HP Wireless Assistant HPPhotoGadget HPPhotoSmartDiscLabel_PaperLabel HPPhotoSmartDiscLabel_PrintOnDisc HPPhotoSmartDiscLabelContent1 hpphotosmartdisclabelplugin HPPhotosmartEssential HPProductAssistant HPSSupply ICQ7.5 IDT Audio Internet Explorer 8 WEB.DE Edition Internet Explorer WEB.DE Addon IrfanView (remove only) Java Auto Updater Java(TM) 6 Update 31 Java(TM) SE Development Kit 6 Update 21 JDownloader JMicron Flash Media Controller Driver K-Lite Codec Pack 6.7.0 (Basic) Kies Air Discovery Service kuler LAME v3.99.3 (for Windows) LightScribe System Software LingoPad 2.6 (Build 360) Malwarebytes Anti-Malware Version 1.65.1.1000 MarketResearch Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Motocross Madness 2 Trial Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (German) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (German) 2007 Microsoft Office InfoPath MUI (German) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (German) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (German) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2005 Tools for Applications - ENU Monopoly by Parker Brothers Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 16.0.2 (x86 de) Mozilla Maintenance Service Mozilla Thunderbird 16.0.2 (x86 de) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NClass 2.04 Notepad++ NVIDIA PhysX OkayFreedom OpenAL OpenOffice.org 3.2 Panda Cloud Antivirus PdaNet for Android 2.45 PDF Settings CS4 PHOTOfunSTUDIO HD Edition Photoshop Camera Raw PhotoView 360 PixiePack Codec Pack ProtectDisc Driver, Version 11 PS_AIO_02_ProductContext PS_AIO_02_Software PS_AIO_02_Software_Min QLBCASL QuickTime RapidShare Manager Rapture3D 2.4.8 Game RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 Samsung Kies Scan Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Sentinel System Driver Skype Click to Call Skype™ 5.10 SmartWebPrinting SolidWorks 2010 x64 Edition SP0 SolidWorks eDrawings 2010 SolutionCenter SopCast 3.3.2 SpeedFan (remove only) Spotify Status Steam StreamTransport version: 1.0.2.2171 SugarSync Manager Suite Shared Configuration CS4 swMSM TeamViewer 7 TI-Nspire CAS Student Software TightVNC 2.0.2 TmNationsForever Toolbox TrayApp Ubisoft Game Launcher Uninstall 1.0.0.1 Unity Web Player UnloadSupport Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition VC80CRTRedist - 8.0.50727.4053 VDownloader 3.6.942 Veetle TV 0.9.18 Virtual DJ Home - Atomix Productions Virtual Dub VLC media player 1.1.11 vShare.tv plugin 1.3 WEB.DE Update WebReg Windows 7 Upgrade Advisor Windows Media Player Firefox Plugin WinPcap 4.1.1 YouTube Downloader 2.6.5 |
|
10.11.2012, 13:42
| #6 |
| /// TB-Ausbilder | Telekom verweist auf ZeuS/ZBot Gut  Dann jetzt bitte ein Scan mit MBAM Quick-Scan mit Malwarebytes
__________________ --> Telekom verweist auf ZeuS/ZBot |
|
10.11.2012, 18:40
| #7 |
| | Telekom verweist auf ZeuS/ZBot So, Scan wurde durchgeführt..scheint nichts gefunden zu haben. Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.10.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Stephan :: STEPHAN-LAPTOP [Administrator] 10.11.2012 18:28:35 mbam-log-2012-11-10 (18-28-35).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 240733 Laufzeit: 3 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
11.11.2012, 16:21
| #8 | |
| /// TB-Ausbilder | Telekom verweist auf ZeuS/ZBot Ja, fast, eine Kontrolle noch: Schritt 1: ESET Online Scanner Zitat:
Schritt 2: Java Update (Windows XP, Vista, 7) Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.Schritt 3: Scan mit SecurityCheck Downloade Dir bitte SecurityCheck
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
13.11.2012, 11:47
| #9 |
| | Telekom verweist auf ZeuS/ZBot So, ESET-Scan wurde durchgeführt. Hat nichts gefunden. Java hab ich aktualisiert und die alten Versionen runtergehauen. Dann noch den SecurityCheck mit folgendem Ergebnis: Code:
ATTFilter Results of screen317's Security Check version 0.99.54 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Panda Cloud Antivirus WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.65.1.1000 Java 7 Update 9 Adobe Flash Player 11.5.502.110 Mozilla Firefox (16.0.2) Mozilla Thunderbird (16.0.2) Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 22.0.1229.94 Google Chrome 23.0.1271.64 ````````Process Check: objlist.exe by Laurent```````` Panda Security Panda Cloud Antivirus PSANHost.exe Panda Security Panda Cloud Antivirus PSUAService.exe Panda Security Panda Cloud Antivirus PSUAMain.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
13.11.2012, 14:40
| #10 | ||||
| /// TB-Ausbilder | Telekom verweist auf ZeuS/ZBot Gut, dann bitte noch die Benutzerkontensteuerung aktivieren ansonsten ... sind wir durch: Combofix deinstallieren ESET deinstallieren (Optional) Abschließend noch Tipps zu folgenden Themen:
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
13.11.2012, 15:20
| #11 |
| | Telekom verweist auf ZeuS/ZBot Sieht ja dann soweit alles gut aus  Also supervielen Dank für die hilfreiche Unterstützung Danke auch für die anderen Infos... Dann wäre ja dieser Thread nun fertig. |
|
13.11.2012, 15:20
| #12 |
| /// TB-Ausbilder | Telekom verweist auf ZeuS/ZBot Schön, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu Telekom verweist auf ZeuS/ZBot |
| administrator, anti-malware, appdata, autostart, browser, code, computer, dateien, explorer, gelöscht, helper, infiziert, infizierte, laptop, logfile, logfiles, malwarebytes, microsoft, passwörter, pcs, roaming, software, speicher, telekom, trojan.agent, zeus/zbot, ändern |
Button.
und dann 
+ R Taste und kopiere den folgenden Text Ausführen-Fenster und klicke OK.
