Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Yet another TR/ATRAPS.Gen2 topic

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.01.2013, 14:55   #1
kljmasbe
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Hallo Board,

wie im Titel erwähnt, handelt es sich bei meinem Trojaner um den TR/ATRAPS.Gen2

Ich habe die Schritte wie in ryders Einführung beschrieben durchgeführt. Ich habe mich für eine Bereinigung entschieden. Werde gleichzeitig auch Ubuntu installieren. Ich frage mich, ob der Trojaner sich auch in anderen Partitionen versteckt oder ob ich diese einfach unter Linux mounten kann, ohne eine Gefährdung auf Linux zu übertragen? Es wäre nett, wenn ich win7 dann halt noch zum zocken verwenden kann, also beide OS parallel.

1.) defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:53 on 19/01/2013 (Steffen)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         
2.) aswMBR:
Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-19 14:10:35
-----------------------------
14:10:35.415    OS Version: Windows x64 6.1.7601 Service Pack 1
14:10:35.415    Number of processors: 4 586 0x403
14:10:35.416    ComputerName: NR1  UserName: 
14:10:36.507    Initialize success
14:13:02.908    AVAST engine defs: 13011900
14:19:54.496    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:19:54.501    Disk 0 Vendor: WDC_WD15EARS-00Z5B1 80.00A80 Size: 1430799MB BusType: 3
14:19:54.506    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-6
14:19:54.511    Disk 1 Vendor: WDC_WD6400AAKS-00A7B0 01.03B01 Size: 610476MB BusType: 3
14:19:54.517    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
14:19:54.523    Disk 2 Vendor: WDC_WD20EARS-00MVWB0 51.0AB51 Size: 1907725MB BusType: 3
14:19:54.539    Disk 1 MBR read successfully
14:19:54.546    Disk 1 MBR scan
14:19:54.565    Disk 1 Windows 7 default MBR code
14:19:54.581    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
14:19:54.595    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS       101099 MB offset 206848
14:19:54.600    Disk 1 Partition - 00     0F Extended LBA            509275 MB offset 207259648
14:19:54.614    Disk 1 Partition 3 00     07    HPFS/NTFS NTFS       509274 MB offset 207261696
14:19:54.642    Disk 1 scanning C:\Windows\system32\drivers
14:20:04.501    Service scanning
14:20:24.343    Modules scanning
14:20:24.347    Disk 1 trace - called modules:
14:20:24.381    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys 
14:20:24.385    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8007af8060]
14:20:24.388    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8006b2a670]
14:20:24.395    5 ACPI.sys[fffff88000f607a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T1L0-6[0xfffffa800784d060]
14:20:25.842    AVAST engine scan C:\Windows
14:20:27.758    AVAST engine scan C:\Windows\system32
14:22:15.588    File: C:\Windows\assembly\GAC_32\Desktop.ini  **INFECTED** Win32:Sirefef-PL [Rtk]
14:22:17.331    File: C:\Windows\assembly\GAC_64\Desktop.ini  **INFECTED** Win32:Sirefef-PL [Rtk]
14:23:12.378    AVAST engine scan C:\Windows\system32\drivers
14:23:21.048    AVAST engine scan C:\Users\Steffen
14:33:08.579    AVAST engine scan C:\ProgramData
14:34:17.766    Scan finished successfully
14:35:20.467    Disk 1 MBR has been saved successfully to "C:\Users\Steffen\Desktop\MBR.dat"
14:35:20.471    The log file has been saved successfully to "C:\Users\Steffen\Desktop\aswMBR.txt"
         
3.) dds+
DDS Logfile:
Code:
ATTFilter
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 1.6.0_29
Run by Steffen at 14:38:14 on 2013-01-19
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8190.6042 [GMT 1:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k bthaudiosvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\Pidgin\pidgin.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - <orphaned>
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - 
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - 
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\Steffen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [RGSC] E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
uRun: [Infinite_Screen] C:\Users\Steffen\AppData\Local\Temp\infinite_screen\perl\bin\infinite_screen.exe -xC:\Users\Steffen\AppData\Local\Temp\infinite_screen C:\Users\Steffen\AppData\Local\Temp\infinite_screen\screen
mRun: [NWEReboot] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{38AC3330-CF9A-4284-8284-64489FB50CA8} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{9D529AD2-136F-46C2-B1DB-9EC76E68CF86} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{CA2E234F-5CE6-49C4-B3BB-196ADF498C6C} : DHCPNameServer = 78.46.246.142 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
x64-Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Steffen\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - ExtSQL: 2012-12-07 16:42; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-1-19 27800]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-1-19 85280]
R2 AntiVirService;Avira Echtzeit-Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-1-19 109344]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-1-19 99912]
R2 DirMngr;DirMngr;C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2011-3-2 224256]
R2 HFGService;Handsfree Headset Service;C:\Windows\System32\svchost.exe -k bthaudiosvc [2009-7-14 27136]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [2012-5-1 270672]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BthAudioHF;BthAudioHF-Dienst;C:\Windows\System32\drivers\BthAudioHF.sys [2009-12-21 52224]
S3 BthAvrcp;Bluetooth-AVRCP-Profil;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184]
S3 csr_a2dp;Bluetooth-AV-Profil;C:\Windows\System32\drivers\bthav.sys [2009-12-21 78848]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-4-1 341856]
S3 LVUVC64;Logitech Webcam 905(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-4-1 4184672]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2012-5-1 11776]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187.sys [2010-1-7 448512]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-10 59392]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
FileExt: .js: Applications\notepad++.exe="C:\Users\Steffen\Downloads\npp.5.9.8.bin\unicode\notepad++.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-01-19 12:16:55	--------	d-----w-	C:\Users\Steffen\AppData\Roaming\Avira
2013-01-19 12:11:32	99912	----a-w-	C:\Windows\System32\drivers\avgntflt.sys
2013-01-19 12:11:32	27800	----a-w-	C:\Windows\System32\drivers\avkmgr.sys
2013-01-19 12:11:32	--------	d-----w-	C:\ProgramData\Avira
2013-01-19 12:11:32	--------	d-----w-	C:\Program Files (x86)\Avira
2013-01-17 08:41:19	--------	d-sh--w-	C:\Windows\SysWow64\%APPDATA%
2013-01-15 07:25:52	9125352	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B92C6F7-E9FE-4983-84F7-D6DEB53AAAA6}\mpengine.dll
2013-01-14 09:05:25	--------	d-----w-	C:\Users\Steffen\AppData\Roaming\.minecraft
2013-01-13 20:28:00	--------	d-----w-	C:\Users\Steffen\AppData\Roaming\LibreOffice
2013-01-13 20:26:43	--------	d-----w-	C:\Program Files (x86)\LibreOffice 3.6
2013-01-10 11:29:14	--------	d-----w-	C:\Users\Steffen\AppData\Roaming\collection
2013-01-09 19:06:36	424448	----a-w-	C:\Windows\System32\KernelBase.dll
2013-01-07 23:42:37	46080	----a-w-	C:\Windows\System32\atmlib.dll
2013-01-07 23:42:37	367616	----a-w-	C:\Windows\System32\atmfd.dll
2013-01-07 23:42:37	34304	----a-w-	C:\Windows\SysWow64\atmlib.dll
2013-01-07 23:42:37	295424	----a-w-	C:\Windows\SysWow64\atmfd.dll
.
==================== Find3M  ====================
.
2013-01-17 08:45:59	74248	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 08:45:59	697864	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-10 11:50:41	466456	----a-w-	C:\Windows\System32\wrap_oal.dll
2013-01-10 11:50:41	444952	----a-w-	C:\Windows\SysWow64\wrap_oal.dll
2013-01-10 11:50:41	122904	----a-w-	C:\Windows\System32\OpenAL32.dll
2013-01-10 11:50:41	109080	----a-w-	C:\Windows\SysWow64\OpenAL32.dll
2012-12-07 13:20:16	441856	----a-w-	C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31	2746368	----a-w-	C:\Windows\System32\gameux.dll
2012-12-07 12:26:17	308736	----a-w-	C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43	2576384	----a-w-	C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04	30720	----a-w-	C:\Windows\System32\usk.rs
2012-12-07 11:20:03	43520	----a-w-	C:\Windows\System32\csrr.rs
2012-12-07 11:20:03	23552	----a-w-	C:\Windows\System32\oflc.rs
2012-12-07 11:20:01	45568	----a-w-	C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01	44544	----a-w-	C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01	20480	----a-w-	C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00	20480	----a-w-	C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59	20480	----a-w-	C:\Windows\System32\pegi.rs
2012-12-07 11:19:58	46592	----a-w-	C:\Windows\System32\fpb.rs
2012-12-07 11:19:57	40960	----a-w-	C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57	21504	----a-w-	C:\Windows\System32\grb.rs
2012-12-07 11:19:57	15360	----a-w-	C:\Windows\System32\djctq.rs
2012-12-07 11:19:56	55296	----a-w-	C:\Windows\System32\cero.rs
2012-12-07 11:19:55	51712	----a-w-	C:\Windows\System32\esrb.rs
2012-11-30 05:45:35	362496	----a-w-	C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35	243200	----a-w-	C:\Windows\System32\wow64.dll
2012-11-30 05:45:35	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14	215040	----a-w-	C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12	16384	----a-w-	C:\Windows\System32\ntvdm64.dll
2012-11-30 04:54:00	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59	274944	----a-w-	C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48	338432	----a-w-	C:\Windows\System32\conhost.exe
2012-11-30 02:44:06	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03	2048	----a-w-	C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59	6144	---ha-w-	C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59	4608	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59	3584	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31	3149824	----a-w-	C:\Windows\System32\win32k.sys
2012-11-23 03:13:57	68608	----a-w-	C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23	800768	----a-w-	C:\Windows\System32\usp10.dll
2012-11-22 04:45:03	626688	----a-w-	C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49	307200	----a-w-	C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09	220160	----a-w-	C:\Windows\SysWow64\ncrypt.dll
2012-11-12 12:28:37	1638912	----a-w-	C:\Windows\System32\mshtml.tlb
2012-11-12 11:52:18	1638912	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:32	750592	----a-w-	C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09	2048	----a-w-	C:\Windows\System32\tzres.dll
2012-11-09 04:43:04	492032	----a-w-	C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49	2048	----a-w-	C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11	478208	----a-w-	C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31	376832	----a-w-	C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:42	2002432	----a-w-	C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42	1882624	----a-w-	C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54	1389568	----a-w-	C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54	1236992	----a-w-	C:\Windows\SysWow64\msxml3.dll
2012-10-27 06:26:55	981504	----a-w-	C:\Windows\SysWow64\wininet.dll
2012-10-27 05:51:21	1188864	----a-w-	C:\Windows\System32\wininet.dll
.
============= FINISH: 14:38:30,11 ===============
         
--- --- ---

attach:
Code:
ATTFilter
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 07.10.2010 22:55:38
System Uptime: 19.01.2013 14:07:34 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. |  | GA-870A-UD3
Processor: AMD Phenom(tm) II X4 955 Processor | Socket M2 | 3200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 99 GiB total, 23,31 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 497 GiB total, 182,898 GiB free.
F: is CDROM ()
G: is FIXED (NTFS) - 1863 GiB total, 918,595 GiB free.
I: is FIXED (NTFS) - 1397 GiB total, 1010,587 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: VirtualBox Host-Only Ethernet Adapter
Device ID: ROOT\NET\0000
Manufacturer: Oracle Corporation
Name: VirtualBox Host-Only Ethernet Adapter
PNP Device ID: ROOT\NET\0000
Service: VBoxNetAdp
.
Class GUID: 
Description: USB (Universal Serial Bus)-Controller
Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_50071458&REV_03\4&91A636&0&0048
Manufacturer: 
Name: USB (Universal Serial Bus)-Controller
PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_50071458&REV_03\4&91A636&0&0048
Service: 
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
1&1 Surf-Stick
7-Zip 4.65 (x64 edition)
Activision(R)
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01) - Deutsch
Adobe Shockwave Player 11.5
Aquaria
µTorrent
Avira Free Antivirus
Blocks That Matter
Blur(TM)
Borderlands
CameraHelperMsi
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.9
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3/E4 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Command & Conquer™ 4 Tiberian Twilight
Crysis® 2
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup
doxygen 1.7.3
Dual-Core Optimizer
erLT
Express Rip
FAKEFACTORY Cinematic Mod V10
FLV Downloader
GIMP 2.6.11
Git version 1.7.3.1-preview20101002
Google Chrome
Google Earth
Google Update Helper
Gpg4win (2.1.0)
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Gratuitous Space Battles
Half-Life 2
Half-Life 2 Awakening 1.1
Half-Life 2: Deathmatch
Half-Life 2: Episode One
Half-Life 2: Episode Two
Hugin 2011.4.0
Inkscape 0.48.2
Java Auto Updater
Java(TM) 6 Update 29
LEGO Digital Designer
LibreOffice 3.6
Lightworks
LIMBO
Logitech Webcam Software
LuminanceHDR 2.0.2
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Matrox VFW Software Codecs, build 28 
Mendeley Desktop 1.7.1
Metro 2033
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft Access 2010
Microsoft Application Error Reporting
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
MiKTeX 2.8
Mozilla Firefox 18.0 (x86 de)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 de)
Mp3tag v2.48
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multiwinia
Navigator 11 - Setup Utility 11.0.23-3
Nero 7 Essentials
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
neroxml
Notepad++
NVIDIA 3D Vision Controller-Treiber 280.19
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Treiber 306.97
NVIDIA Grafiktreiber 306.97
NVIDIA HD-Audiotreiber 1.2.23.3
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Systemsteuerung 306.97
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenAL
OpenVPN 2.2.1
Opera 11.62
Oracle VM VirtualBox 4.1.8
Phase 5 HTML-Editor
Pidgin
pidgin-otr 3.2.0-1
Portal
Portal 2
PuTTY 0.60 x64
PVSonyDll
Python 2.6 pygtk-2.22.0
QuickTime
R for Windows 2.11.1
RESIDENT EVIL 5
Return to Castle Wolfenstein
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
SIP Communicator
Skype™ 5.10
Solar 2
Source SDK
Source SDK Base 2007
SpeedFan (remove only)
Texmaker
The Basement Collection
The Binding of Isaac
Tinn-R 2.3.5.2
UFRaw 0.18
Unity Web Player (All users)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
VLC media player 2.0.1
Winamp
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Mobile Device Center Driver Update
WinMerge 2.12.4
.
==== End Of File ===========================
         
