Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.05.2013, 09:44   #1
Leemur
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Guten Morgen Trojaner-Board-Team,

ich habe seit gestern ein Problem bei meinem Onlinebanking der Deutschen Bank.
Jedesmal wenn ich versuche mich mit meinen Kundendaten einzuloggen, erscheint ein Popup-
Fenster, welches 100 Tannummern fordert.
Abbrechen kann ich nur wenn ich den gesamten Browser schliesse. Ansonsten erlaubt mir dieses Fenstern nur auf Absenden zu klicken. Das entsprechende Bild habe ich mit angehangen.

Bei der Hotline der Deutschen Bank habe ich erfahren das, dies kein normaler oder neuer Prozess ist und vorsichtshalber, habe ich meine Nummern etc. ändern lassen.

Antivir scheint nichts zu finden also habe ich einen weiteren Scan mit OTL gemacht.
Die Txt habe ich mit angehangen.

An dieser Stelle bin ich nun recht Ratlos, da ich ungerne mein System neu aufsetzen möchte,
aber dennoch weiter mit dem Gerät arbeiten muss.

Könnt ihr mir bitte bei dem Problem helfen?

Grüße

Leemur

Extras.Txt

OTL.Txt

Name:  Online Banking.jpg
Hits: 127
Größe:  51,0 KB

Alt 16.05.2013, 10:58   #2
smeenk
/// Malwareteam / Visitor
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Hi Leemur

Ich bin Smeenk und ich werde versuchen Dir zu helfen


Systemscan mit ZOEK

Bitte lade die zoek.exe von hier: http://hijackthis.nl/smeenk/
  • Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen.
  • Starte die Zoek.exe mit einem Doppelklick (nur Windows XP-Benutzer).
  • Windows Vista/7 Benutzer starten das Tool bitte per Rechtsklick auf das Icon und wählen "Als Administrator starten".
  • Kopiere untenstehende Code in das Textfeld:
    Code:
    ATTFilter
    emptyclsid;
    chromelook;
    C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0e7jn55h.default\extensions\qtss3wbj@fyoaa-.org;fs
    C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgblamdbnlccegnoeflgeelfkojpiae;fs
    startupall;
    filesrcm;
    firefoxlook;
             
  • Nun klicke auf "Run script" und warte geduldig, bis der Scan durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit dem Logfile öffnen (ggfs. erst nach einem Neustart).
    Nachträglich kannst Du den Bericht unter c:\zoek-results.log einsehen.
  • Poste mir das Log File zoek-results.log


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Bitte alles nach Möglichkeit hier in CODE-Tags posten: [code] Dein Log hier [/code]
__________________


Alt 16.05.2013, 13:22   #3
Leemur
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Hallo Smeenk,

vielen Dank für deine schnelle Antwort!

Nachfolgend nun die beiden Logs:

TDSSKILLER:
Code:
ATTFilter
13:57:24.0040 5188  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:57:24.0180 5188  ============================================================
13:57:24.0180 5188  Current date / time: 2013/05/16 13:57:24.0180
13:57:24.0180 5188  SystemInfo:
13:57:24.0180 5188  
13:57:24.0180 5188  OS Version: 6.1.7600 ServicePack: 0.0
13:57:24.0180 5188  Product type: Workstation
13:57:24.0180 5188  ComputerName: ***
13:57:24.0180 5188  UserName: ***
13:57:24.0180 5188  Windows directory: C:\Windows
13:57:24.0180 5188  System windows directory: C:\Windows
13:57:24.0180 5188  Processor architecture: Intel x86
13:57:24.0180 5188  Number of processors: 4
13:57:24.0180 5188  Page size: 0x1000
13:57:24.0180 5188  Boot type: Normal boot
13:57:24.0180 5188  ============================================================
13:57:25.0241 5188  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:57:25.0257 5188  ============================================================
13:57:25.0257 5188  \Device\Harddisk0\DR0:
13:57:25.0257 5188  MBR partitions:
13:57:25.0257 5188  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
13:57:25.0257 5188  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
13:57:25.0257 5188  ============================================================
13:57:25.0335 5188  C: <-> \Device\Harddisk0\DR0\Partition2
13:57:25.0335 5188  ============================================================
13:57:25.0335 5188  Initialize success
13:57:25.0335 5188  ============================================================
13:57:35.0007 5600  ============================================================
13:57:35.0007 5600  Scan started
13:57:35.0007 5600  Mode: Manual; 
13:57:35.0007 5600  ============================================================
13:57:36.0520 5600  ================ Scan system memory ========================
13:57:36.0520 5600  System memory - ok
13:57:36.0520 5600  ================ Scan services =============================
13:57:36.0832 5600  [ BF02F806C873ABB04B197161E8E5A316 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:57:36.0848 5600  1394ohci - ok
13:57:36.0910 5600  [ AF1F178B0218B44876E63BF0B019E96B ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
13:57:36.0910 5600  Acceler - ok
13:57:36.0941 5600  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:57:36.0957 5600  ACPI - ok
13:57:37.0004 5600  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
13:57:37.0004 5600  AcpiPmi - ok
13:57:37.0097 5600  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:57:37.0128 5600  AdobeFlashPlayerUpdateSvc - ok
13:57:37.0175 5600  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:57:37.0191 5600  adp94xx - ok
13:57:37.0238 5600  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:57:37.0253 5600  adpahci - ok
13:57:37.0269 5600  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:57:37.0284 5600  adpu320 - ok
13:57:37.0331 5600  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:57:37.0331 5600  AeLookupSvc - ok
13:57:37.0456 5600  [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
13:57:37.0456 5600  AESTFilters - ok
13:57:37.0534 5600  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys
13:57:37.0534 5600  AFD - ok
13:57:37.0550 5600  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:57:37.0565 5600  agp440 - ok
13:57:37.0596 5600  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
13:57:37.0612 5600  aic78xx - ok
13:57:37.0643 5600  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
13:57:37.0659 5600  ALG - ok
13:57:37.0674 5600  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:57:37.0674 5600  aliide - ok
13:57:37.0690 5600  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
13:57:37.0706 5600  amdagp - ok
13:57:37.0737 5600  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:57:37.0752 5600  amdide - ok
13:57:37.0768 5600  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:57:37.0784 5600  AmdK8 - ok
13:57:37.0799 5600  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:57:37.0815 5600  AmdPPM - ok
13:57:37.0846 5600  [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:57:37.0862 5600  amdsata - ok
13:57:37.0877 5600  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:57:37.0893 5600  amdsbs - ok
13:57:37.0908 5600  [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:57:37.0908 5600  amdxata - ok
13:57:38.0080 5600  [ 56BEB1292DC71E49C824455EC582BFCE ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
13:57:38.0111 5600  AntiVirMailService - ok
13:57:38.0189 5600  [ 7ABE4092C35E7D4596487DFA075D84E1 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:57:38.0189 5600  AntiVirSchedulerService - ok
13:57:38.0236 5600  [ 5A37FFA608AE126C9702F5C07E07FC08 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:57:38.0252 5600  AntiVirService - ok
13:57:38.0283 5600  [ 5F2F39626586536CA86F402A1C947463 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:57:38.0314 5600  AntiVirWebService - ok
13:57:38.0376 5600  [ E8A8E6072CB7E2032E85E7735DAA511F ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
13:57:38.0392 5600  ApfiltrService - ok
13:57:38.0439 5600  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys
13:57:38.0454 5600  AppID - ok
13:57:38.0517 5600  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:57:38.0532 5600  AppIDSvc - ok
13:57:38.0564 5600  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll
13:57:38.0579 5600  Appinfo - ok
13:57:38.0673 5600  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:57:38.0688 5600  Apple Mobile Device - ok
13:57:38.0751 5600  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:57:38.0782 5600  AppMgmt - ok
13:57:38.0798 5600  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:57:38.0798 5600  arc - ok
13:57:38.0813 5600  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:57:38.0813 5600  arcsas - ok
13:57:38.0844 5600  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:57:38.0844 5600  AsyncMac - ok
13:57:38.0891 5600  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:57:38.0907 5600  atapi - ok
13:57:39.0000 5600  [ FF270313C14FC180B6C49BB0B302E0FB ] ATService       C:\Program Files\Fingerprint Sensor\AtService.exe
13:57:39.0078 5600  ATService - ok
13:57:39.0141 5600  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:57:39.0188 5600  AudioEndpointBuilder - ok
13:57:39.0219 5600  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:57:39.0234 5600  Audiosrv - ok
13:57:39.0297 5600  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:57:39.0312 5600  avgntflt - ok
13:57:39.0375 5600  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:57:39.0390 5600  avipbb - ok
13:57:39.0406 5600  [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:57:39.0406 5600  avkmgr - ok