4.) TDSS-Killer:
Code:
ATTFilter
14:35:51.0278 4996  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:35:51.0520 4996  ============================================================
14:35:51.0520 4996  Current date / time: 2013/01/19 14:35:51.0520
14:35:51.0520 4996  SystemInfo:
14:35:51.0520 4996  
14:35:51.0521 4996  OS Version: 6.1.7601 ServicePack: 1.0
14:35:51.0521 4996  Product type: Workstation
14:35:51.0521 4996  ComputerName: NR1
14:35:51.0521 4996  UserName: Steffen
14:35:51.0521 4996  Windows directory: C:\Windows
14:35:51.0521 4996  System windows directory: C:\Windows
14:35:51.0521 4996  Running under WOW64
14:35:51.0521 4996  Processor architecture: Intel x64
14:35:51.0521 4996  Number of processors: 4
14:35:51.0521 4996  Page size: 0x1000
14:35:51.0521 4996  Boot type: Normal boot
14:35:51.0521 4996  ============================================================
14:35:52.0438 4996  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:52.0449 4996  Drive \Device\Harddisk1\DR1 - Size: 0x950AC4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x14300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:35:52.0449 4996  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C0D0DE00 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B600, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:52.0452 4996  ============================================================
14:35:52.0452 4996  \Device\Harddisk0\DR0:
14:35:52.0453 4996  MBR partitions:
14:35:52.0453 4996  \Device\Harddisk1\DR1:
14:35:52.0453 4996  MBR partitions:
14:35:52.0453 4996  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:35:52.0453 4996  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC575800
14:35:52.0464 4996  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC5A9000, BlocksNum 0x3E2AD270
14:35:52.0464 4996  \Device\Harddisk2\DR2:
14:35:52.0465 4996  MBR partitions:
14:35:52.0465 4996  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06070
14:35:52.0465 4996  ============================================================
14:35:52.0490 4996  C: <-> \Device\Harddisk1\DR1\Partition2
14:35:52.0517 4996  E: <-> \Device\Harddisk1\DR1\Partition3
14:35:52.0991 4996  G: <-> \Device\Harddisk2\DR2\Partition1
14:35:52.0991 4996  ============================================================
14:35:52.0992 4996  Initialize success
14:35:52.0992 4996  ============================================================
14:36:09.0153 1788  ============================================================
14:36:09.0153 1788  Scan started
14:36:09.0153 1788  Mode: Manual; TDLFS; 
14:36:09.0153 1788  ============================================================
14:36:10.0702 1788  ================ Scan system memory ========================
14:36:10.0702 1788  System memory - ok
14:36:10.0703 1788  ================ Scan services =============================
14:36:10.0843 1788  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:36:10.0845 1788  1394ohci - ok
14:36:10.0868 1788  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:36:10.0871 1788  ACPI - ok
14:36:10.0882 1788  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:36:10.0882 1788  AcpiPmi - ok
14:36:10.0934 1788  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:36:10.0935 1788  Adobe LM Service - ok
14:36:11.0011 1788  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:36:11.0012 1788  AdobeARMservice - ok
14:36:11.0090 1788  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:36:11.0094 1788  AdobeFlashPlayerUpdateSvc - ok
14:36:11.0135 1788  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:36:11.0152 1788  adp94xx - ok
14:36:11.0182 1788  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:36:11.0188 1788  adpahci - ok
14:36:11.0209 1788  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:36:11.0212 1788  adpu320 - ok
14:36:11.0243 1788  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:36:11.0245 1788  AeLookupSvc - ok
14:36:11.0290 1788  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:36:11.0306 1788  AFD - ok
14:36:11.0333 1788  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:36:11.0334 1788  agp440 - ok
14:36:11.0350 1788  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:36:11.0351 1788  ALG - ok
14:36:11.0364 1788  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:36:11.0364 1788  aliide - ok
14:36:11.0419 1788  ALSysIO - ok
14:36:11.0447 1788  [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:36:11.0448 1788  AMD External Events Utility - ok
14:36:11.0452 1788  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:36:11.0453 1788  amdide - ok
14:36:11.0468 1788  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:36:11.0468 1788  AmdK8 - ok
14:36:11.0484 1788  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:36:11.0485 1788  AmdPPM - ok
14:36:11.0507 1788  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:36:11.0507 1788  amdsata - ok
14:36:11.0531 1788  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:36:11.0532 1788  amdsbs - ok
14:36:11.0546 1788  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:36:11.0546 1788  amdxata - ok
14:36:11.0665 1788  [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:36:11.0666 1788  AntiVirSchedulerService - ok
14:36:11.0684 1788  [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:36:11.0685 1788  AntiVirService - ok
14:36:11.0716 1788  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:36:11.0716 1788  AppID - ok
14:36:11.0737 1788  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:36:11.0738 1788  AppIDSvc - ok
14:36:11.0765 1788  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
14:36:11.0765 1788  Appinfo - ok
14:36:11.0783 1788  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:36:11.0784 1788  AppMgmt - ok
14:36:11.0791 1788  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:36:11.0792 1788  arc - ok
14:36:11.0804 1788  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:36:11.0804 1788  arcsas - ok
14:36:11.0898 1788  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:36:11.0900 1788  aspnet_state - ok
14:36:11.0923 1788  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:36:11.0924 1788  AsyncMac - ok
14:36:11.0942 1788  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:36:11.0943 1788  atapi - ok
14:36:12.0053 1788  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:36:12.0141 1788  atikmdag - ok
14:36:12.0176 1788  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:36:12.0182 1788  AudioEndpointBuilder - ok
14:36:12.0199 1788  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:36:12.0202 1788  AudioSrv - ok
14:36:12.0218 1788  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:36:12.0219 1788  avgntflt - ok
14:36:12.0247 1788  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:36:12.0247 1788  avipbb - ok
14:36:12.0255 1788  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:36:12.0255 1788  avkmgr - ok
14:36:12.0295 1788  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:36:12.0295 1788  AxInstSV - ok
14:36:12.0325 1788  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:36:12.0329 1788  b06bdrv - ok
14:36:12.0348 1788  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:36:12.0439 1788  b57nd60a - ok
14:36:12.0467 1788  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:36:12.0470 1788  BDESVC - ok
14:36:12.0542 1788  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:36:12.0543 1788  Beep - ok
14:36:12.0632 1788  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:36:12.0634 1788  blbdrive - ok
14:36:12.0678 1788  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:36:12.0680 1788  bowser - ok
14:36:12.0692 1788  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:36:12.0693 1788  BrFiltLo - ok
14:36:12.0711 1788  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:36:12.0711 1788  BrFiltUp - ok
14:36:12.0739 1788  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:36:12.0740 1788  Browser - ok
14:36:12.0753 1788  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:36:12.0754 1788  Brserid - ok
14:36:12.0770 1788  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:36:12.0770 1788  BrSerWdm - ok
14:36:12.0774 1788  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:36:12.0774 1788  BrUsbMdm - ok
14:36:12.0778 1788  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:36:12.0779 1788  BrUsbSer - ok
14:36:12.0807 1788  [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF      C:\Windows\system32\DRIVERS\BthAudioHF.sys
14:36:12.0807 1788  BthAudioHF - ok
14:36:12.0818 1788  [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:36:12.0819 1788  BthAvrcp - ok
14:36:12.0856 1788  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:36:12.0857 1788  BthEnum - ok
14:36:12.0863 1788  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:36:12.0864 1788  BTHMODEM - ok
14:36:12.0885 1788  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:36:12.0886 1788  BthPan - ok
14:36:12.0920 1788  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:36:12.0926 1788  BTHPORT - ok
14:36:12.0955 1788  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:36:12.0956 1788  bthserv - ok
14:36:12.0977 1788  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:36:12.0978 1788  BTHUSB - ok
14:36:12.0999 1788  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:36:12.0999 1788  cdfs - ok
14:36:13.0029 1788  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:36:13.0030 1788  cdrom - ok
14:36:13.0063 1788  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:36:13.0065 1788  CertPropSvc - ok
14:36:13.0087 1788  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:36:13.0089 1788  circlass - ok
14:36:13.0116 1788  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:36:13.0133 1788  CLFS - ok
14:36:13.0179 1788  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:36:13.0180 1788  clr_optimization_v2.0.50727_32 - ok
14:36:13.0205 1788  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:36:13.0206 1788  clr_optimization_v2.0.50727_64 - ok
14:36:13.0262 1788  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:36:13.0263 1788  clr_optimization_v4.0.30319_32 - ok
14:36:13.0271 1788  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:36:13.0272 1788  clr_optimization_v4.0.30319_64 - ok
14:36:13.0281 1788  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:36:13.0281 1788  CmBatt - ok
14:36:13.0299 1788  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:36:13.0299 1788  cmdide - ok
14:36:13.0327 1788  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:36:13.0332 1788  CNG - ok
14:36:13.0343 1788  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:36:13.0344 1788  Compbatt - ok
14:36:13.0354 1788  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:36:13.0354 1788  CompositeBus - ok
14:36:13.0359 1788  COMSysApp - ok
14:36:13.0363 1788  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:36:13.0364 1788  crcdisk - ok
14:36:13.0404 1788  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:36:13.0405 1788  CryptSvc - ok
14:36:13.0440 1788  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
14:36:13.0445 1788  CSC - ok
14:36:13.0485 1788  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
14:36:13.0507 1788  CscService - ok
14:36:13.0533 1788  [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp        C:\Windows\system32\drivers\bthav.sys
14:36:13.0535 1788  csr_a2dp - ok
14:36:13.0568 1788  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:36:13.0585 1788  DcomLaunch - ok
14:36:13.0617 1788  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:36:13.0633 1788  defragsvc - ok
14:36:13.0669 1788  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:36:13.0671 1788  DfsC - ok
14:36:13.0691 1788  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:36:13.0698 1788  Dhcp - ok
14:36:13.0768 1788  [ 4F26BB00747D41E7C0FE8EBB2900F862 ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
14:36:13.0772 1788  DirMngr - ok
14:36:13.0794 1788  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:36:13.0795 1788  discache - ok
14:36:13.0819 1788  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:36:13.0821 1788  Disk - ok
14:36:13.0855 1788  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:36:13.0857 1788  Dnscache - ok
14:36:13.0884 1788  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:36:13.0886 1788  dot3svc - ok
14:36:13.0913 1788  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:36:13.0914 1788  DPS - ok
14:36:13.0943 1788  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:36:13.0943 1788  drmkaud - ok
14:36:13.0974 1788  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:36:13.0978 1788  DXGKrnl - ok
14:36:13.0993 1788  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:36:13.0993 1788  EapHost - ok
14:36:14.0045 1788  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:36:14.0096 1788  ebdrv - ok
14:36:14.0118 1788  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:36:14.0119 1788  EFS - ok
14:36:14.0154 1788  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:36:14.0171 1788  ehRecvr - ok
14:36:14.0192 1788  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:36:14.0193 1788  ehSched - ok
14:36:14.0209 1788  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:36:14.0213 1788  elxstor - ok
14:36:14.0220 1788  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:36:14.0220 1788  ErrDev - ok
14:36:14.0239 1788  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:36:14.0242 1788  EventSystem - ok
14:36:14.0255 1788  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:36:14.0256 1788  exfat - ok
14:36:14.0272 1788  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:36:14.0273 1788  fastfat - ok
14:36:14.0303 1788  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:36:14.0317 1788  Fax - ok
14:36:14.0347 1788  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:36:14.0348 1788  fdc - ok
14:36:14.0370 1788  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:36:14.0372 1788  fdPHost - ok
14:36:14.0392 1788  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:36:14.0394 1788  FDResPub - ok
14:36:14.0422 1788  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:36:14.0424 1788  FileInfo - ok
14:36:14.0434 1788  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:36:14.0435 1788  Filetrace - ok
14:36:14.0455 1788  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:36:14.0456 1788  flpydisk - ok
14:36:14.0477 1788  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:36:14.0479 1788  FltMgr - ok
14:36:14.0517 1788  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
14:36:14.0533 1788  FontCache - ok
14:36:14.0579 1788  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:36:14.0579 1788  FontCache3.0.0.0 - ok
14:36:14.0591 1788  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:36:14.0591 1788  FsDepends - ok
14:36:14.0612 1788  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:36:14.0612 1788  Fs_Rec - ok
14:36:14.0632 1788  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:36:14.0633 1788  fvevol - ok
14:36:14.0648 1788  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:36:14.0649 1788  gagp30kx - ok
14:36:14.0681 1788  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:36:14.0697 1788  gpsvc - ok
14:36:14.0740 1788  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:14.0740 1788  gupdate - ok
14:36:14.0764 1788  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:14.0766 1788  gupdatem - ok
14:36:14.0780 1788  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:36:14.0781 1788  hcw85cir - ok
14:36:14.0818 1788  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:36:14.0825 1788  HdAudAddService - ok
14:36:14.0858 1788  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:36:14.0860 1788  HDAudBus - ok
14:36:14.0908 1788  [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService      C:\Windows\System32\HFGService.dll
14:36:14.0917 1788  HFGService - ok
14:36:14.0931 1788  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:36:14.0932 1788  HidBatt - ok
14:36:14.0946 1788  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:36:14.0947 1788  HidBth - ok
14:36:14.0957 1788  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:36:14.0958 1788  HidIr - ok
14:36:14.0973 1788  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:36:14.0973 1788  hidserv - ok
14:36:14.0983 1788  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:36:14.0984 1788  HidUsb - ok
14:36:15.0007 1788  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:36:15.0008 1788  hkmsvc - ok
14:36:15.0033 1788  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:36:15.0036 1788  HomeGroupListener - ok
14:36:15.0060 1788  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:36:15.0062 1788  HomeGroupProvider - ok
14:36:15.0079 1788  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:36:15.0080 1788  HpSAMD - ok
14:36:15.0230 1788  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Users\Steffen\AppData\Local\Temp\7zS5696\hpslpsvc64.dll
14:36:15.0255 1788  HPSLPSVC - ok
14:36:15.0306 1788  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:36:15.0323 1788  HTTP - ok
14:36:15.0347 1788  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:36:15.0347 1788  hwpolicy - ok
14:36:15.0364 1788  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:36:15.0365 1788  i8042prt - ok
14:36:15.0390 1788  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:36:15.0394 1788  iaStorV - ok
14:36:15.0439 1788  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:36:15.0456 1788  idsvc - ok
14:36:15.0472 1788  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:36:15.0472 1788  iirsp - ok
14:36:15.0508 1788  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:36:15.0525 1788  IKEEXT - ok
14:36:15.0540 1788  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:36:15.0540 1788  intelide - ok
14:36:15.0561 1788  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:36:15.0562 1788  intelppm - ok
14:36:15.0585 1788  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:36:15.0586 1788  IPBusEnum - ok
14:36:15.0608 1788  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:36:15.0609 1788  IpFilterDriver - ok
14:36:15.0630 1788  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:36:15.0632 1788  IPMIDRV - ok
14:36:15.0646 1788  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:36:15.0648 1788  IPNAT - ok
14:36:15.0674 1788  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:36:15.0674 1788  IRENUM - ok
14:36:15.0691 1788  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:36:15.0692 1788  isapnp - ok
14:36:15.0716 1788  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:36:15.0721 1788  iScsiPrt - ok
14:36:15.0741 1788  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:36:15.0743 1788  kbdclass - ok
14:36:15.0762 1788  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:36:15.0762 1788  kbdhid - ok
14:36:15.0769 1788  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:36:15.0770 1788  KeyIso - ok
14:36:15.0794 1788  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:36:15.0795 1788  KSecDD - ok
14:36:15.0826 1788  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:36:15.0827 1788  KSecPkg - ok
14:36:15.0838 1788  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:36:15.0839 1788  ksthunk - ok
14:36:15.0867 1788  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:36:15.0871 1788  KtmRm - ok
14:36:15.0901 1788  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:36:15.0903 1788  LanmanServer - ok
14:36:15.0932 1788  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:36:15.0934 1788  LanmanWorkstation - ok
14:36:15.0951 1788  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:36:15.0951 1788  lltdio - ok
14:36:15.0967 1788  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:36:15.0970 1788  lltdsvc - ok
14:36:15.0977 1788  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:36:15.0978 1788  lmhosts - ok
14:36:15.0991 1788  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:36:15.0992 1788  LSI_FC - ok
14:36:16.0003 1788  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:36:16.0003 1788  LSI_SAS - ok
14:36:16.0016 1788  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:36:16.0017 1788  LSI_SAS2 - ok
14:36:16.0040 1788  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:36:16.0041 1788  LSI_SCSI - ok
14:36:16.0059 1788  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:36:16.0059 1788  luafv - ok
14:36:16.0093 1788  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:16.0093 1788  LVPr2M64 - ok
14:36:16.0099 1788  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:16.0099 1788  LVPr2Mon - ok
14:36:16.0120 1788  [ EF586B959F747E74C76603FF16AE417B ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
14:36:16.0122 1788  LVRS64 - ok
14:36:16.0204 1788  [ EDF73BFA1BD24D74D1D64DC0ED28A7CD ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
14:36:16.0264 1788  LVUVC64 - ok
14:36:16.0304 1788  [ 035C83CD72E06C47000793D32B1A642D ] massfilter      C:\Windows\system32\drivers\massfilter.sys
14:36:16.0305 1788  massfilter - ok
14:36:16.0330 1788  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:36:16.0333 1788  Mcx2Svc - ok
14:36:16.0365 1788  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:36:16.0367 1788  megasas - ok
14:36:16.0405 1788  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:36:16.0410 1788  MegaSR - ok
14:36:16.0429 1788  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:36:16.0432 1788  MMCSS - ok
14:36:16.0440 1788  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:36:16.0440 1788  Modem - ok
14:36:16.0445 1788  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:36:16.0446 1788  monitor - ok
14:36:16.0465 1788  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:36:16.0465 1788  mouclass - ok
14:36:16.0489 1788  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:36:16.0490 1788  mouhid - ok
14:36:16.0510 1788  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:36:16.0510 1788  mountmgr - ok
14:36:16.0558 1788  [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:36:16.0560 1788  MozillaMaintenance - ok
14:36:16.0583 1788  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:36:16.0584 1788  mpio - ok
14:36:16.0600 1788  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:36:16.0600 1788  mpsdrv - ok
14:36:16.0632 1788  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:36:16.0633 1788  MRxDAV - ok
14:36:16.0657 1788  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:36:16.0658 1788  mrxsmb - ok
14:36:16.0687 1788  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:36:16.0689 1788  mrxsmb10 - ok
14:36:16.0700 1788  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:36:16.0701 1788  mrxsmb20 - ok
14:36:16.0716 1788  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:36:16.0716 1788  msahci - ok
14:36:16.0736 1788  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:36:16.0737 1788  msdsm - ok
14:36:16.0751 1788  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:36:16.0753 1788  MSDTC - ok
14:36:16.0778 1788  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:36:16.0779 1788  Msfs - ok
14:36:16.0786 1788  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:36:16.0786 1788  mshidkmdf - ok
14:36:16.0792 1788  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:36:16.0793 1788  msisadrv - ok
14:36:16.0825 1788  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:36:16.0826 1788  MSiSCSI - ok
14:36:16.0831 1788  msiserver - ok
14:36:16.0857 1788  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:36:16.0858 1788  MSKSSRV - ok
14:36:16.0872 1788  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:36:16.0873 1788  MSPCLOCK - ok
14:36:16.0884 1788  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:36:16.0884 1788  MSPQM - ok
14:36:16.0923 1788  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:36:16.0939 1788  MsRPC - ok
14:36:16.0957 1788  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:36:16.0958 1788  mssmbios - ok
14:36:16.0966 1788  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:36:16.0967 1788  MSTEE - ok
14:36:16.0977 1788  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:36:16.0978 1788  MTConfig - ok
14:36:17.0014 1788  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
14:36:17.0014 1788  MTsensor - ok
14:36:17.0031 1788  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:36:17.0032 1788  Mup - ok
14:36:17.0064 1788  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:36:17.0069 1788  napagent - ok
14:36:17.0094 1788  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:36:17.0097 1788  NativeWifiP - ok
14:36:17.0163 1788  [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
14:36:17.0166 1788  NAUpdate - ok
14:36:17.0207 1788  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:36:17.0222 1788  NDIS - ok
14:36:17.0233 1788  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:36:17.0234 1788  NdisCap - ok
14:36:17.0245 1788  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:36:17.0245 1788  NdisTapi - ok
14:36:17.0276 1788  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:36:17.0276 1788  Ndisuio - ok
14:36:17.0303 1788  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:36:17.0306 1788  NdisWan - ok
14:36:17.0333 1788  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:36:17.0334 1788  NDProxy - ok
14:36:17.0351 1788  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:36:17.0352 1788  NetBIOS - ok
14:36:17.0390 1788  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:36:17.0392 1788  NetBT - ok
14:36:17.0402 1788  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:36:17.0403 1788  Netlogon - ok
14:36:17.0428 1788  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:36:17.0431 1788  Netman - ok
14:36:17.0466 1788  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0468 1788  NetMsmqActivator - ok
14:36:17.0472 1788  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0473 1788  NetPipeActivator - ok
14:36:17.0493 1788  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:36:17.0497 1788  netprofm - ok
14:36:17.0501 1788  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0503 1788  NetTcpActivator - ok
14:36:17.0506 1788  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:17.0507 1788  NetTcpPortSharing - ok
14:36:17.0524 1788  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:36:17.0524 1788  nfrd960 - ok
14:36:17.0555 1788  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:36:17.0558 1788  NlaSvc - ok
14:36:17.0570 1788  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:36:17.0571 1788  Npfs - ok
14:36:17.0581 1788  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:36:17.0582 1788  nsi - ok
14:36:17.0586 1788  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:36:17.0587 1788  nsiproxy - ok
14:36:17.0632 1788  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:36:17.0657 1788  Ntfs - ok
14:36:17.0721 1788  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:36:17.0721 1788  Null - ok
14:36:17.0773 1788  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
14:36:17.0794 1788  NVENETFD - ok
14:36:17.0862 1788  [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:36:17.0865 1788  NVHDA - ok
14:36:18.0087 1788  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:36:18.0143 1788  nvlddmkm - ok
14:36:18.0171 1788  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:36:18.0172 1788  nvraid - ok
14:36:18.0189 1788  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:36:18.0190 1788  nvstor - ok
14:36:18.0243 1788  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc           C:\Windows\system32\nvvsvc.exe
14:36:18.0254 1788  NVSvc - ok
14:36:18.0355 1788  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:36:18.0383 1788  nvUpdatusService - ok
14:36:18.0441 1788  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:36:18.0444 1788  nv_agp - ok
14:36:18.0477 1788  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:36:18.0479 1788  ohci1394 - ok
14:36:18.0535 1788  [ D29D5E61A5722630BB58940D1E4E231A ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
14:36:18.0537 1788  OpenVPNService - ok
14:36:18.0622 1788  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:36:18.0626 1788  ose - ok
14:36:18.0788 1788  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:36:18.0861 1788  osppsvc - ok
14:36:18.0884 1788  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:36:18.0887 1788  p2pimsvc - ok
14:36:18.0912 1788  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:36:18.0915 1788  p2psvc - ok
14:36:18.0937 1788  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:36:18.0937 1788  Parport - ok
14:36:18.0959 1788  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:36:18.0960 1788  partmgr - ok
14:36:18.0970 1788  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:36:18.0972 1788  PcaSvc - ok
14:36:18.0986 1788  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:36:18.0987 1788  pci - ok
14:36:19.0003 1788  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:36:19.0004 1788  pciide - ok
14:36:19.0017 1788  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:36:19.0018 1788  pcmcia - ok
14:36:19.0028 1788  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:36:19.0029 1788  pcw - ok
14:36:19.0042 1788  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:36:19.0047 1788  PEAUTH - ok
14:36:19.0084 1788  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:36:19.0110 1788  PeerDistSvc - ok
14:36:19.0168 1788  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:36:19.0171 1788  PerfHost - ok
14:36:19.0246 1788  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:36:19.0269 1788  pla - ok
14:36:19.0308 1788  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:36:19.0313 1788  PlugPlay - ok
14:36:19.0324 1788  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:36:19.0325 1788  PNRPAutoReg - ok
14:36:19.0343 1788  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:36:19.0345 1788  PNRPsvc - ok
14:36:19.0360 1788  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:36:19.0367 1788  PolicyAgent - ok
14:36:19.0385 1788  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:36:19.0388 1788  Power - ok
14:36:19.0427 1788  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:36:19.0428 1788  PptpMiniport - ok
14:36:19.0450 1788  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:36:19.0451 1788  Processor - ok
14:36:19.0475 1788  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:36:19.0477 1788  ProfSvc - ok
14:36:19.0486 1788  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:36:19.0487 1788  ProtectedStorage - ok
14:36:19.0512 1788  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:36:19.0513 1788  Psched - ok
14:36:19.0549 1788  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:36:19.0574 1788  ql2300 - ok
14:36:19.0592 1788  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:36:19.0593 1788  ql40xx - ok
14:36:19.0607 1788  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:36:19.0610 1788  QWAVE - ok
14:36:19.0620 1788  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:36:19.0621 1788  QWAVEdrv - ok
14:36:19.0656 1788  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
14:36:19.0658 1788  RapiMgr - ok
14:36:19.0666 1788  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:36:19.0666 1788  RasAcd - ok
14:36:19.0681 1788  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:36:19.0681 1788  RasAgileVpn - ok
14:36:19.0690 1788  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:36:19.0691 1788  RasAuto - ok
14:36:19.0709 1788  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:36:19.0710 1788  Rasl2tp - ok
14:36:19.0744 1788  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:36:19.0747 1788  RasMan - ok
14:36:19.0759 1788  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:36:19.0759 1788  RasPppoe - ok
14:36:19.0767 1788  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:36:19.0767 1788  RasSstp - ok
14:36:19.0795 1788  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:36:19.0797 1788  rdbss - ok
14:36:19.0809 1788  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:36:19.0809 1788  rdpbus - ok
14:36:19.0820 1788  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:36:19.0821 1788  RDPCDD - ok
14:36:19.0853 1788  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:36:19.0854 1788  RDPDR - ok
14:36:19.0863 1788  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:36:19.0863 1788  RDPENCDD - ok
14:36:19.0868 1788  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:36:19.0868 1788  RDPREFMP - ok
14:36:19.0883 1788  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:36:19.0884 1788  RDPWD - ok
14:36:19.0908 1788  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:36:19.0909 1788  rdyboost - ok
14:36:19.0930 1788  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:36:19.0931 1788  RemoteAccess - ok
14:36:19.0943 1788  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:36:19.0944 1788  RemoteRegistry - ok
14:36:19.0971 1788  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:36:19.0972 1788  RFCOMM - ok
14:36:19.0981 1788  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:36:19.0982 1788  RpcEptMapper - ok
14:36:19.0995 1788  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:36:19.0996 1788  RpcLocator - ok
14:36:20.0023 1788  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:36:20.0026 1788  RpcSs - ok
14:36:20.0035 1788  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:36:20.0036 1788  rspndr - ok
14:36:20.0067 1788  [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:36:20.0068 1788  RTL8167 - ok
14:36:20.0101 1788  [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187         C:\Windows\system32\DRIVERS\rtl8187.sys
14:36:20.0104 1788  RTL8187 - ok
14:36:20.0118 1788  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:36:20.0118 1788  s3cap - ok
14:36:20.0127 1788  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:36:20.0128 1788  SamSs - ok
14:36:20.0139 1788  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:36:20.0139 1788  sbp2port - ok
14:36:20.0156 1788  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:36:20.0158 1788  SCardSvr - ok
14:36:20.0180 1788  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:36:20.0180 1788  scfilter - ok
14:36:20.0221 1788  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:36:20.0236 1788  Schedule - ok