13:57:39.0422 5600  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:57:39.0437 5600  AxInstSV - ok
13:57:39.0484 5600  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
13:57:39.0531 5600  b06bdrv - ok
13:57:39.0578 5600  [ 958438198ED140C6EB6348CF8A35B36C ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
13:57:39.0578 5600  b57nd60x - ok
13:57:39.0593 5600  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:57:39.0593 5600  BDESVC - ok
13:57:39.0624 5600  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:57:39.0624 5600  Beep - ok
13:57:39.0671 5600  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll
13:57:39.0718 5600  BITS - ok
13:57:39.0765 5600  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:57:39.0765 5600  blbdrive - ok
13:57:39.0812 5600  [ 8B9F91DEF5DBFB4F9B700DB51E0D00CC ] Blfp            C:\Windows\system32\DRIVERS\basp.sys
13:57:39.0827 5600  Blfp - ok
13:57:39.0983 5600  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:57:39.0999 5600  Bonjour Service - ok
13:57:40.0046 5600  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:57:40.0061 5600  bowser - ok
13:57:40.0108 5600  [ 72331EB16A3D59386F600D12CF40D6A0 ] BrcmMgmtAgent   C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
13:57:40.0186 5600  BrcmMgmtAgent - ok
13:57:40.0202 5600  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:57:40.0217 5600  BrFiltLo - ok
13:57:40.0233 5600  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:57:40.0248 5600  BrFiltUp - ok
13:57:40.0280 5600  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll
13:57:40.0311 5600  Browser - ok
13:57:40.0342 5600  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:57:40.0358 5600  Brserid - ok
13:57:40.0389 5600  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:57:40.0420 5600  BrSerWdm - ok
13:57:40.0436 5600  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:57:40.0451 5600  BrUsbMdm - ok
13:57:40.0482 5600  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:57:40.0482 5600  BrUsbSer - ok
13:57:40.0576 5600  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
13:57:40.0576 5600  BthEnum - ok
13:57:40.0592 5600  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:57:40.0592 5600  BTHMODEM - ok
13:57:40.0607 5600  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:57:40.0623 5600  BthPan - ok
13:57:40.0654 5600  [ 04CEDA17A195924070B01174CB1F9AF8 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:57:40.0685 5600  BTHPORT - ok
13:57:40.0763 5600  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
13:57:40.0779 5600  bthserv - ok
13:57:40.0826 5600  [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:57:40.0841 5600  BTHUSB - ok
13:57:40.0857 5600  [ F73511FDEF84BDCCC1BCEC4B0CDDF03C ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
13:57:40.0872 5600  btwampfl - ok
13:57:40.0904 5600  [ 81ECE570471E0589BF488E4B11E6357B ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
13:57:40.0904 5600  btwaudio - ok
13:57:40.0966 5600  [ C770311B74599378990228E6D732C718 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
13:57:40.0966 5600  btwavdt - ok
13:57:41.0106 5600  [ 8E90A8C46B0EE7CE62304DF4D4ABDA1C ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:57:41.0138 5600  btwdins - ok
13:57:41.0153 5600  [ 4DDBB2A4D11EBE70DA3DB4F98E1A0344 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
13:57:41.0153 5600  btwl2cap - ok
13:57:41.0200 5600  [ 0634F4B7E3F4507C0C49A512CE4D93FF ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
13:57:41.0200 5600  btwrchid - ok
13:57:41.0309 5600  [ D9846A19208E76604E1074BB30228AC8 ] buttonsvc32     c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
13:57:41.0340 5600  buttonsvc32 - ok
13:57:41.0387 5600  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:57:41.0403 5600  cdfs - ok
13:57:41.0450 5600  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:57:41.0465 5600  cdrom - ok
13:57:41.0528 5600  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:57:41.0543 5600  CertPropSvc - ok
13:57:41.0559 5600  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:57:41.0559 5600  circlass - ok
13:57:41.0590 5600  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
13:57:41.0606 5600  CLFS - ok
13:57:41.0699 5600  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:57:41.0715 5600  clr_optimization_v2.0.50727_32 - ok
13:57:41.0808 5600  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:57:41.0808 5600  clr_optimization_v4.0.30319_32 - ok
13:57:41.0824 5600  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:57:41.0840 5600  CmBatt - ok
13:57:41.0855 5600  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:57:41.0855 5600  cmdide - ok
13:57:41.0902 5600  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:57:41.0933 5600  CNG - ok
13:57:41.0964 5600  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:57:41.0980 5600  Compbatt - ok
13:57:42.0011 5600  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:57:42.0011 5600  CompositeBus - ok
13:57:42.0027 5600  COMSysApp - ok
13:57:42.0058 5600  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:57:42.0058 5600  crcdisk - ok
13:57:42.0105 5600  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:57:42.0120 5600  CryptSvc - ok
13:57:42.0167 5600  [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC             C:\Windows\system32\drivers\csc.sys
13:57:42.0198 5600  CSC - ok
13:57:42.0214 5600  [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService      C:\Windows\System32\cscsvc.dll
13:57:42.0245 5600  CscService - ok
13:57:42.0292 5600  [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv        C:\Windows\system32\Drivers\CtAudDrv.sys
13:57:42.0323 5600  CtAudDrv - ok
13:57:42.0354 5600  [ AA52C0B88C46D5037809D05DD826C61E ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
13:57:42.0370 5600  CtClsFlt - ok
13:57:42.0417 5600  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:57:42.0432 5600  DcomLaunch - ok
13:57:42.0495 5600  [ 1F145EA867F4A28B168AB253C28DAA7D ] dcpsysmgrsvc    c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
13:57:42.0526 5600  dcpsysmgrsvc - ok
13:57:42.0573 5600  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:57:42.0588 5600  defragsvc - ok
13:57:42.0635 5600  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:57:42.0651 5600  DfsC - ok
13:57:42.0666 5600  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:57:42.0698 5600  Dhcp - ok
13:57:42.0729 5600  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
13:57:42.0744 5600  discache - ok
13:57:42.0760 5600  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:57:42.0776 5600  Disk - ok
13:57:42.0822 5600  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:57:42.0838 5600  Dnscache - ok
13:57:42.0869 5600  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:57:42.0885 5600  dot3svc - ok
13:57:42.0900 5600  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll
13:57:42.0900 5600  DPS - ok
13:57:42.0932 5600  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:57:42.0947 5600  drmkaud - ok
13:57:42.0994 5600  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:57:43.0025 5600  DXGKrnl - ok
13:57:43.0072 5600  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
13:57:43.0088 5600  EapHost - ok
13:57:43.0166 5600  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
13:57:43.0259 5600  ebdrv - ok
13:57:43.0290 5600  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe
13:57:43.0306 5600  EFS - ok
13:57:43.0384 5600  [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:57:43.0431 5600  ehRecvr - ok
13:57:43.0478 5600  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
13:57:43.0493 5600  ehSched - ok
13:57:43.0509 5600  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:57:43.0540 5600  elxstor - ok
13:57:43.0556 5600  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:57:43.0556 5600  ErrDev - ok
13:57:43.0571 5600  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
13:57:43.0602 5600  EventSystem - ok
13:57:43.0696 5600  [ A57BE3307ADA2FC086B5B43135735283 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:57:43.0743 5600  EvtEng - ok
13:57:43.0758 5600  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
13:57:43.0774 5600  exfat - ok
13:57:43.0790 5600  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:57:43.0805 5600  fastfat - ok
13:57:43.0821 5600  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe
13:57:43.0836 5600  Fax - ok
13:57:43.0868 5600  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:57:43.0868 5600  fdc - ok
13:57:43.0883 5600  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
13:57:43.0899 5600  fdPHost - ok
13:57:43.0914 5600  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
13:57:43.0914 5600  FDResPub - ok
13:57:43.0930 5600  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:57:43.0930 5600  FileInfo - ok
13:57:43.0946 5600  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:57:43.0961 5600  Filetrace - ok
13:57:43.0977 5600  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:57:43.0977 5600  flpydisk - ok
13:57:43.0992 5600  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:57:44.0024 5600  FltMgr - ok
13:57:44.0086 5600  [ 7FE4995528A7529A761875151EE3D512 ] FontCache       C:\Windows\system32\FntCache.dll
13:57:44.0164 5600  FontCache - ok
13:57:44.0226 5600  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:57:44.0242 5600  FontCache3.0.0.0 - ok
13:57:44.0258 5600  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:57:44.0273 5600  FsDepends - ok
13:57:44.0304 5600  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:57:44.0320 5600  Fs_Rec - ok
13:57:44.0367 5600  [ 4732E596BB1C50D9F9188C5074EE7782 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:57:44.0367 5600  fvevol - ok
13:57:44.0398 5600  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:57:44.0866 5600  gagp30kx - ok
13:57:44.0913 5600  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:57:44.0913 5600  GEARAspiWDM - ok
13:57:44.0975 5600  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll
13:57:45.0022 5600  gpsvc - ok
13:57:45.0100 5600  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:57:45.0100 5600  gupdate - ok
13:57:45.0116 5600  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:57:45.0116 5600  gupdatem - ok
13:57:45.0162 5600  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:57:45.0178 5600  gusvc - ok
13:57:45.0194 5600  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:57:45.0209 5600  hcw85cir - ok
13:57:45.0225 5600  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:57:45.0225 5600  HDAudBus - ok
13:57:45.0256 5600  [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
13:57:45.0272 5600  HECI - ok
13:57:45.0287 5600  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:57:45.0287 5600  HidBatt - ok
13:57:45.0318 5600  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:57:45.0318 5600  HidBth - ok
13:57:45.0334 5600  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:57:45.0334 5600  HidIr - ok
13:57:45.0350 5600  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
13:57:45.0365 5600  hidserv - ok
13:57:45.0381 5600  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:57:45.0396 5600  HidUsb - ok
13:57:45.0428 5600  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:57:45.0443 5600  hkmsvc - ok
13:57:45.0459 5600  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:57:45.0490 5600  HomeGroupListener - ok
13:57:45.0521 5600  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:57:45.0537 5600  HomeGroupProvider - ok
13:57:45.0552 5600  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:57:45.0568 5600  HpSAMD - ok
13:57:45.0584 5600  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:57:45.0599 5600  HTTP - ok
13:57:45.0615 5600  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:57:45.0615 5600  hwpolicy - ok
13:57:45.0646 5600  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:57:45.0662 5600  i8042prt - ok
13:57:45.0693 5600  [ 26541A068572F650A2FA490726FE81BE ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:57:45.0693 5600  iaStor - ok
13:57:45.0740 5600  [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:57:45.0755 5600  iaStorV - ok
13:57:45.0833 5600  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:57:45.0942 5600  idsvc - ok
13:57:46.0130 5600  [ 0DAB2D553BE272359BCCE55C3449937E ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
13:57:46.0348 5600  igfx - ok
13:57:46.0379 5600  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:57:46.0395 5600  iirsp - ok
13:57:46.0457 5600  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:57:46.0504 5600  IKEEXT - ok
13:57:46.0535 5600  [ E3C36AC5AE87EC970AE8EA2A93D59AE1 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
13:57:46.0551 5600  Impcd - ok
13:57:46.0629 5600  [ 987A2CC8EC0E86CAA2D8068B1ED7B441 ] InstallFilterService C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
13:57:46.0629 5600  InstallFilterService - ok
13:57:46.0660 5600  [ BF31740828A26AB451803E3B35432651 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
13:57:46.0676 5600  IntcDAud - ok
13:57:46.0707 5600  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:57:46.0707 5600  intelide - ok
13:57:46.0722 5600  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:57:46.0738 5600  intelppm - ok
13:57:46.0754 5600  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:57:46.0769 5600  IPBusEnum - ok