14:36:20.0263 1788  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:36:20.0263 1788  SCPolicySvc - ok
14:36:20.0294 1788  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:36:20.0299 1788  SDRSVC - ok
14:36:20.0322 1788  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:36:20.0324 1788  secdrv - ok
14:36:20.0354 1788  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:36:20.0358 1788  seclogon - ok
14:36:20.0384 1788  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:36:20.0388 1788  SENS - ok
14:36:20.0408 1788  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:36:20.0411 1788  SensrSvc - ok
14:36:20.0433 1788  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:36:20.0434 1788  Serenum - ok
14:36:20.0456 1788  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:36:20.0458 1788  Serial - ok
14:36:20.0482 1788  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:36:20.0483 1788  sermouse - ok
14:36:20.0538 1788  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:36:20.0542 1788  SessionEnv - ok
14:36:20.0571 1788  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:36:20.0572 1788  sffdisk - ok
14:36:20.0589 1788  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:36:20.0590 1788  sffp_mmc - ok
14:36:20.0607 1788  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:36:20.0608 1788  sffp_sd - ok
14:36:20.0626 1788  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:36:20.0627 1788  sfloppy - ok
14:36:20.0663 1788  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:36:20.0667 1788  ShellHWDetection - ok
14:36:20.0693 1788  [ 0F498DEE92FD73DD999BAE4D506367F5 ] SI3132          C:\Windows\system32\DRIVERS\SI3132.sys
14:36:20.0694 1788  SI3132 - ok
14:36:20.0698 1788  [ 127CE10E01F53F2EDACA7FE42E5631EA ] SiFilter        C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:36:20.0698 1788  SiFilter - ok
14:36:20.0706 1788  [ B742C37002B8EBEF6E230DF9B4B28546 ] SiRemFil        C:\Windows\system32\DRIVERS\SiRemFil.sys
14:36:20.0706 1788  SiRemFil - ok
14:36:20.0718 1788  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:36:20.0718 1788  SiSRaid2 - ok
14:36:20.0723 1788  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:36:20.0723 1788  SiSRaid4 - ok
14:36:20.0777 1788  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:36:20.0778 1788  SkypeUpdate - ok
14:36:20.0796 1788  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:36:20.0797 1788  Smb - ok
14:36:20.0826 1788  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:36:20.0827 1788  SNMPTRAP - ok
14:36:20.0869 1788  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
14:36:20.0870 1788  speedfan - ok
14:36:20.0887 1788  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:36:20.0888 1788  spldr - ok
14:36:20.0922 1788  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:36:20.0926 1788  Spooler - ok
14:36:21.0030 1788  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:36:21.0093 1788  sppsvc - ok
14:36:21.0111 1788  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:36:21.0113 1788  sppuinotify - ok
14:36:21.0141 1788  [ 602884696850C86434530790B110E8EB ] sptd            C:\Windows\System32\Drivers\sptd.sys
14:36:21.0158 1788  sptd - ok
14:36:21.0193 1788  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:36:21.0197 1788  srv - ok
14:36:21.0215 1788  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:36:21.0218 1788  srv2 - ok
14:36:21.0231 1788  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:36:21.0232 1788  srvnet - ok
14:36:21.0252 1788  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:36:21.0254 1788  SSDPSRV - ok
14:36:21.0268 1788  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:36:21.0270 1788  SstpSvc - ok
14:36:21.0300 1788  Steam Client Service - ok
14:36:21.0370 1788  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:36:21.0376 1788  Stereo Service - ok
14:36:21.0400 1788  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:36:21.0401 1788  stexstor - ok
14:36:21.0451 1788  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:36:21.0468 1788  stisvc - ok
14:36:21.0484 1788  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:36:21.0484 1788  storflt - ok
14:36:21.0505 1788  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
14:36:21.0506 1788  StorSvc - ok
14:36:21.0520 1788  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:36:21.0521 1788  storvsc - ok
14:36:21.0538 1788  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:36:21.0538 1788  swenum - ok
14:36:21.0555 1788  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:36:21.0571 1788  swprv - ok
14:36:21.0625 1788  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:36:21.0656 1788  SysMain - ok
14:36:21.0682 1788  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:36:21.0684 1788  TabletInputService - ok
14:36:21.0710 1788  [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:36:21.0710 1788  tap0901 - ok
14:36:21.0736 1788  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:36:21.0739 1788  TapiSrv - ok
14:36:21.0753 1788  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:36:21.0755 1788  TBS - ok
14:36:21.0814 1788  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:36:21.0857 1788  Tcpip - ok
14:36:21.0898 1788  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:36:21.0910 1788  TCPIP6 - ok
14:36:21.0935 1788  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:36:21.0936 1788  tcpipreg - ok
14:36:21.0954 1788  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:36:21.0954 1788  TDPIPE - ok
14:36:21.0978 1788  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:36:21.0978 1788  TDTCP - ok
14:36:22.0003 1788  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:36:22.0004 1788  tdx - ok
14:36:22.0014 1788  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:36:22.0015 1788  TermDD - ok
14:36:22.0040 1788  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:36:22.0057 1788  TermService - ok
14:36:22.0066 1788  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:36:22.0068 1788  Themes - ok
14:36:22.0078 1788  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:36:22.0079 1788  THREADORDER - ok
14:36:22.0089 1788  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:36:22.0091 1788  TrkWks - ok
14:36:22.0127 1788  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:36:22.0128 1788  TrustedInstaller - ok
14:36:22.0147 1788  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:36:22.0148 1788  tssecsrv - ok
14:36:22.0171 1788  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:36:22.0171 1788  TsUsbFlt - ok
14:36:22.0204 1788  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:36:22.0204 1788  tunnel - ok
14:36:22.0217 1788  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:36:22.0217 1788  uagp35 - ok
14:36:22.0243 1788  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:36:22.0246 1788  udfs - ok
14:36:22.0299 1788  [ 2E071263A409931F8AFF3A6A656E920C ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
14:36:22.0300 1788  UI Assistant Service - ok
14:36:22.0312 1788  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:36:22.0313 1788  UI0Detect - ok
14:36:22.0328 1788  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:36:22.0329 1788  uliagpkx - ok
14:36:22.0352 1788  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:36:22.0352 1788  umbus - ok
14:36:22.0360 1788  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:36:22.0360 1788  UmPass - ok
14:36:22.0385 1788  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
14:36:22.0391 1788  UmRdpService - ok
14:36:22.0460 1788  [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:36:22.0466 1788  UMVPFSrv - ok
14:36:22.0504 1788  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:36:22.0521 1788  upnphost - ok
14:36:22.0544 1788  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:36:22.0547 1788  usbaudio - ok
14:36:22.0588 1788  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:36:22.0590 1788  usbccgp - ok
14:36:22.0620 1788  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:36:22.0622 1788  usbcir - ok
14:36:22.0644 1788  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:36:22.0645 1788  usbehci - ok
14:36:22.0671 1788  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:36:22.0687 1788  usbhub - ok
14:36:22.0707 1788  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
14:36:22.0708 1788  usbohci - ok
14:36:22.0731 1788  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:36:22.0732 1788  usbprint - ok
14:36:22.0751 1788  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:36:22.0753 1788  USBSTOR - ok
14:36:22.0762 1788  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:36:22.0763 1788  usbuhci - ok
14:36:22.0795 1788  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
14:36:22.0796 1788  usb_rndisx - ok
14:36:22.0806 1788  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:36:22.0807 1788  UxSms - ok
14:36:22.0819 1788  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:36:22.0820 1788  VaultSvc - ok
14:36:22.0854 1788  [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:36:22.0855 1788  VBoxDrv - ok
14:36:22.0919 1788  [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:36:22.0921 1788  VBoxNetAdp - ok
14:36:22.0928 1788  [ 7B657669C53A0E6583F07EBAA303D9EA ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:36:22.0929 1788  VBoxNetFlt - ok
14:36:22.0968 1788  [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:36:22.0969 1788  VBoxUSBMon - ok
14:36:22.0978 1788  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:36:22.0978 1788  vdrvroot - ok
14:36:23.0005 1788  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:36:23.0021 1788  vds - ok
14:36:23.0037 1788  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:36:23.0038 1788  vga - ok
14:36:23.0045 1788  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:36:23.0046 1788  VgaSave - ok
14:36:23.0065 1788  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:36:23.0067 1788  vhdmp - ok
14:36:23.0082 1788  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:36:23.0082 1788  viaide - ok
14:36:23.0094 1788  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:36:23.0095 1788  vmbus - ok
14:36:23.0110 1788  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:36:23.0111 1788  VMBusHID - ok
14:36:23.0115 1788  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:36:23.0115 1788  volmgr - ok
14:36:23.0148 1788  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:36:23.0151 1788  volmgrx - ok
14:36:23.0168 1788  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:36:23.0170 1788  volsnap - ok
14:36:23.0204 1788  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:36:23.0205 1788  vsmraid - ok
14:36:23.0263 1788  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:36:23.0301 1788  VSS - ok
14:36:23.0310 1788  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:36:23.0310 1788  vwifibus - ok
14:36:23.0316 1788  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:36:23.0317 1788  vwififlt - ok
14:36:23.0325 1788  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:36:23.0325 1788  vwifimp - ok
14:36:23.0345 1788  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:36:23.0349 1788  W32Time - ok
14:36:23.0362 1788  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:36:23.0363 1788  WacomPen - ok
14:36:23.0386 1788  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:36:23.0387 1788  WANARP - ok
14:36:23.0400 1788  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:36:23.0401 1788  Wanarpv6 - ok
14:36:23.0447 1788  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:36:23.0473 1788  wbengine - ok
14:36:23.0482 1788  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:36:23.0485 1788  WbioSrvc - ok
14:36:23.0514 1788  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
14:36:23.0517 1788  WcesComm - ok
14:36:23.0547 1788  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:36:23.0551 1788  wcncsvc - ok
14:36:23.0563 1788  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:36:23.0564 1788  WcsPlugInService - ok
14:36:23.0573 1788  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:36:23.0574 1788  Wd - ok
14:36:23.0609 1788  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:36:23.0632 1788  Wdf01000 - ok
14:36:23.0652 1788  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:36:23.0656 1788  WdiServiceHost - ok
14:36:23.0664 1788  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:36:23.0669 1788  WdiSystemHost - ok
14:36:23.0708 1788  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:36:23.0716 1788  WebClient - ok
14:36:23.0736 1788  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:36:23.0745 1788  Wecsvc - ok
14:36:23.0761 1788  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:36:23.0766 1788  wercplsupport - ok
14:36:23.0788 1788  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:36:23.0792 1788  WerSvc - ok
14:36:23.0808 1788  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:36:23.0809 1788  WfpLwf - ok
14:36:23.0824 1788  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:36:23.0825 1788  WIMMount - ok
14:36:23.0831 1788  WinHttpAutoProxySvc - ok
14:36:23.0879 1788  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:36:23.0881 1788  Winmgmt - ok
14:36:23.0933 1788  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:36:23.0968 1788  WinRM - ok
14:36:24.0011 1788  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:36:24.0012 1788  WinUsb - ok
14:36:24.0042 1788  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:36:24.0058 1788  Wlansvc - ok
14:36:24.0192 1788  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:36:24.0243 1788  wlidsvc - ok
14:36:24.0251 1788  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:36:24.0252 1788  WmiAcpi - ok
14:36:24.0277 1788  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:36:24.0278 1788  wmiApSrv - ok
14:36:24.0292 1788  WMPNetworkSvc - ok
14:36:24.0298 1788  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:36:24.0299 1788  WPCSvc - ok
14:36:24.0326 1788  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:36:24.0328 1788  WPDBusEnum - ok
14:36:24.0340 1788  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:36:24.0341 1788  ws2ifsl - ok
14:36:24.0344 1788  WSearch - ok
14:36:24.0379 1788  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:36:24.0380 1788  WudfPf - ok
14:36:24.0388 1788  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:36:24.0389 1788  WUDFRd - ok
14:36:24.0415 1788  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:36:24.0417 1788  wudfsvc - ok
14:36:24.0429 1788  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:36:24.0432 1788  WwanSvc - ok
14:36:24.0474 1788  [ 3762B4C538B9D710F85042849C20319F ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:36:24.0475 1788  ZTEusbmdm6k - ok
14:36:24.0504 1788  [ 3762B4C538B9D710F85042849C20319F ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:36:24.0505 1788  ZTEusbnmea - ok
14:36:24.0536 1788  [ 3762B4C538B9D710F85042849C20319F ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:36:24.0537 1788  ZTEusbser6k - ok
14:36:24.0625 1788  ================ Scan global ===============================
14:36:24.0661 1788  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:36:24.0688 1788  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:24.0696 1788  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:24.0713 1788  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:36:24.0737 1788  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:36:24.0740 1788  [Global] - ok
14:36:24.0740 1788  ================ Scan MBR ==================================
14:36:24.0743 1788  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:36:24.0838 1788  \Device\Harddisk0\DR0 - ok
14:36:24.0850 1788  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:36:25.0062 1788  \Device\Harddisk1\DR1 - ok
14:36:25.0069 1788  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:36:25.0676 1788  \Device\Harddisk2\DR2 - ok
14:36:25.0677 1788  ================ Scan VBR ==================================
14:36:25.0682 1788  [ 038E15ACA723E15A511F829D69359BF4 ] \Device\Harddisk1\DR1\Partition1
14:36:25.0685 1788  \Device\Harddisk1\DR1\Partition1 - ok
14:36:25.0714 1788  [ 05AC193644A2634F0F2367971DA86463 ] \Device\Harddisk1\DR1\Partition2
14:36:25.0716 1788  \Device\Harddisk1\DR1\Partition2 - ok
14:36:25.0725 1788  [ 47000BFDEF05A45EA48B3FC5D8453F97 ] \Device\Harddisk1\DR1\Partition3
14:36:25.0727 1788  \Device\Harddisk1\DR1\Partition3 - ok
14:36:25.0729 1788  [ 62B41225929F02256BDF3763C969E7C2 ] \Device\Harddisk2\DR2\Partition1
14:36:25.0730 1788  \Device\Harddisk2\DR2\Partition1 - ok
14:36:25.0731 1788  ============================================================
14:36:25.0731 1788  Scan finished
14:36:25.0731 1788  ============================================================
14:36:25.0741 3936  Detected object count: 0
14:36:25.0741 3936  Actual detected object count: 0
14:36:47.0006 4472  ============================================================
14:36:47.0006 4472  Scan started
14:36:47.0006 4472  Mode: Manual; TDLFS; 
14:36:47.0006 4472  ============================================================
         

Alt 19.01.2013, 14:58   #2
kljmasbe
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Code:
ATTFilter
14:36:48.0143 4472  ================ Scan system memory ========================
14:36:48.0143 4472  System memory - ok
14:36:48.0144 4472  ================ Scan services =============================
14:36:48.0252 4472  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:36:48.0254 4472  1394ohci - ok
14:36:48.0278 4472  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:36:48.0280 4472  ACPI - ok
14:36:48.0291 4472  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:36:48.0291 4472  AcpiPmi - ok
14:36:48.0327 4472  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:36:48.0328 4472  Adobe LM Service - ok
14:36:48.0362 4472  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:36:48.0362 4472  AdobeARMservice - ok
14:36:48.0439 4472  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:36:48.0441 4472  AdobeFlashPlayerUpdateSvc - ok
14:36:48.0465 4472  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:36:48.0467 4472  adp94xx - ok
14:36:48.0480 4472  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:36:48.0481 4472  adpahci - ok
14:36:48.0492 4472  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:36:48.0492 4472  adpu320 - ok
14:36:48.0510 4472  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:36:48.0510 4472  AeLookupSvc - ok
14:36:48.0545 4472  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:36:48.0547 4472  AFD - ok
14:36:48.0566 4472  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:36:48.0567 4472  agp440 - ok
14:36:48.0576 4472  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:36:48.0577 4472  ALG - ok
14:36:48.0589 4472  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:36:48.0590 4472  aliide - ok
14:36:48.0636 4472  ALSysIO - ok
14:36:48.0656 4472  [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:36:48.0657 4472  AMD External Events Utility - ok
14:36:48.0660 4472  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:36:48.0660 4472  amdide - ok
14:36:48.0669 4472  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:36:48.0669 4472  AmdK8 - ok
14:36:48.0677 4472  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:36:48.0677 4472  AmdPPM - ok
14:36:48.0699 4472  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:36:48.0700 4472  amdsata - ok
14:36:48.0715 4472  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:36:48.0716 4472  amdsbs - ok
14:36:48.0730 4472  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:36:48.0730 4472  amdxata - ok
14:36:48.0850 4472  [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:36:48.0852 4472  AntiVirSchedulerService - ok
14:36:48.0886 4472  [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:36:48.0888 4472  AntiVirService - ok
14:36:48.0934 4472  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:36:48.0935 4472  AppID - ok
14:36:48.0972 4472  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:36:48.0973 4472  AppIDSvc - ok
14:36:49.0000 4472  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
14:36:49.0001 4472  Appinfo - ok
14:36:49.0044 4472  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:36:49.0047 4472  AppMgmt - ok
14:36:49.0068 4472  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:36:49.0070 4472  arc - ok
14:36:49.0088 4472  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:36:49.0089 4472  arcsas - ok
14:36:49.0148 4472  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:36:49.0149 4472  aspnet_state - ok
14:36:49.0157 4472  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:36:49.0157 4472  AsyncMac - ok
14:36:49.0176 4472  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:36:49.0177 4472  atapi - ok
14:36:49.0279 4472  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:36:49.0307 4472  atikmdag - ok
14:36:49.0343 4472  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:36:49.0346 4472  AudioEndpointBuilder - ok
14:36:49.0360 4472  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:36:49.0363 4472  AudioSrv - ok
14:36:49.0378 4472  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:36:49.0378 4472  avgntflt - ok
14:36:49.0389 4472  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:36:49.0390 4472  avipbb - ok
14:36:49.0398 4472  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:36:49.0398 4472  avkmgr - ok
14:36:49.0421 4472  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:36:49.0421 4472  AxInstSV - ok
14:36:49.0434 4472  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:36:49.0436 4472  b06bdrv - ok
14:36:49.0449 4472  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:36:49.0450 4472  b57nd60a - ok
14:36:49.0467 4472  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:36:49.0468 4472  BDESVC - ok
14:36:49.0476 4472  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:36:49.0476 4472  Beep - ok
14:36:49.0483 4472  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:36:49.0483 4472  blbdrive - ok
14:36:49.0511 4472  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:36:49.0512 4472  bowser - ok
14:36:49.0526 4472  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:36:49.0526 4472  BrFiltLo - ok
14:36:49.0536 4472  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:36:49.0537 4472  BrFiltUp - ok
14:36:49.0556 4472  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:36:49.0557 4472  Browser - ok
14:36:49.0570 4472  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:36:49.0571 4472  Brserid - ok
14:36:49.0587 4472  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:36:49.0588 4472  BrSerWdm - ok
14:36:49.0590 4472  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:36:49.0591 4472  BrUsbMdm - ok
14:36:49.0594 4472  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:36:49.0594 4472  BrUsbSer - ok
14:36:49.0616 4472  [ 07DCB3C254D584E3949FE2C0EE3963F2 ] BthAudioHF      C:\Windows\system32\DRIVERS\BthAudioHF.sys
14:36:49.0616 4472  BthAudioHF - ok
14:36:49.0628 4472  [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
14:36:49.0628 4472  BthAvrcp - ok
14:36:49.0649 4472  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:36:49.0649 4472  BthEnum - ok
14:36:49.0655 4472  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:36:49.0656 4472  BTHMODEM - ok
14:36:49.0677 4472  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:36:49.0678 4472  BthPan - ok
14:36:49.0704 4472  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:36:49.0706 4472  BTHPORT - ok
14:36:49.0714 4472  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:36:49.0715 4472  bthserv - ok
14:36:49.0728 4472  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:36:49.0728 4472  BTHUSB - ok
14:36:49.0741 4472  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:36:49.0742 4472  cdfs - ok
14:36:49.0763 4472  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:36:49.0763 4472  cdrom - ok
14:36:49.0788 4472  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:36:49.0788 4472  CertPropSvc - ok
14:36:49.0792 4472  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:36:49.0792 4472  circlass - ok
14:36:49.0806 4472  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:36:49.0807 4472  CLFS - ok
14:36:49.0847 4472  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:36:49.0849 4472  clr_optimization_v2.0.50727_32 - ok
14:36:49.0882 4472  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:36:49.0884 4472  clr_optimization_v2.0.50727_64 - ok
14:36:49.0922 4472  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:36:49.0925 4472  clr_optimization_v4.0.30319_32 - ok
14:36:49.0939 4472  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:36:49.0942 4472  clr_optimization_v4.0.30319_64 - ok
14:36:49.0952 4472  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:36:49.0953 4472  CmBatt - ok
14:36:49.0975 4472  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:36:49.0976 4472  cmdide - ok
14:36:50.0003 4472  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:36:50.0006 4472  CNG - ok
14:36:50.0019 4472  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:36:50.0020 4472  Compbatt - ok
14:36:50.0031 4472  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:36:50.0031 4472  CompositeBus - ok
14:36:50.0035 4472  COMSysApp - ok
14:36:50.0040 4472  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:36:50.0040 4472  crcdisk - ok
14:36:50.0072 4472  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:36:50.0074 4472  CryptSvc - ok
14:36:50.0108 4472  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
14:36:50.0111 4472  CSC - ok
14:36:50.0145 4472  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
14:36:50.0150 4472  CscService - ok
14:36:50.0176 4472  [ DF07C6D98BA7F81D0571E366B1CD6672 ] csr_a2dp        C:\Windows\system32\drivers\bthav.sys
14:36:50.0177 4472  csr_a2dp - ok
14:36:50.0192 4472  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:36:50.0196 4472  DcomLaunch - ok
14:36:50.0217 4472  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:36:50.0219 4472  defragsvc - ok
14:36:50.0245 4472  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:36:50.0246 4472  DfsC - ok
14:36:50.0258 4472  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:36:50.0260 4472  Dhcp - ok
14:36:50.0312 4472  [ 4F26BB00747D41E7C0FE8EBB2900F862 ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
14:36:50.0316 4472  DirMngr - ok
14:36:50.0355 4472  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:36:50.0356 4472  discache - ok
14:36:50.0388 4472  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:36:50.0389 4472  Disk - ok
14:36:50.0425 4472  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:36:50.0429 4472  Dnscache - ok
14:36:50.0461 4472  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:36:50.0463 4472  dot3svc - ok
14:36:50.0490 4472  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:36:50.0491 4472  DPS - ok
14:36:50.0512 4472  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:36:50.0512 4472  drmkaud - ok
14:36:50.0536 4472  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:36:50.0542 4472  DXGKrnl - ok
14:36:50.0547 4472  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:36:50.0548 4472  EapHost - ok
14:36:50.0610 4472  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:36:50.0629 4472  ebdrv - ok
14:36:50.0653 4472  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:36:50.0654 4472  EFS - ok
14:36:50.0690 4472  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:36:50.0693 4472  ehRecvr - ok
14:36:50.0711 4472  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:36:50.0711 4472  ehSched - ok
14:36:50.0727 4472  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:36:50.0730 4472  elxstor - ok
14:36:50.0739 4472  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:36:50.0739 4472  ErrDev - ok
14:36:50.0758 4472  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:36:50.0760 4472  EventSystem - ok
14:36:50.0773 4472  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:36:50.0774 4472  exfat - ok
14:36:50.0790 4472  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:36:50.0791 4472  fastfat - ok
14:36:50.0822 4472  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:36:50.0825 4472  Fax - ok
14:36:50.0832 4472  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:36:50.0833 4472  fdc - ok
14:36:50.0839 4472  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:36:50.0839 4472  fdPHost - ok
14:36:50.0852 4472  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:36:50.0852 4472  FDResPub - ok
14:36:50.0865 4472  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:36:50.0865 4472  FileInfo - ok
14:36:50.0877 4472  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:36:50.0878 4472  Filetrace - ok
14:36:50.0890 4472  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:36:50.0890 4472  flpydisk - ok
14:36:50.0912 4472  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:36:50.0913 4472  FltMgr - ok
14:36:50.0950 4472  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
14:36:50.0955 4472  FontCache - ok
14:36:50.0989 4472  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:36:50.0989 4472  FontCache3.0.0.0 - ok
14:36:51.0001 4472  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:36:51.0003 4472  FsDepends - ok
14:36:51.0039 4472  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:36:51.0040 4472  Fs_Rec - ok
14:36:51.0069 4472  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:36:51.0072 4472  fvevol - ok
14:36:51.0092 4472  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:36:51.0094 4472  gagp30kx - ok
14:36:51.0139 4472  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:36:51.0150 4472  gpsvc - ok
14:36:51.0175 4472  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:51.0176 4472  gupdate - ok
14:36:51.0180 4472  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:36:51.0181 4472  gupdatem - ok
14:36:51.0190 4472  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:36:51.0191 4472  hcw85cir - ok
14:36:51.0209 4472  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:36:51.0211 4472  HdAudAddService - ok
14:36:51.0226 4472  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:36:51.0227 4472  HDAudBus - ok
14:36:51.0256 4472  [ EE8C05F926521A0E24EDAF40F45D01E6 ] HFGService      C:\Windows\System32\HFGService.dll
14:36:51.0260 4472  HFGService - ok
14:36:51.0274 4472  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:36:51.0275 4472  HidBatt - ok
14:36:51.0290 4472  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:36:51.0291 4472  HidBth - ok
14:36:51.0301 4472  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:36:51.0302 4472  HidIr - ok
14:36:51.0325 4472  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:36:51.0325 4472  hidserv - ok
14:36:51.0343 4472  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:36:51.0344 4472  HidUsb - ok
14:36:51.0367 4472  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:36:51.0369 4472  hkmsvc - ok
14:36:51.0394 4472  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:36:51.0396 4472  HomeGroupListener - ok
14:36:51.0419 4472  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:36:51.0421 4472  HomeGroupProvider - ok
14:36:51.0430 4472  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:36:51.0431 4472  HpSAMD - ok
14:36:51.0604 4472  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Users\Steffen\AppData\Local\Temp\7zS5696\hpslpsvc64.dll
14:36:51.0608 4472  HPSLPSVC - ok
14:36:51.0709 4472  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:36:51.0712 4472  HTTP - ok
14:36:51.0731 4472  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:36:51.0731 4472  hwpolicy - ok
14:36:51.0745 4472  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:36:51.0746 4472  i8042prt - ok
14:36:51.0766 4472  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:36:51.0767 4472  iaStorV - ok
14:36:51.0797 4472  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:36:51.0801 4472  idsvc - ok
14:36:51.0814 4472  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:36:51.0814 4472  iirsp - ok
14:36:51.0833 4472  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:36:51.0837 4472  IKEEXT - ok
14:36:51.0849 4472  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:36:51.0849 4472  intelide - ok
14:36:51.0862 4472  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:36:51.0862 4472  intelppm - ok
14:36:51.0878 4472  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:36:51.0879 4472  IPBusEnum - ok
14:36:51.0901 4472  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:36:51.0903 4472  IpFilterDriver - ok
14:36:51.0931 4472  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:36:51.0933 4472  IPMIDRV - ok
14:36:51.0947 4472  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:36:51.0949 4472  IPNAT - ok
14:36:51.0966 4472  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:36:51.0967 4472  IRENUM - ok
14:36:51.0984 4472  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:36:51.0985 4472  isapnp - ok
14:36:52.0007 4472  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:36:52.0008 4472  iScsiPrt - ok
14:36:52.0017 4472  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:36:52.0017 4472  kbdclass - ok
14:36:52.0029 4472  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:36:52.0030 4472  kbdhid - ok
14:36:52.0037 4472  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:36:52.0038 4472  KeyIso - ok
14:36:52.0062 4472  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:36:52.0062 4472  KSecDD - ok
14:36:52.0094 4472  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:36:52.0095 4472  KSecPkg - ok
14:36:52.0114 4472  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:36:52.0115 4472  ksthunk - ok
14:36:52.0143 4472  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:36:52.0146 4472  KtmRm - ok
14:36:52.0177 4472  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:36:52.0179 4472  LanmanServer - ok
14:36:52.0208 4472  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:36:52.0210 4472  LanmanWorkstation - ok
14:36:52.0227 4472  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:36:52.0227 4472  lltdio - ok
14:36:52.0251 4472  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:36:52.0254 4472  lltdsvc - ok
14:36:52.0261 4472  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:36:52.0262 4472  lmhosts - ok
14:36:52.0276 4472  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:36:52.0277 4472  LSI_FC - ok
14:36:52.0287 4472  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:36:52.0288 4472  LSI_SAS - ok
14:36:52.0301 4472  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:36:52.0302 4472  LSI_SAS2 - ok
14:36:52.0317 4472  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:36:52.0317 4472  LSI_SCSI - ok
14:36:52.0326 4472  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:36:52.0327 4472  luafv - ok
14:36:52.0352 4472  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:52.0353 4472  LVPr2M64 - ok
14:36:52.0355 4472  [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:36:52.0356 4472  LVPr2Mon - ok
14:36:52.0372 4472  [ EF586B959F747E74C76603FF16AE417B ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
14:36:52.0374 4472  LVRS64 - ok
14:36:52.0483 4472  [ EDF73BFA1BD24D74D1D64DC0ED28A7CD ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
14:36:52.0517 4472  LVUVC64 - ok
14:36:52.0547 4472  [ 035C83CD72E06C47000793D32B1A642D ] massfilter      C:\Windows\system32\drivers\massfilter.sys
14:36:52.0547 4472  massfilter - ok
14:36:52.0572 4472  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:36:52.0573 4472  Mcx2Svc - ok
14:36:52.0583 4472  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:36:52.0583 4472  megasas - ok
14:36:52.0596 4472  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:36:52.0597 4472  MegaSR - ok
14:36:52.0613 4472  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:36:52.0614 4472  MMCSS - ok
14:36:52.0618 4472  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:36:52.0619 4472  Modem - ok
14:36:52.0623 4472  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:36:52.0624 4472  monitor - ok
14:36:52.0649 4472  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:36:52.0650 4472  mouclass - ok
14:36:52.0657 4472  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:36:52.0657 4472  mouhid - ok
14:36:52.0677 4472  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:36:52.0678 4472  mountmgr - ok
14:36:52.0709 4472  [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:36:52.0710 4472  MozillaMaintenance - ok
14:36:52.0734 4472  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:36:52.0735 4472  mpio - ok
14:36:52.0751 4472  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:36:52.0751 4472  mpsdrv - ok
14:36:52.0791 4472  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:36:52.0792 4472  MRxDAV - ok
14:36:52.0817 4472  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:36:52.0820 4472  mrxsmb - ok
14:36:52.0865 4472  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:36:52.0870 4472  mrxsmb10 - ok
14:36:52.0902 4472  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:36:52.0905 4472  mrxsmb20 - ok
14:36:52.0917 4472  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:36:52.0918 4472  msahci - ok
14:36:52.0946 4472  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:36:52.0949 4472  msdsm - ok
14:36:52.0970 4472  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:36:52.0974 4472  MSDTC - ok
14:36:52.0996 4472  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:36:52.0997 4472  Msfs - ok
14:36:53.0012 4472  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:36:53.0012 4472  mshidkmdf - ok
14:36:53.0018 4472  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:36:53.0019 4472  msisadrv - ok
14:36:53.0042 4472  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:36:53.0044 4472  MSiSCSI - ok
14:36:53.0047 4472  msiserver - ok
14:36:53.0057 4472  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:36:53.0058 4472  MSKSSRV - ok
14:36:53.0072 4472  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:36:53.0073 4472  MSPCLOCK - ok
14:36:53.0084 4472  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:36:53.0085 4472  MSPQM - ok
14:36:53.0112 4472  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:36:53.0115 4472  MsRPC - ok
14:36:53.0133 4472  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:36:53.0133 4472  mssmbios - ok
14:36:53.0137 4472  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:36:53.0137 4472  MSTEE - ok
14:36:53.0141 4472  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:36:53.0142 4472  MTConfig - ok
14:36:53.0165 4472  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
14:36:53.0165 4472  MTsensor - ok
14:36:53.0174 4472  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:36:53.0174 4472  Mup - ok
14:36:53.0206 4472  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:36:53.0210 4472  napagent - ok
14:36:53.0228 4472  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:36:53.0230 4472  NativeWifiP - ok
14:36:53.0289 4472  [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
14:36:53.0292 4472  NAUpdate - ok
14:36:53.0333 4472  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:36:53.0338 4472  NDIS - ok
14:36:53.0351 4472  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:36:53.0351 4472  NdisCap - ok
14:36:53.0362 4472  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:36:53.0363 4472  NdisTapi - ok
14:36:53.0385 4472  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:36:53.0385 4472  Ndisuio - ok
14:36:53.0412 4472  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:36:53.0415 4472  NdisWan - ok
14:36:53.0442 4472  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:36:53.0443 4472  NDProxy - ok
14:36:53.0460 4472  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:36:53.0461 4472  NetBIOS - ok
14:36:53.0501 4472  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:36:53.0505 4472  NetBT - ok
14:36:53.0520 4472  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:36:53.0521 4472  Netlogon - ok
14:36:53.0537 4472  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:36:53.0540 4472  Netman - ok
14:36:53.0558 4472  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:53.0560 4472  NetMsmqActivator - ok
14:36:53.0564 4472  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:53.0565 4472  NetPipeActivator - ok
14:36:53.0594 4472  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:36:53.0598 4472  netprofm - ok
14:36:53.0602 4472  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:53.0603 4472  NetTcpActivator - ok
14:36:53.0607 4472  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:36:53.0608 4472  NetTcpPortSharing - ok
14:36:53.0616 4472  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:36:53.0617 4472  nfrd960 - ok
14:36:53.0647 4472  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:36:53.0649 4472  NlaSvc - ok
14:36:53.0655 4472  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:36:53.0655 4472  Npfs - ok
14:36:53.0666 4472  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:36:53.0666 4472  nsi - ok
14:36:53.0675 4472  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:36:53.0675 4472  nsiproxy - ok
14:36:53.0723 4472  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:36:53.0730 4472  Ntfs - ok
14:36:53.0738 4472  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:36:53.0738 4472  Null - ok