13:57:46.0785 5600  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:57:46.0785 5600  IpFilterDriver - ok
13:57:46.0800 5600  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:57:46.0816 5600  IPMIDRV - ok
13:57:46.0832 5600  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:57:46.0832 5600  IPNAT - ok
13:57:46.0910 5600  [ 02682AE021F0FB92F5768B49776B8B5B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:57:46.0925 5600  iPod Service - ok
13:57:46.0941 5600  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:57:46.0956 5600  IRENUM - ok
13:57:46.0956 5600  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:57:46.0972 5600  isapnp - ok
13:57:46.0988 5600  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:57:47.0003 5600  iScsiPrt - ok
13:57:47.0034 5600  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:57:47.0034 5600  kbdclass - ok
13:57:47.0050 5600  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:57:47.0066 5600  kbdhid - ok
13:57:47.0081 5600  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe
13:57:47.0081 5600  KeyIso - ok
13:57:47.0112 5600  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:57:47.0128 5600  KSecDD - ok
13:57:47.0175 5600  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:57:47.0190 5600  KSecPkg - ok
13:57:47.0222 5600  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:57:47.0253 5600  KtmRm - ok
13:57:47.0300 5600  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:57:47.0315 5600  LanmanServer - ok
13:57:47.0346 5600  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:57:47.0362 5600  LanmanWorkstation - ok
13:57:47.0378 5600  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:57:47.0393 5600  lltdio - ok
13:57:47.0440 5600  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:57:47.0456 5600  lltdsvc - ok
13:57:47.0471 5600  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:57:47.0487 5600  lmhosts - ok
13:57:47.0518 5600  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:57:47.0518 5600  LSI_FC - ok
13:57:47.0534 5600  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:57:47.0549 5600  LSI_SAS - ok
13:57:47.0565 5600  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:57:47.0565 5600  LSI_SAS2 - ok
13:57:47.0580 5600  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:57:47.0596 5600  LSI_SCSI - ok
13:57:47.0612 5600  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
13:57:47.0627 5600  luafv - ok
13:57:47.0658 5600  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:57:47.0674 5600  Mcx2Svc - ok
13:57:47.0690 5600  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:57:47.0705 5600  megasas - ok
13:57:47.0721 5600  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:57:47.0736 5600  MegaSR - ok
13:57:47.0752 5600  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
13:57:47.0752 5600  MMCSS - ok
13:57:47.0768 5600  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
13:57:47.0783 5600  Modem - ok
13:57:47.0783 5600  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:57:47.0783 5600  monitor - ok
13:57:47.0814 5600  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:57:47.0814 5600  mouclass - ok
13:57:47.0830 5600  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:57:47.0846 5600  mouhid - ok
13:57:47.0861 5600  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:57:47.0861 5600  mountmgr - ok
13:57:47.0955 5600  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:57:47.0970 5600  MozillaMaintenance - ok
13:57:47.0986 5600  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:57:48.0002 5600  mpio - ok
13:57:48.0002 5600  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:57:48.0017 5600  mpsdrv - ok
13:57:48.0033 5600  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:57:48.0033 5600  MRxDAV - ok
13:57:48.0080 5600  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:57:48.0095 5600  mrxsmb - ok
13:57:48.0126 5600  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:57:48.0158 5600  mrxsmb10 - ok
13:57:48.0189 5600  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:57:48.0204 5600  mrxsmb20 - ok
13:57:48.0236 5600  [ CB5D37E91135B0F15CEE64D1F1BA5DE5 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:57:48.0251 5600  msahci - ok
13:57:48.0267 5600  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
13:57:48.0282 5600  msdsm - ok
13:57:48.0329 5600  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
13:57:48.0345 5600  MSDTC - ok
13:57:48.0376 5600  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:57:48.0376 5600  Msfs - ok
13:57:48.0392 5600  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:57:48.0392 5600  mshidkmdf - ok
13:57:48.0407 5600  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:57:48.0423 5600  msisadrv - ok
13:57:48.0470 5600  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:57:48.0485 5600  MSiSCSI - ok
13:57:48.0485 5600  msiserver - ok
13:57:48.0516 5600  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:57:48.0516 5600  MSKSSRV - ok
13:57:48.0532 5600  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:57:48.0548 5600  MSPCLOCK - ok
13:57:48.0548 5600  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:57:48.0563 5600  MSPQM - ok
13:57:48.0579 5600  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:57:48.0579 5600  MsRPC - ok
13:57:48.0594 5600  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:57:48.0594 5600  mssmbios - ok
13:57:48.0610 5600  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:57:48.0610 5600  MSTEE - ok
13:57:48.0626 5600  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:57:48.0626 5600  MTConfig - ok
13:57:48.0657 5600  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:57:48.0657 5600  Mup - ok
13:57:48.0704 5600  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll
13:57:48.0704 5600  napagent - ok
13:57:48.0766 5600  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:57:48.0782 5600  NativeWifiP - ok
13:57:48.0813 5600  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:57:48.0844 5600  NDIS - ok
13:57:48.0844 5600  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:57:48.0860 5600  NdisCap - ok
13:57:48.0875 5600  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:57:48.0891 5600  NdisTapi - ok
13:57:48.0906 5600  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:57:48.0906 5600  Ndisuio - ok
13:57:48.0922 5600  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:57:48.0938 5600  NdisWan - ok
13:57:48.0953 5600  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:57:48.0969 5600  NDProxy - ok
13:57:49.0000 5600  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
13:57:49.0016 5600  Netaapl - ok
13:57:49.0031 5600  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:57:49.0031 5600  NetBIOS - ok