14:36:53.0762 4472  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
14:36:53.0764 4472  NVENETFD - ok
14:36:53.0786 4472  [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:36:53.0787 4472  NVHDA - ok
14:36:53.0985 4472  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:36:54.0043 4472  nvlddmkm - ok
14:36:54.0072 4472  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:36:54.0073 4472  nvraid - ok
14:36:54.0090 4472  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:36:54.0091 4472  nvstor - ok
14:36:54.0119 4472  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc           C:\Windows\system32\nvvsvc.exe
14:36:54.0123 4472  NVSvc - ok
14:36:54.0181 4472  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:36:54.0186 4472  nvUpdatusService - ok
14:36:54.0199 4472  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:36:54.0200 4472  nv_agp - ok
14:36:54.0211 4472  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:36:54.0211 4472  ohci1394 - ok
14:36:54.0253 4472  [ D29D5E61A5722630BB58940D1E4E231A ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
14:36:54.0253 4472  OpenVPNService - ok
14:36:54.0307 4472  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:36:54.0307 4472  ose - ok
14:36:54.0411 4472  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:36:54.0432 4472  osppsvc - ok
14:36:54.0485 4472  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:36:54.0487 4472  p2pimsvc - ok
14:36:54.0513 4472  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:36:54.0515 4472  p2psvc - ok
14:36:54.0529 4472  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:36:54.0530 4472  Parport - ok
14:36:54.0552 4472  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:36:54.0552 4472  partmgr - ok
14:36:54.0563 4472  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:36:54.0564 4472  PcaSvc - ok
14:36:54.0578 4472  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:36:54.0579 4472  pci - ok
14:36:54.0588 4472  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:36:54.0588 4472  pciide - ok
14:36:54.0602 4472  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:36:54.0603 4472  pcmcia - ok
14:36:54.0613 4472  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:36:54.0613 4472  pcw - ok
14:36:54.0627 4472  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:36:54.0630 4472  PEAUTH - ok
14:36:54.0668 4472  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:36:54.0675 4472  PeerDistSvc - ok
14:36:54.0761 4472  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:36:54.0764 4472  PerfHost - ok
14:36:54.0846 4472  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:36:54.0868 4472  pla - ok
14:36:54.0901 4472  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:36:54.0904 4472  PlugPlay - ok
14:36:54.0917 4472  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:36:54.0918 4472  PNRPAutoReg - ok
14:36:54.0935 4472  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:36:54.0938 4472  PNRPsvc - ok
14:36:54.0952 4472  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:36:54.0956 4472  PolicyAgent - ok
14:36:54.0978 4472  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:36:54.0980 4472  Power - ok
14:36:55.0012 4472  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:36:55.0012 4472  PptpMiniport - ok
14:36:55.0026 4472  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:36:55.0027 4472  Processor - ok
14:36:55.0051 4472  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:36:55.0053 4472  ProfSvc - ok
14:36:55.0062 4472  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:36:55.0063 4472  ProtectedStorage - ok
14:36:55.0088 4472  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:36:55.0089 4472  Psched - ok
14:36:55.0125 4472  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:36:55.0134 4472  ql2300 - ok
14:36:55.0151 4472  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:36:55.0152 4472  ql40xx - ok
14:36:55.0167 4472  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:36:55.0169 4472  QWAVE - ok
14:36:55.0179 4472  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:36:55.0180 4472  QWAVEdrv - ok
14:36:55.0199 4472  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
14:36:55.0201 4472  RapiMgr - ok
14:36:55.0208 4472  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:36:55.0209 4472  RasAcd - ok
14:36:55.0232 4472  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:36:55.0233 4472  RasAgileVpn - ok
14:36:55.0241 4472  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:36:55.0243 4472  RasAuto - ok
14:36:55.0268 4472  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:36:55.0269 4472  Rasl2tp - ok
14:36:55.0295 4472  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:36:55.0297 4472  RasMan - ok
14:36:55.0310 4472  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:36:55.0310 4472  RasPppoe - ok
14:36:55.0318 4472  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:36:55.0318 4472  RasSstp - ok
14:36:55.0345 4472  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:36:55.0347 4472  rdbss - ok
14:36:55.0360 4472  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:36:55.0360 4472  rdpbus - ok
14:36:55.0371 4472  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:36:55.0372 4472  RDPCDD - ok
14:36:55.0404 4472  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:36:55.0405 4472  RDPDR - ok
14:36:55.0408 4472  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:36:55.0408 4472  RDPENCDD - ok
14:36:55.0412 4472  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:36:55.0413 4472  RDPREFMP - ok
14:36:55.0434 4472  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:36:55.0435 4472  RDPWD - ok
14:36:55.0459 4472  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:36:55.0460 4472  rdyboost - ok
14:36:55.0481 4472  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:36:55.0482 4472  RemoteAccess - ok
14:36:55.0494 4472  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:36:55.0495 4472  RemoteRegistry - ok
14:36:55.0522 4472  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:36:55.0523 4472  RFCOMM - ok
14:36:55.0532 4472  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:36:55.0533 4472  RpcEptMapper - ok
14:36:55.0546 4472  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:36:55.0547 4472  RpcLocator - ok
14:36:55.0574 4472  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:36:55.0577 4472  RpcSs - ok
14:36:55.0586 4472  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:36:55.0587 4472  rspndr - ok
14:36:55.0610 4472  [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:36:55.0610 4472  RTL8167 - ok
14:36:55.0635 4472  [ 333224D4D25F9BCCA488E08345083E1C ] RTL8187         C:\Windows\system32\DRIVERS\rtl8187.sys
14:36:55.0637 4472  RTL8187 - ok
14:36:55.0652 4472  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:36:55.0653 4472  s3cap - ok
14:36:55.0670 4472  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:36:55.0673 4472  SamSs - ok
14:36:55.0690 4472  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:36:55.0693 4472  sbp2port - ok
14:36:55.0709 4472  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:36:55.0715 4472  SCardSvr - ok
14:36:55.0739 4472  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:36:55.0741 4472  scfilter - ok
14:36:55.0781 4472  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:36:55.0789 4472  Schedule - ok
14:36:55.0814 4472  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:36:55.0815 4472  SCPolicySvc - ok
14:36:55.0843 4472  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:36:55.0845 4472  SDRSVC - ok
14:36:55.0857 4472  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:36:55.0857 4472  secdrv - ok
14:36:55.0880 4472  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:36:55.0881 4472  seclogon - ok
14:36:55.0893 4472  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:36:55.0894 4472  SENS - ok
14:36:55.0900 4472  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:36:55.0902 4472  SensrSvc - ok
14:36:55.0909 4472  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:36:55.0909 4472  Serenum - ok
14:36:55.0922 4472  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:36:55.0923 4472  Serial - ok
14:36:55.0941 4472  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:36:55.0942 4472  sermouse - ok
14:36:55.0971 4472  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:36:55.0973 4472  SessionEnv - ok
14:36:55.0996 4472  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:36:55.0997 4472  sffdisk - ok
14:36:56.0006 4472  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:36:56.0007 4472  sffp_mmc - ok
14:36:56.0017 4472  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:36:56.0017 4472  sffp_sd - ok
14:36:56.0027 4472  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:36:56.0027 4472  sfloppy - ok
14:36:56.0056 4472  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:36:56.0059 4472  ShellHWDetection - ok
14:36:56.0086 4472  [ 0F498DEE92FD73DD999BAE4D506367F5 ] SI3132          C:\Windows\system32\DRIVERS\SI3132.sys
14:36:56.0087 4472  SI3132 - ok
14:36:56.0090 4472  [ 127CE10E01F53F2EDACA7FE42E5631EA ] SiFilter        C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:36:56.0091 4472  SiFilter - ok
14:36:56.0098 4472  [ B742C37002B8EBEF6E230DF9B4B28546 ] SiRemFil        C:\Windows\system32\DRIVERS\SiRemFil.sys
14:36:56.0099 4472  SiRemFil - ok
14:36:56.0119 4472  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:36:56.0119 4472  SiSRaid2 - ok
14:36:56.0124 4472  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:36:56.0124 4472  SiSRaid4 - ok
14:36:56.0153 4472  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:36:56.0154 4472  SkypeUpdate - ok
14:36:56.0164 4472  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:36:56.0166 4472  Smb - ok
14:36:56.0194 4472  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:36:56.0197 4472  SNMPTRAP - ok
14:36:56.0229 4472  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
14:36:56.0232 4472  speedfan - ok
14:36:56.0247 4472  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:36:56.0248 4472  spldr - ok
14:36:56.0285 4472  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:36:56.0296 4472  Spooler - ok
14:36:56.0380 4472  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:36:56.0401 4472  sppsvc - ok
14:36:56.0420 4472  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:36:56.0422 4472  sppuinotify - ok
14:36:56.0449 4472  [ 602884696850C86434530790B110E8EB ] sptd            C:\Windows\System32\Drivers\sptd.sys
14:36:56.0452 4472  sptd - ok
14:36:56.0485 4472  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:36:56.0487 4472  srv - ok
14:36:56.0499 4472  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:36:56.0501 4472  srv2 - ok
14:36:56.0515 4472  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:36:56.0516 4472  srvnet - ok
14:36:56.0527 4472  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:36:56.0529 4472  SSDPSRV - ok
14:36:56.0536 4472  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:36:56.0537 4472  SstpSvc - ok
14:36:56.0551 4472  Steam Client Service - ok
14:36:56.0593 4472  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:36:56.0594 4472  Stereo Service - ok
14:36:56.0609 4472  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:36:56.0609 4472  stexstor - ok
14:36:56.0638 4472  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:36:56.0642 4472  stisvc - ok
14:36:56.0660 4472  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:36:56.0660 4472  storflt - ok
14:36:56.0681 4472  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
14:36:56.0682 4472  StorSvc - ok
14:36:56.0688 4472  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:36:56.0688 4472  storvsc - ok
14:36:56.0697 4472  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:36:56.0697 4472  swenum - ok
14:36:56.0714 4472  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:36:56.0717 4472  swprv - ok
14:36:56.0897 4472  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:36:56.0915 4472  SysMain - ok
14:36:56.0941 4472  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:36:56.0943 4472  TabletInputService - ok
14:36:56.0961 4472  [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:36:56.0961 4472  tap0901 - ok
14:36:56.0987 4472  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:36:56.0990 4472  TapiSrv - ok
14:36:57.0012 4472  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:36:57.0014 4472  TBS - ok
14:36:57.0060 4472  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:36:57.0071 4472  Tcpip - ok
14:36:57.0110 4472  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:36:57.0120 4472  TCPIP6 - ok
14:36:57.0144 4472  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:36:57.0145 4472  tcpipreg - ok
14:36:57.0155 4472  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:36:57.0155 4472  TDPIPE - ok
14:36:57.0170 4472  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:36:57.0171 4472  TDTCP - ok
14:36:57.0196 4472  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:36:57.0196 4472  tdx - ok
14:36:57.0206 4472  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:36:57.0207 4472  TermDD - ok
14:36:57.0232 4472  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:36:57.0236 4472  TermService - ok
14:36:57.0242 4472  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:36:57.0243 4472  Themes - ok
14:36:57.0254 4472  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:36:57.0255 4472  THREADORDER - ok
14:36:57.0265 4472  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:36:57.0267 4472  TrkWks - ok
14:36:57.0303 4472  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:36:57.0304 4472  TrustedInstaller - ok
14:36:57.0323 4472  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:36:57.0323 4472  tssecsrv - ok
14:36:57.0347 4472  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:36:57.0347 4472  TsUsbFlt - ok
14:36:57.0371 4472  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:36:57.0372 4472  tunnel - ok
14:36:57.0384 4472  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:36:57.0385 4472  uagp35 - ok
14:36:57.0411 4472  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:36:57.0412 4472  udfs - ok
14:36:57.0469 4472  [ 2E071263A409931F8AFF3A6A656E920C ] UI Assistant Service C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
14:36:57.0473 4472  UI Assistant Service - ok
14:36:57.0488 4472  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:36:57.0492 4472  UI0Detect - ok
14:36:57.0505 4472  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:36:57.0507 4472  uliagpkx - ok
14:36:57.0528 4472  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:36:57.0530 4472  umbus - ok
14:36:57.0544 4472  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:36:57.0545 4472  UmPass - ok
14:36:57.0559 4472  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
14:36:57.0561 4472  UmRdpService - ok
14:36:57.0608 4472  [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:36:57.0610 4472  UMVPFSrv - ok
14:36:57.0627 4472  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:36:57.0630 4472  upnphost - ok
14:36:57.0644 4472  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:36:57.0645 4472  usbaudio - ok
14:36:57.0672 4472  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:36:57.0673 4472  usbccgp - ok
14:36:57.0695 4472  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:36:57.0696 4472  usbcir - ok
14:36:57.0719 4472  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:36:57.0720 4472  usbehci - ok
14:36:57.0745 4472  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:36:57.0747 4472  usbhub - ok
14:36:57.0766 4472  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
14:36:57.0766 4472  usbohci - ok
14:36:57.0773 4472  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:36:57.0774 4472  usbprint - ok
14:36:57.0793 4472  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:36:57.0794 4472  USBSTOR - ok
14:36:57.0802 4472  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:36:57.0802 4472  usbuhci - ok
14:36:57.0821 4472  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
14:36:57.0822 4472  usb_rndisx - ok
14:36:57.0832 4472  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:36:57.0833 4472  UxSms - ok
14:36:57.0845 4472  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:36:57.0846 4472  VaultSvc - ok
14:36:57.0872 4472  [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:36:57.0873 4472  VBoxDrv - ok
14:36:57.0895 4472  [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:36:57.0897 4472  VBoxNetAdp - ok
14:36:57.0904 4472  [ 7B657669C53A0E6583F07EBAA303D9EA ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:36:57.0905 4472  VBoxNetFlt - ok
14:36:57.0927 4472  [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:36:57.0928 4472  VBoxUSBMon - ok
14:36:57.0937 4472  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:36:57.0938 4472  vdrvroot - ok
14:36:57.0965 4472  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:36:57.0969 4472  vds - ok
14:36:57.0980 4472  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:36:57.0980 4472  vga - ok
14:36:57.0988 4472  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:36:57.0988 4472  VgaSave - ok
14:36:58.0008 4472  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:36:58.0009 4472  vhdmp - ok
14:36:58.0024 4472  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:36:58.0025 4472  viaide - ok
14:36:58.0036 4472  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:36:58.0038 4472  vmbus - ok
14:36:58.0053 4472  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:36:58.0053 4472  VMBusHID - ok
14:36:58.0057 4472  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:36:58.0058 4472  volmgr - ok
14:36:58.0082 4472  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:36:58.0085 4472  volmgrx - ok
14:36:58.0102 4472  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:36:58.0104 4472  volsnap - ok
14:36:58.0113 4472  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:36:58.0114 4472  vsmraid - ok
14:36:58.0161 4472  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:36:58.0172 4472  VSS - ok
14:36:58.0176 4472  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:36:58.0176 4472  vwifibus - ok
14:36:58.0184 4472  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:36:58.0185 4472  vwififlt - ok
14:36:58.0193 4472  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:36:58.0193 4472  vwifimp - ok
14:36:58.0212 4472  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:36:58.0214 4472  W32Time - ok
14:36:58.0230 4472  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:36:58.0230 4472  WacomPen - ok
14:36:58.0246 4472  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:36:58.0246 4472  WANARP - ok
14:36:58.0249 4472  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:36:58.0249 4472  Wanarpv6 - ok
14:36:58.0288 4472  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:36:58.0295 4472  wbengine - ok
14:36:58.0308 4472  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:36:58.0310 4472  WbioSrvc - ok
14:36:58.0331 4472  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
14:36:58.0333 4472  WcesComm - ok
14:36:58.0355 4472  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:36:58.0358 4472  wcncsvc - ok
14:36:58.0364 4472  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:36:58.0365 4472  WcsPlugInService - ok
14:36:58.0374 4472  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:36:58.0375 4472  Wd - ok
14:36:58.0409 4472  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:36:58.0412 4472  Wdf01000 - ok
14:36:58.0418 4472  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:36:58.0420 4472  WdiServiceHost - ok
14:36:58.0422 4472  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:36:58.0424 4472  WdiSystemHost - ok
14:36:58.0448 4472  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:36:58.0450 4472  WebClient - ok
14:36:58.0460 4472  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:36:58.0462 4472  Wecsvc - ok
14:36:58.0470 4472  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:36:58.0471 4472  wercplsupport - ok
14:36:58.0480 4472  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:36:58.0481 4472  WerSvc - ok
14:36:58.0492 4472  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:36:58.0493 4472  WfpLwf - ok
14:36:58.0500 4472  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:36:58.0500 4472  WIMMount - ok
14:36:58.0505 4472  WinHttpAutoProxySvc - ok
14:36:58.0538 4472  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:36:58.0539 4472  Winmgmt - ok
14:36:58.0590 4472  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:36:58.0599 4472  WinRM - ok
14:36:58.0629 4472  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:36:58.0629 4472  WinUsb - ok
14:36:58.0666 4472  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:36:58.0682 4472  Wlansvc - ok
14:36:58.0818 4472  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:36:58.0838 4472  wlidsvc - ok
14:36:58.0852 4472  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:36:58.0853 4472  WmiAcpi - ok
14:36:58.0869 4472  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:36:58.0871 4472  wmiApSrv - ok
14:36:58.0876 4472  WMPNetworkSvc - ok
14:36:58.0882 4472  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:36:58.0883 4472  WPCSvc - ok
14:36:58.0902 4472  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:36:58.0904 4472  WPDBusEnum - ok
14:36:58.0916 4472  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:36:58.0917 4472  ws2ifsl - ok
14:36:58.0920 4472  WSearch - ok
14:36:58.0946 4472  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:36:58.0947 4472  WudfPf - ok
14:36:58.0955 4472  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:36:58.0957 4472  WUDFRd - ok
14:36:58.0982 4472  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:36:58.0984 4472  wudfsvc - ok
14:36:58.0997 4472  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:36:58.0999 4472  WwanSvc - ok
14:36:59.0025 4472  [ 3762B4C538B9D710F85042849C20319F ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:36:59.0026 4472  ZTEusbmdm6k - ok
14:36:59.0038 4472  [ 3762B4C538B9D710F85042849C20319F ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:36:59.0039 4472  ZTEusbnmea - ok
14:36:59.0053 4472  [ 3762B4C538B9D710F85042849C20319F ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:36:59.0054 4472  ZTEusbser6k - ok
14:36:59.0078 4472  ================ Scan global ===============================
14:36:59.0096 4472  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:36:59.0122 4472  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:59.0127 4472  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
14:36:59.0139 4472  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:36:59.0162 4472  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:36:59.0164 4472  [Global] - ok
14:36:59.0164 4472  ================ Scan MBR ==================================
14:36:59.0166 4472  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:36:59.0186 4472  \Device\Harddisk0\DR0 - ok
14:36:59.0193 4472  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:36:59.0388 4472  \Device\Harddisk1\DR1 - ok
14:36:59.0394 4472  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:36:59.0429 4472  \Device\Harddisk2\DR2 - ok
14:36:59.0430 4472  ================ Scan VBR ==================================
14:36:59.0435 4472  [ 038E15ACA723E15A511F829D69359BF4 ] \Device\Harddisk1\DR1\Partition1
14:36:59.0438 4472  \Device\Harddisk1\DR1\Partition1 - ok
14:36:59.0465 4472  [ 05AC193644A2634F0F2367971DA86463 ] \Device\Harddisk1\DR1\Partition2
14:36:59.0467 4472  \Device\Harddisk1\DR1\Partition2 - ok
14:36:59.0476 4472  [ 47000BFDEF05A45EA48B3FC5D8453F97 ] \Device\Harddisk1\DR1\Partition3
14:36:59.0478 4472  \Device\Harddisk1\DR1\Partition3 - ok
14:36:59.0480 4472  [ 62B41225929F02256BDF3763C969E7C2 ] \Device\Harddisk2\DR2\Partition1
14:36:59.0481 4472  \Device\Harddisk2\DR2\Partition1 - ok
14:36:59.0482 4472  ============================================================
14:36:59.0482 4472  Scan finished
14:36:59.0482 4472  ============================================================
14:36:59.0490 4200  Detected object count: 0
14:36:59.0490 4200  Actual detected object count: 0
14:37:02.0664 2884  Deinitialize success
         
Würde mich über Hilfe freuen, dann muss ich das nicht einfach Platt machen
__________________


Alt 19.01.2013, 15:43   #3
t'john
/// Helfer-Team
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic





Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


danach:

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
__________________

Alt 19.01.2013, 17:32   #4
kljmasbe
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Hallo t'john,

wenn ich die mbar ausführe, kommt eine Fehlermeldung, dass die Datei zu alt sei:

Zitat:
Your Version of Malwarebytes Anti-Rootkit BETA has been outdated. Please download a newer version here:
hxxp://www.malwarebytes.org/products/mbar/

Would you like to download a newer version now?
Soll ich diesen Anweisungen einfach folgen?

Alt 19.01.2013, 18:15   #5
t'john
/// Helfer-Team
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



In Ordnung

__________________
Mfg, t'john
Das TB unterstützen

Alt 19.01.2013, 18:43   #6
kljmasbe
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Hm, das scheint mir komisch. Eine neuere Version gibt es nicht und der Download führt zur selben Version. Nachdem ich mehrmals die alte (von dir verlinkte) ausführen wollte, ging es plötzlich, mit folgendem Output:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 0.00.0.0000


 v0000.00.00.00

Windows 7 Service Pack 1 x64 NTFS
 8.0.7601.17514
Steffen :: NR1 

19.01.2013 18:40:01
mbar-log-2013-01-19 (18-40-01).txt

 
 
 
 20356
 30 

 0


 0


 0


 0


 0


 0


 0
         
in der "mbar-log-2013-01-19 (18-40-01).txt" und

Code:
ATTFilter
Scan finished
=======================================
         
in der "system-log.txt".

Es gab auch keinen Neustart und keine Möglichkeit aufzuräumen (CleanUp). Ist das so in Ordnung, kann ich mit dem zweiten Schritt weitermachen?

Alt 19.01.2013, 20:00   #7
t'john
/// Helfer-Team
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Malware mit Combofix beseitigen

Lade Combofix von einem der folgenden Download-Spiegel herunter:

BleepingComputer.com - ForoSpyware.com

und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig!
Beachte die ausführliche Original-Anleitung.

Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:
  • Windows XP (nur 32-bit)
  • Windows Vista (32-bit/64-bit)
  • Windows 7 (32-bit/64-bit)


Vorbereitung und wichtige Hinweise

  • Bitte während des Scans mit Combofix Antiviren- sowie Antispy-Programme, die Firewall und evtl. vorhandenes Skript-Blocking (Norton) deaktivieren.
  • Liste der zu deaktivierenden Programme.
    Bei Unklarheiten bitte fragen.


  • ComboFix wird Deine Einstellungen in Bezug auf den Bildschirmschoner zurücksetzen.
  • Diese Einstellungen kannst Du nach Beendigung unserer Bereinigung wieder ändern.
  • Mache nichts anderes, wenn es Dir nicht gelungen ist, Combofix laufen zu lassen.
  • Teile uns das mit und warte auf unsere Anweisungen.


  • Starte die Combofix.exe mit Rechtsklick => Als Administrator ausführen und folge den Anweisungen.
  • Während des Laufs von Combofix nichts anderes am Computer machen!
  • Akzeptiere die Bedingungen (Disclaimer) mit "Ja".


  • Sollte Combofix eine aktuellere Version anbieten, Downlaod erlauben.
  • Klicke "Ja", um mit dem Suchlauf nach Malware fortzufahren.
  • Es erscheint eine blaue Eingabeaufforderung, Combofix wird für den Suchlauf vorbereitet.
  • Bitte nicht in dieses Combofix-Fenster klicken.
  • Das könnte Dein System einfrieren oder hängen bleiben lassen.
  • Es wird ein Backup Deiner Registry erstellt.
  • Nun werden die einzelnen Stufen des Programms abgearbeitet, das kann eine Weile dauern.


  • Wenn ComboFix fertig ist, wird es ein Log erstellen (bitte warten, das dauert einen Moment).
  • Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
  • Bitte poste die Log-Dateien C:\ComboFix.txt und C:\Qoobox\Add-Remove Programs.txt in Code-Tags hier in den Thread.


  • Hinweis: Combofix macht aus verschiedenen Gründen den Internet Explorer zum Standard-Browser und erstellt ein IE-Icon auf dem Desktop.
  • Das IE-Desktop-Icon kannst Du nach der Bereinigung wieder löschen und Deinen bevorzugten Browser wieder als Standard-Browser einstellen.



Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen!
__________________
Mfg, t'john
Das TB unterstützen

Alt 19.01.2013, 22:40   #8
kljmasbe
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Add-Remove Programs.txt:

Code:
ATTFilter
1&1 Surf-Stick
Activision(R)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.01) - Deutsch
Adobe Shockwave Player 11.5
Aquaria
µTorrent
Avira Free Antivirus
Blocks That Matter
Blur(TM)
Borderlands
CameraHelperMsi
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.9
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3/E4 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Command & Conquer™ 4 Tiberian Twilight
Crysis® 2
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup
doxygen 1.7.3
Dual-Core Optimizer
erLT
Express Rip
FAKEFACTORY Cinematic Mod V10
FLV Downloader
GIMP 2.6.11
Git version 1.7.3.1-preview20101002
Google Chrome
Google Earth
Google Update Helper
Gpg4win (2.1.0)
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Gratuitous Space Battles
Half-Life 2
Half-Life 2 Awakening 1.1
Half-Life 2: Deathmatch
Half-Life 2: Episode One
Half-Life 2: Episode Two
Hugin 2011.4.0
Inkscape 0.48.2
Java Auto Updater
Java(TM) 6 Update 29
LEGO Digital Designer
LibreOffice 3.6
Lightworks
LIMBO
Logitech Webcam Software
LuminanceHDR 2.0.2
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Mendeley Desktop 1.7.1
Metro 2033
Microsoft .NET Compact Framework 3.5
Microsoft Access 2010
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
MiKTeX 2.8
Mozilla Firefox 18.0 (x86 de)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 de)
Mp3tag v2.48
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multiwinia
Navigator 11 - Setup Utility 11.0.23-3
Nero 7 Essentials
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
neroxml
Notepad++
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
OpenVPN 2.2.1
Opera 11.62
Phase 5 HTML-Editor
Pidgin
pidgin-otr 3.2.0-1
Portal
Portal 2
Python 2.6 pygtk-2.22.0
QuickTime
R for Windows 2.11.1
RESIDENT EVIL 5
Return to Castle Wolfenstein
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Skype™ 5.10
Solar 2
Source SDK
Source SDK Base 2007
SpeedFan (remove only)
Texmaker
The Basement Collection
The Binding of Isaac
Tinn-R 2.3.5.2
UFRaw 0.18
Unity Web Player (All users)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
VLC media player 2.0.1
Winamp
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinMerge 2.12.4
         
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-01-17.04 - Steffen 19.01.2013  22:16:14.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8190.6423 [GMT 1:00]
ausgeführt von:: c:\users\Steffen\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-18\$315c205da7786cc596b7af5891b907c0\@
c:\$recycle.bin\S-1-5-18\$315c205da7786cc596b7af5891b907c0\n
c:\users\Steffen\AppData\Local\.#
c:\users\Steffen\AppData\Local\Temp\7zS5696\HPSLPSVC64.DLL
c:\users\Steffen\AppData\Roaming\Local
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\4.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\5.ddi
c:\users\Steffen\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-19 bis 2013-01-19  ))))))))))))))))))))))))))))))
.
.
2013-01-19 17:31 . 2013-01-19 17:31	--------	d-----w-	c:\programdata\Malwarebytes
2013-01-19 16:42 . 2013-01-19 16:42	308640	----a-w-	c:\windows\system32\javaws.exe
2013-01-19 16:42 . 2013-01-19 16:42	1081760	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-01-19 16:42 . 2013-01-19 16:42	188832	----a-w-	c:\windows\system32\javaw.exe
2013-01-19 16:42 . 2013-01-19 16:42	188832	----a-w-	c:\windows\system32\java.exe
2013-01-19 16:42 . 2013-01-19 16:42	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-01-19 16:42 . 2013-01-19 16:42	--------	d-----w-	c:\program files\Java
2013-01-19 12:16 . 2013-01-19 12:16	--------	d-----w-	c:\users\Steffen\AppData\Roaming\Avira
2013-01-19 12:11 . 2013-01-19 12:11	--------	d-----w-	c:\programdata\Avira
2013-01-19 12:11 . 2013-01-19 12:11	--------	d-----w-	c:\program files (x86)\Avira
2013-01-19 12:11 . 2012-12-03 14:36	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-01-19 12:11 . 2012-12-03 14:36	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-01-19 12:11 . 2012-11-16 19:17	27800	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-01-17 08:41 . 2013-01-17 08:41	--------	d-sh--w-	c:\windows\SysWow64\%APPDATA%
2013-01-15 07:25 . 2012-11-19 00:01	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B92C6F7-E9FE-4983-84F7-D6DEB53AAAA6}\mpengine.dll
2013-01-15 07:25 . 2013-01-04 15:53	9060864	----a-w-	c:\windows\system32\mshtml.dll
2013-01-14 09:05 . 2013-01-19 16:38	--------	d-----w-	c:\users\Steffen\AppData\Roaming\.minecraft
2013-01-13 20:28 . 2013-01-13 20:28	--------	d-----w-	c:\users\Steffen\AppData\Roaming\LibreOffice
2013-01-13 20:26 . 2013-01-13 20:27	--------	d-----w-	c:\program files (x86)\LibreOffice 3.6
2013-01-10 11:29 . 2013-01-10 11:29	--------	d-----w-	c:\users\Steffen\AppData\Roaming\collection
2013-01-09 19:06 . 2012-11-30 05:41	424448	----a-w-	c:\windows\system32\KernelBase.dll
2013-01-08 22:31 . 2013-01-09 08:23	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2013-01-07 23:42 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2013-01-07 23:42 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2013-01-07 23:42 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2013-01-07 23:42 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-19 16:42 . 2011-01-06 15:30	960416	----a-w-	c:\windows\system32\deployJava1.dll
2013-01-19 14:05 . 2012-04-03 14:57	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-19 14:05 . 2011-05-26 14:54	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 11:50 . 2012-01-03 16:18	466456	----a-w-	c:\windows\system32\wrap_oal.dll
2013-01-10 11:50 . 2012-01-03 16:18	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2013-01-10 11:50 . 2012-01-03 16:18	122904	----a-w-	c:\windows\system32\OpenAL32.dll
2013-01-10 11:50 . 2012-01-03 16:18	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2013-01-09 22:45 . 2010-10-08 08:52	67599240	----a-w-	c:\windows\system32\MRT.exe
2012-11-30 04:45 . 2013-01-09 19:06	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-12 12:28 . 2012-12-12 19:56	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-12 11:52 . 2012-12-12 19:56	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 19:56	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 19:56	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 19:56	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 19:56	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2012-10-27 06:26 . 2012-12-12 19:56	981504	----a-w-	c:\windows\SysWow64\wininet.dll
2012-10-27 05:51 . 2012-12-12 19:56	1188864	----a-w-	c:\windows\system32\wininet.dll
2012-10-27 05:51 . 2012-12-12 19:56	1494528	----a-w-	c:\windows\system32\urlmon.dll
2012-10-27 05:51 . 2012-12-12 19:56	134144	----a-w-	c:\windows\system32\url.dll
2012-10-27 05:49 . 2012-12-12 19:56	97792	----a-w-	c:\windows\system32\mshtmled.dll
2012-10-27 05:49 . 2012-12-12 19:56	735744	----a-w-	c:\windows\system32\msfeeds.dll
2012-10-27 05:49 . 2012-12-12 19:56	64512	----a-w-	c:\windows\system32\jsproxy.dll
2012-10-27 05:49 . 2012-12-12 19:56	247808	----a-w-	c:\windows\system32\ieui.dll
2012-10-27 05:49 . 2012-12-12 19:56	2453504	----a-w-	c:\windows\system32\iertutil.dll
2012-10-27 05:49 . 2012-12-12 19:56	12295680	----a-w-	c:\windows\system32\ieframe.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files (x86)\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-08 1226608]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"UIExec"="c:\program files (x86)\1&1 Surf-Stick\UIExec.exe" [2011-08-25 153424]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 ALSysIO;ALSysIO;c:\users\Steffen\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BthAudioHF;BthAudioHF-Dienst;c:\windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 csr_a2dp;Bluetooth-AV-Profil;c:\windows\system32\drivers\bthav.sys [2009-12-21 78848]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2010-05-07 30304]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2011-04-01 341856]
R3 LVUVC64;Logitech Webcam 905(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2011-04-01 4184672]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-03-26 11776]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-19 834544]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 224048]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 130864]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
S2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [2011-03-02 224256]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\1&1 Surf-Stick\AssistantServices.exe [2011-08-25 270672]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 165680]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 14:05]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-08 16:58]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-08 16:58]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1048336132-1139700247-469780242-1001Core.job
- c:\users\Steffen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-02 20:13]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1048336132-1139700247-469780242-1001UA.job
- c:\users\Steffen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-02 20:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - ExtSQL: 2012-12-07 16:42; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - (no file)
BHO-{1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - (no file)
Wow6432Node-HKCU-Run-RGSC - e:\rockstar games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKLM-Run-NWEReboot - (no file)
Wow6432Node-HKLM-Run-DivX Download Manager - c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe
WebBrowser-{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-UnityWebPlayer - c:\program files (x86)\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1048336132-1139700247-469780242-1001\Software\SecuROM\License information*]
"datasecu"=hex:03,e7,ad,7d,e2,f6,5e,ee,ac,55,35,7a,6f,36,85,57,2d,19,c5,11,14,
   24,f6,e7,1d,2a,d7,36,bc,a0,c8,61,b6,c4,05,53,0b,37,ab,55,4a,a8,c3,2a,3e,b9,\
"rkeysecu"=hex:8f,35,95,71,16,ec,ca,00,1d,fb,6d,e7,38,7a,c6,9e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-19  22:29:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-01-19 21:29
.
Vor Suchlauf: 11 Verzeichnis(se), 23.957.585.920 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 24.496.013.312 Bytes frei
.
- - End Of File - - 878367023D62E45A5215D4561D0FBFAD
         