13:57:49.0062 5600  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:57:49.0062 5600  NetBT - ok
13:57:49.0078 5600  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe
13:57:49.0078 5600  Netlogon - ok
13:57:49.0125 5600  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
13:57:49.0140 5600  Netman - ok
13:57:49.0156 5600  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
13:57:49.0172 5600  netprofm - ok
13:57:49.0203 5600  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:57:49.0234 5600  NetTcpPortSharing - ok
13:57:49.0374 5600  [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32        C:\Windows\system32\DRIVERS\NETw5s32.sys
13:57:49.0484 5600  NETw5s32 - ok
13:57:49.0499 5600  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:57:49.0515 5600  nfrd960 - ok
13:57:49.0546 5600  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:57:49.0577 5600  NlaSvc - ok
13:57:49.0593 5600  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:57:49.0593 5600  Npfs - ok
13:57:49.0608 5600  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
13:57:49.0608 5600  nsi - ok
13:57:49.0624 5600  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:57:49.0624 5600  nsiproxy - ok
13:57:49.0702 5600  [ A8F59428E9F361C7AC42A94AC1560BC9 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:57:49.0764 5600  Ntfs - ok
13:57:49.0780 5600  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
13:57:49.0780 5600  Null - ok
13:57:49.0811 5600  [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:57:49.0827 5600  nvraid - ok
13:57:49.0842 5600  [ 4520B63899E867F354EE012D34E11536 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:57:49.0858 5600  nvstor - ok
13:57:49.0858 5600  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:57:49.0874 5600  nv_agp - ok
13:57:49.0920 5600  [ DD03BDD1459D1966EE640F63221C175A ] odysseyIM3      C:\Windows\system32\DRIVERS\odysseyIM3.sys
13:57:49.0920 5600  odysseyIM3 - ok
13:57:49.0952 5600  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:57:49.0967 5600  ohci1394 - ok
13:57:50.0076 5600  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:57:50.0092 5600  ose - ok
13:57:50.0248 5600  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:57:50.0342 5600  osppsvc - ok
13:57:50.0388 5600  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:57:50.0420 5600  p2pimsvc - ok
13:57:50.0451 5600  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:57:50.0482 5600  p2psvc - ok
13:57:50.0498 5600  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:57:50.0513 5600  Parport - ok
13:57:50.0544 5600  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:57:50.0544 5600  partmgr - ok
13:57:50.0560 5600  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
13:57:50.0576 5600  Parvdm - ok
13:57:50.0622 5600  [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
13:57:50.0622 5600  PBADRV - ok
13:57:50.0638 5600  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:57:50.0669 5600  PcaSvc - ok
13:57:50.0700 5600  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys
13:57:50.0716 5600  pci - ok
13:57:50.0747 5600  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:57:50.0763 5600  pciide - ok
13:57:50.0778 5600  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:57:50.0794 5600  pcmcia - ok
13:57:50.0810 5600  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
13:57:50.0825 5600  pcw - ok
13:57:50.0841 5600  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:57:50.0888 5600  PEAUTH - ok
13:57:50.0950 5600  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:57:51.0012 5600  PeerDistSvc - ok
13:57:51.0059 5600  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll
13:57:51.0168 5600  pla - ok
13:57:51.0215 5600  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:57:51.0262 5600  PlugPlay - ok
13:57:51.0262 5600  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:57:51.0278 5600  PNRPAutoReg - ok
13:57:51.0309 5600  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:57:51.0309 5600  PNRPsvc - ok
13:57:51.0356 5600  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:57:51.0371 5600  PolicyAgent - ok
13:57:51.0387 5600  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll
13:57:51.0402 5600  Power - ok
13:57:51.0418 5600  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:57:51.0418 5600  PptpMiniport - ok
13:57:51.0434 5600  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:57:51.0449 5600  Processor - ok
13:57:51.0480 5600  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\Windows\system32\profsvc.dll
13:57:51.0512 5600  ProfSvc - ok
13:57:51.0527 5600  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:57:51.0527 5600  ProtectedStorage - ok
13:57:51.0558 5600  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:57:51.0574 5600  Psched - ok
13:57:51.0621 5600  [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
13:57:51.0636 5600  PxHelp20 - ok
13:57:51.0683 5600  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:57:51.0761 5600  ql2300 - ok
13:57:51.0777 5600  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:57:51.0792 5600  ql40xx - ok
13:57:51.0824 5600  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
13:57:51.0855 5600  QWAVE - ok
13:57:51.0870 5600  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:57:51.0870 5600  QWAVEdrv - ok
13:57:51.0886 5600  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:57:51.0902 5600  RasAcd - ok
13:57:51.0902 5600  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:57:51.0917 5600  RasAgileVpn - ok
13:57:51.0933 5600  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
13:57:51.0948 5600  RasAuto - ok
13:57:51.0964 5600  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:57:51.0964 5600  Rasl2tp - ok
13:57:52.0011 5600  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll
13:57:52.0042 5600  RasMan - ok
13:57:52.0058 5600  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:57:52.0058 5600  RasPppoe - ok
13:57:52.0089 5600  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:57:52.0104 5600  RasSstp - ok
13:57:52.0120 5600  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:57:52.0136 5600  rdbss - ok
13:57:52.0151 5600  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:57:52.0151 5600  rdpbus - ok
13:57:52.0167 5600  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:57:52.0182 5600  RDPCDD - ok
13:57:52.0214 5600  [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:57:52.0229 5600  RDPDR - ok
13:57:52.0245 5600  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:57:52.0245 5600  RDPENCDD - ok
13:57:52.0260 5600  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:57:52.0260 5600  RDPREFMP - ok