--- --- ---

Alt 19.01.2013, 23:25   #9
t'john
/// Helfer-Team
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Nochmal Malwarebytes Anti-Rootkit BETA - Download - Filepony probieren
__________________
Mfg, t'john
Das TB unterstützen

Alt 20.01.2013, 12:04   #10
kljmasbe
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Guten morgen,

habe das Ding nun über Nacht laufen lassen und gerade vorhin kam dieser Output:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.19.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Steffen :: NR1 [administrator]

20.01.2013 10:19:35
mbar-log-2013-01-20 (10-19-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 37692
Time elapsed: 10 hour(s), 24 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
und das in der "system-log.txt":
Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 8.0.7601.17514

Java version: 1.6.0_29

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED, G:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 3.214000 GHz
Memory total: 8587370496, free: 5967978496

------------ Kernel report ------------
     01/19/2013 23:45:16
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\nvstor.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\DRIVERS\SI3132.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\SiWinAcc.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\SiRemFil.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\Drivers\PROCEXP113.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\imagehlp.dll
\Windows\System32\msctf.dll
\Windows\System32\kernel32.dll
\Windows\System32\difxapi.dll
\Windows\System32\nsi.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\user32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\imm32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\gdi32.dll
\Windows\System32\iertutil.dll
\Windows\System32\lpk.dll
\Windows\System32\shell32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\normaliz.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\usp10.dll
\Windows\System32\psapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\urlmon.dll
\Windows\System32\wininet.dll
\Windows\System32\clbcatq.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\crypt32.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\wintrust.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa8007afa060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-3\
Lower Device Object: 0xfffffa800783c060
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8007af9060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T1L0-6\
Lower Device Object: 0xfffffa800784e680
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007af8060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\
Lower Device Object: 0xfffffa8007835680
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Downloaded database version: v2013.01.19.11
Initializing...
Done!
<<<2>>>
Device number: 1, partition: 2
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8007af9060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007af9940, DeviceName: Unknown, DriverName: \Driver\SiRemFil\
DevicePointer: 0xfffffa8007af9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007af9060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8006b279b0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800784e680, DeviceName: \Device\Ide\IdeDeviceP2T1L0-6\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xfffff8a00d7c51e0, 0xfffffa8007af9060, 0xfffffa8009fc22f0
Lower DeviceData: 0xfffff8a00e23c920, 0xfffffa800784e680, 0xfffffa80097b72b0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007af8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007af8940, DeviceName: Unknown, DriverName: \Driver\SiRemFil\
DevicePointer: 0xfffffa8007af8b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007af8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007839520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007835680, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xfffff8a01371ed00, 0xfffffa8007af8060, 0xfffffa800a987090
Lower DeviceData: 0xfffff8a010184d20, 0xfffffa8007835680, 0xfffffa8009df8150
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DD6DB48A

Partition information:

    Partition 0 type is Dynamic (0x42)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 2930275057

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1500301910016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-2930257168-2930277168)...
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9630962

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 207050752

    Partition 2 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 207259648  Numsec = 1042995824

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 640130801152 bytes
Sector size: 512 bytes

Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa8007afa060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007afa940, DeviceName: Unknown, DriverName: \Driver\SiRemFil\
DevicePointer: 0xfffffa8007afab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007afa060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800783a520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800783c060, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xfffff8a00ec12670, 0xfffffa8007afa060, 0xfffffa800a5b3140
Lower DeviceData: 0xfffff8a0035bf450, 0xfffffa800783c060, 0xfffffa800a6fe430
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7501CBE6

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 3907018864

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 2000394706432 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
         

Alt 20.01.2013, 15:05   #11
t'john
/// Helfer-Team
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



http://www.trojaner-board.de/129789-...tml#post994108
(adwCleaner)


danach:

Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html
__________________
Mfg, t'john
Das TB unterstützen

Alt 20.01.2013, 16:34   #12
kljmasbe
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



adwcleaner hatte ich gestern schon laufen, das hier ist von gestern:
Code:
ATTFilter
# AdwCleaner v2.106 - Datei am 19/01/2013 um 22:05:15 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Steffen - NR1
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Steffen\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\Steffen\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Steffen\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Steffen\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Steffen\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\Conduit

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2849855
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v18.0 (de)

Datei : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\prefs.js

Gelöscht : user_pref("CT2319825..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2319825..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2319825..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2319825.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2319825.CurrentServerDate", "25-3-2011");
Gelöscht : user_pref("CT2319825.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2319825.DialogsGetterLastCheckTime", "Fri Mar 25 2011 16:35:53 GMT+0100");
Gelöscht : user_pref("CT2319825.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2319825.FirstServerDate", "25-3-2011");
Gelöscht : user_pref("CT2319825.FirstTimeFF3", true);
Gelöscht : user_pref("CT2319825.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2319825.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2319825.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2319825.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2319825.IsGrouping", false);
Gelöscht : user_pref("CT2319825.LanguagePackLastCheckTime", "Fri Mar 25 2011 16:35:54 GMT+0100");
Gelöscht : user_pref("CT2319825.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2319825.LastLogin_3.3.3.2", "Fri Mar 25 2011 16:35:53 GMT+0100");
Gelöscht : user_pref("CT2319825.LatestVersion", "3.2.5.2");
Gelöscht : user_pref("CT2319825.Locale", "de");
Gelöscht : user_pref("CT2319825.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2319825.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2319825.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2319825.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2319825.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.SearchInNewTabLastCheckTime", "Fri Mar 25 2011 16:35:53 GMT+0100");
Gelöscht : user_pref("CT2319825.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2319825.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2319825.ServiceMapLastCheckTime", "Fri Mar 25 2011 16:35:52 GMT+0100");
Gelöscht : user_pref("CT2319825.SettingsLastCheckTime", "Fri Mar 25 2011 16:35:52 GMT+0100");
Gelöscht : user_pref("CT2319825.SettingsLastUpdate", "1300876832");
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsLastCheck", "Fri Mar 25 2011 16:35:52 GMT+0100");
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2319825.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2319825");
Gelöscht : user_pref("CT2319825.Uninstall", true);
Gelöscht : user_pref("CT2319825.UserID", "UN11785589511515127");
Gelöscht : user_pref("CT2319825.alertChannelId", "715912");
Gelöscht : user_pref("CT2319825.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Gelöscht : user_pref("CT2319825.globalFirstTimeInfoLastCheckTime", "Fri Mar 25 2011 16:35:54 GMT+0100");
Gelöscht : user_pref("CT2319825.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2319825.myStuffEnabled", true);
Gelöscht : user_pref("CT2319825.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2319825.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2319825.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2319825.testingCtid", "");
Gelöscht : user_pref("CT2319825.toolbarAppMetaDataLastCheckTime", "Fri Mar 25 2011 16:35:53 GMT+0100");
Gelöscht : user_pref("CT2319825.toolbarContextMenuLastCheckTime", "Fri Mar 25 2011 16:35:54 GMT+0100");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 25);
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "C2095A818D1F5B2C62F564470C8E5404");
Gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "25");
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 25);

-\\ Google Chrome v24.0.1312.52

Datei : C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v11.62.1347.0

Datei : C:\Users\Steffen\AppData\Roaming\Opera\Opera\operaprefs.ini

Gelöscht : video/mpeg=4,"C:\Program Files (x86)\Winamp\winamp.exe" "%s",C:\Program Files (x86)\VideoLAN\VLC\npv[...]
Gelöscht : application/x-winampx-1.0.0.1=6,,,,,|
Gelöscht : application/x-winampx-1.0.0.1=,0

*************************

AdwCleaner[S1].txt - [8977 octets] - [19/01/2013 22:05:15]

########## EOF - C:\AdwCleaner[S1].txt - [9037 octets] ##########
         
das hier von heute nochmal
Code:
ATTFilter
# AdwCleaner v2.106 - Datei am 20/01/2013 um 16:28:22 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Steffen - NR1
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Steffen\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v18.0 (de)

Datei : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\r4o9jc8y.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v24.0.1312.52

Datei : C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v11.62.1347.0

Datei : C:\Users\Steffen\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [9074 octets] - [19/01/2013 22:05:15]
AdwCleaner[S2].txt - [1063 octets] - [20/01/2013 16:28:22]

########## EOF - C:\AdwCleaner[S2].txt - [1123 octets] ##########
         

Alt 20.01.2013, 17:58   #13
t'john
/// Helfer-Team
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



Zitat:
adwcleaner hatte ich gestern schon laufen, das hier ist von gestern:
woher soll ich das wissen?
das logfile hast du ja nicht gepostet.

wo ist das Emsisoft Logfile....
__________________
Mfg, t'john
Das TB unterstützen

Alt 20.01.2013, 17:59   #14
kljmasbe
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



ist noch in der Mache, hatte gedacht ich kann das gleich im Anschluß posten .

Alt 20.01.2013, 18:02   #15
t'john
/// Helfer-Team
 
Yet another TR/ATRAPS.Gen2 topic - Standard

Yet another TR/ATRAPS.Gen2 topic



ok, mit Logfile wieder melden!
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu Yet another TR/ATRAPS.Gen2 topic
4d36e972-e325-11ce-bfc1-08002be10318, adobe, antivir, aswmbr, avast, avira, classpnp.sys, computer, defender, desktop.ini, dxgkrnl, echtzeit-scanner, error, explorer, file, firefox, flash player, fontcache, frage, google, lanmanworkstation, log file, mozilla, nvidia, pdf, policyagent, realtek, required, svchost.exe, system, temp, trojaner, trustedinstaller, tunnel, updates, usb, windows, wlansvc, wsearch



Ähnliche Themen: Yet another TR/ATRAPS.Gen2 topic


  1. Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (29)
  2. TR/ATRAPS.Gen und TR/ATRAPS.Gen2 von Avira gemeldet und dort nicht zu entfernen
    Log-Analyse und Auswertung - 10.10.2012 (13)
  3. Trojaner Befall TR/ATRAPS.GEN ,TR/ATRAPS.GEN2 , TR/Cutwail.jhg , TR/ZAccess.H , TR/Sirefef.A.37
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (17)
  4. TR/Atraps.gen - TR/Atraps.gen2 - TR/Rogue.kdv.686334 - von AVIRA Antivirus entdeckt
    Log-Analyse und Auswertung - 05.09.2012 (24)
  5. TR/ATRAPS.Gen2 und TR/ATRAPS.Gen wird alle paar Minuten von Antivir gemeldet
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (22)
  6. Avira: 800000cb.@ TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in C:\Windows\Installer\.. und weitere Pfaden
    Plagegeister aller Art und deren Bekämpfung - 16.08.2012 (25)
  7. antivir meldet alle paar minuten den fund TR/ATRAPS.Gen und TR/ATRAPS.Gen2
    Log-Analyse und Auswertung - 01.08.2012 (4)
  8. Von Avira gefundene Trojaner - TR/Crypt.ZPACK.Gen, TR/ATRAPS.Gen, TR/ATRAPS.Gen2 und BDS/ZAccess.T
    Log-Analyse und Auswertung - 28.07.2012 (25)
  9. Viren,BDS/ZAccess.T,TR/ATRAPS.gen,TR/ATRAPS.gen2 in C:/Dokumente/Einstellungen/Administrator..
    Alles rund um Windows - 22.07.2012 (1)
  10. TR/Atraps.gen - TR/Atraps.gen2 - BDS/ZAccess.T - über AVIRA Antivirus entdeckt
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (4)
  11. Trojaner Atraps.Gen, Atraps.Gen2 und Sirefef.AB.20 - gelöscht, aber auch sicher?
    Log-Analyse und Auswertung - 14.07.2012 (23)
  12. TR/ATRAPS.GEN, TR/ATRAPS.Gen2 6 seit ein paar Minuten auch noch ein Sirefef.P.528
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (1)
  13. Antivir findet 4 Trojaner: TR/ATRAPS.Gen, TR/ATRAPS.Gen2, Sirefef.P.342, Dldr.Phdet.E.41
    Log-Analyse und Auswertung - 11.07.2012 (1)
  14. Nach Befall tr/atraps.gen tr/atraps.gen2 formatiert - Computer startet selbständig neu
    Log-Analyse und Auswertung - 09.07.2012 (1)
  15. Virus (Rootkit.0Access, TR/ATRAPS.Gen, TR/ATRAPS.Gen2) entfernt; tatsächlich clean?
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (7)
  16. Avira ANtivir meldet Befall durch: tr/atraps.gen & tr atraps.gen2
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (3)
  17. Antivir meldet ständig wiederholten Fund von TR/ATRAPS.Gen, TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 03.06.2012 (1)

Zum Thema Yet another TR/ATRAPS.Gen2 topic - Hallo Board, wie im Titel erwähnt, handelt es sich bei meinem Trojaner um den TR/ATRAPS.Gen2 Ich habe die Schritte wie in ryders Einführung beschrieben durchgeführt. Ich habe mich für eine - Yet another TR/ATRAPS.Gen2 topic...
Archiv
Du betrachtest: Yet another TR/ATRAPS.Gen2 topic auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.