13:57:52.0307 5600  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:57:52.0323 5600  RDPWD - ok
13:57:52.0338 5600  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:57:52.0370 5600  rdyboost - ok
13:57:52.0432 5600  [ A171029D6B6C2D93C22861A347F43C2A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:57:52.0463 5600  RegSrvc - ok
13:57:52.0510 5600  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:57:52.0526 5600  RemoteAccess - ok
13:57:52.0557 5600  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:57:52.0572 5600  RemoteRegistry - ok
13:57:52.0604 5600  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:57:52.0619 5600  RFCOMM - ok
13:57:52.0650 5600  [ E891F07815AF88075705EF6A248711F6 ] rimspci         C:\Windows\system32\DRIVERS\rimspe86.sys
13:57:52.0666 5600  rimspci - ok
13:57:52.0682 5600  [ 5312F15DBEB47D906DCA2E334DC4C97D ] risdpcie        C:\Windows\system32\DRIVERS\risdpe86.sys
13:57:52.0697 5600  risdpcie - ok
13:57:52.0713 5600  [ CF2DE2365FD99E5B8E38C9F3467DCDB8 ] rixdpcie        C:\Windows\system32\DRIVERS\rixdpe86.sys
13:57:52.0713 5600  rixdpcie - ok
13:57:52.0728 5600  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:57:52.0744 5600  RpcEptMapper - ok
13:57:52.0760 5600  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
13:57:52.0760 5600  RpcLocator - ok
13:57:52.0791 5600  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll
13:57:52.0791 5600  RpcSs - ok
13:57:52.0822 5600  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:57:52.0838 5600  rspndr - ok
13:57:52.0869 5600  [ 5423D8437051E89DD34749F242C98648 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
13:57:52.0884 5600  s3cap - ok
13:57:52.0884 5600  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe
13:57:52.0900 5600  SamSs - ok
13:57:52.0916 5600  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:57:52.0931 5600  sbp2port - ok
13:57:52.0962 5600  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:57:52.0978 5600  SCardSvr - ok
13:57:52.0978 5600  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:57:52.0994 5600  scfilter - ok
13:57:53.0040 5600  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll
13:57:53.0118 5600  Schedule - ok
13:57:53.0134 5600  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:57:53.0134 5600  SCPolicySvc - ok
13:57:53.0150 5600  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:57:53.0165 5600  SDRSVC - ok
13:57:53.0181 5600  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:57:53.0181 5600  secdrv - ok
13:57:53.0196 5600  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
13:57:53.0196 5600  seclogon - ok
13:57:53.0306 5600  [ F6A6DBD275EC9EF7B573E48B3FD8D3DF ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
13:57:53.0384 5600  SecureStorageService - ok
13:57:53.0399 5600  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
13:57:53.0399 5600  SENS - ok
13:57:53.0446 5600  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:57:53.0462 5600  SensrSvc - ok
13:57:53.0493 5600  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:57:53.0508 5600  Serenum - ok
13:57:53.0508 5600  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:57:53.0524 5600  Serial - ok
13:57:53.0540 5600  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:57:53.0555 5600  sermouse - ok
13:57:53.0571 5600  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll
13:57:53.0586 5600  SessionEnv - ok
13:57:53.0602 5600  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:57:53.0602 5600  sffdisk - ok
13:57:53.0602 5600  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:57:53.0618 5600  sffp_mmc - ok
13:57:53.0633 5600  [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:57:53.0633 5600  sffp_sd - ok
13:57:53.0649 5600  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:57:53.0649 5600  sfloppy - ok
13:57:53.0711 5600  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:57:53.0742 5600  ShellHWDetection - ok
13:57:53.0789 5600  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
13:57:53.0789 5600  sisagp - ok
13:57:53.0820 5600  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:57:53.0836 5600  SiSRaid2 - ok
13:57:53.0852 5600  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:57:53.0867 5600  SiSRaid4 - ok
13:57:53.0914 5600  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:57:53.0930 5600  Smb - ok
13:57:53.0976 5600  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:57:53.0992 5600  SNMPTRAP - ok
13:57:54.0008 5600  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:57:54.0008 5600  spldr - ok
13:57:54.0054 5600  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\Windows\System32\spoolsv.exe
13:57:54.0086 5600  Spooler - ok
13:57:54.0195 5600  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:57:54.0273 5600  sppsvc - ok
13:57:54.0288 5600  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:57:54.0288 5600  sppuinotify - ok
13:57:54.0366 5600  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\Windows\system32\Drivers\sptd.sys
13:57:54.0366 5600  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
13:57:54.0366 5600  sptd ( LockedFile.Multi.Generic ) - warning
13:57:54.0366 5600  sptd - detected LockedFile.Multi.Generic (1)
13:57:54.0413 5600  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:57:54.0429 5600  srv - ok
13:57:54.0444 5600  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:57:54.0460 5600  srv2 - ok
13:57:54.0476 5600  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:57:54.0491 5600  srvnet - ok
13:57:54.0507 5600  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:57:54.0522 5600  SSDPSRV - ok
13:57:54.0569 5600  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
13:57:54.0569 5600  ssmdrv - ok
13:57:54.0585 5600  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:57:54.0600 5600  SstpSvc - ok
13:57:54.0725 5600  [ 0A8FA56553913E87AA24A6CE218B88DE ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
13:57:54.0741 5600  STacSV - ok
13:57:54.0772 5600  [ A5B83C8050572622E5C43B5B3326A129 ] stdflt          C:\Windows\system32\DRIVERS\stdfltn.sys
13:57:54.0788 5600  stdflt - ok
13:57:54.0819 5600  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:57:54.0834 5600  stexstor - ok
13:57:54.0850 5600  [ 2B50CFED920D4CD973ADBAAAD3FE704F ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
13:57:54.0928 5600  STHDA - ok
13:57:55.0240 5600  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
13:57:55.0240 5600  StillCam - ok
13:57:55.0256 5600  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll
13:57:55.0302 5600  StiSvc - ok
13:57:55.0349 5600  [ E476C66713C842F58E61A95826ED1D57 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:57:55.0365 5600  stllssvr - ok
13:57:55.0412 5600  [ 957E346CA948668F2496A6CCF6FF82CC ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
13:57:55.0427 5600  storflt - ok
13:57:55.0458 5600  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
13:57:55.0474 5600  StorSvc - ok
13:57:55.0490 5600  [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
13:57:55.0505 5600  storvsc - ok
13:57:55.0521 5600  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:57:55.0521 5600  swenum - ok
13:57:55.0536 5600  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
13:57:55.0552 5600  swprv - ok
13:57:55.0583 5600  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll
13:57:55.0614 5600  SysMain - ok
13:57:55.0630 5600  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:57:55.0646 5600  TabletInputService - ok
13:57:55.0661 5600  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:57:55.0677 5600  TapiSrv - ok
13:57:55.0692 5600  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
13:57:55.0708 5600  TBS - ok
13:57:55.0755 5600  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:57:55.0833 5600  Tcpip - ok
13:57:55.0880 5600  [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:57:55.0895 5600  TCPIP6 - ok
13:57:55.0926 5600  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:57:55.0942 5600  tcpipreg - ok
13:57:56.0020 5600  [ 69F1A38A6DBFE682491CB61A596662E3 ] tcsd_win32.exe  C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
13:57:56.0114 5600  tcsd_win32.exe - ok
13:57:56.0176 5600  [ 55FF1B851D685C928807DFA84529BE9F ] TdmService      C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
13:57:56.0223 5600  TdmService - ok
13:57:56.0238 5600  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:57:56.0238 5600  TDPIPE - ok
13:57:56.0270 5600  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:57:56.0285 5600  TDTCP - ok
13:57:56.0301 5600  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:57:56.0316 5600  tdx - ok
13:57:56.0426 5600  [ 1A35E7079C650D9EB17B55E4FF4C0DCD ] TeamViewer5     C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
13:57:56.0441 5600  TeamViewer5 - ok
13:57:56.0457 5600  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:57:56.0457 5600  TermDD - ok
13:57:56.0504 5600  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll
13:57:56.0566 5600  TermService - ok
13:57:56.0582 5600  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
13:57:56.0582 5600  Themes - ok
13:57:56.0597 5600  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
13:57:56.0597 5600  THREADORDER - ok
13:57:56.0613 5600  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
13:57:56.0628 5600  TrkWks - ok
13:57:56.0675 5600  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:57:56.0675 5600  TrustedInstaller - ok
13:57:56.0706 5600  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:57:56.0706 5600  tssecsrv - ok
13:57:56.0738 5600  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:57:56.0753 5600  tunnel - ok
13:57:56.0769 5600  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:57:56.0769 5600  uagp35 - ok
13:57:56.0800 5600  [ EB0A7BD4D471AC3CE55564A4C55B9D8E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:57:56.0831 5600  udfs - ok
13:57:56.0847 5600  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:57:56.0862 5600  UI0Detect - ok
13:57:56.0878 5600  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:57:56.0894 5600  uliagpkx - ok
13:57:56.0940 5600  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:57:56.0940 5600  umbus - ok
13:57:56.0956 5600  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:57:56.0972 5600  UmPass - ok
13:57:57.0003 5600  [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:57:57.0034 5600  UmRdpService - ok
13:57:57.0050 5600  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
13:57:57.0081 5600  upnphost - ok
13:57:57.0128 5600  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:57:57.0143 5600  USBAAPL - ok
13:57:57.0174 5600  [ 5C233AEFB566EE78C1EFBC0493FB066A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:57:57.0190 5600  usbccgp - ok
13:57:57.0206 5600  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:57:57.0221 5600  usbcir - ok
13:57:57.0221 5600  [ 5B71019A6ACA0116FD21B368F19C0B91 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:57:57.0237 5600  usbehci - ok
13:57:57.0252 5600  [ 5823D3965C2A4F6F785ED1A3B403F3B8 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:57:57.0268 5600  usbhub - ok
13:57:57.0315 5600  [ E753ED6C49DA13967EBABF9EA616454A ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:57:57.0315 5600  usbohci - ok
13:57:57.0346 5600  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:57:57.0346 5600  usbprint - ok
13:57:57.0377 5600  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:57:57.0377 5600  usbscan - ok
13:57:57.0408 5600  [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:57:57.0424 5600  USBSTOR - ok
13:57:57.0440 5600  [ 6A30928A469CE802600E1EA8C0F2F53F ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:57:57.0440 5600  usbuhci - ok
13:57:57.0471 5600  [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:57:57.0486 5600  usbvideo - ok
13:57:57.0486 5600  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
13:57:57.0502 5600  UxSms - ok
13:57:57.0518 5600  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe
13:57:57.0518 5600  VaultSvc - ok
13:57:57.0549 5600  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:57:57.0549 5600  vdrvroot - ok
13:57:57.0564 5600  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe
13:57:57.0596 5600  vds - ok
13:57:57.0596 5600  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:57:57.0611 5600  vga - ok
13:57:57.0611 5600  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:57:57.0627 5600  VgaSave - ok
13:57:57.0642 5600  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
13:57:57.0642 5600  vhdmp - ok
13:57:57.0674 5600  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
13:57:57.0689 5600  viaagp - ok
13:57:57.0689 5600  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
13:57:57.0705 5600  ViaC7 - ok
13:57:57.0720 5600  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:57:57.0736 5600  viaide - ok
13:57:57.0767 5600  [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
13:57:57.0798 5600  vmbus - ok
13:57:57.0814 5600  [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
13:57:57.0814 5600  VMBusHID - ok
13:57:57.0830 5600  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:57:57.0830 5600  volmgr - ok
13:57:57.0845 5600  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:57:57.0861 5600  volmgrx - ok
13:57:57.0908 5600  [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:57:57.0923 5600  volsnap - ok
13:57:57.0970 5600  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:57:57.0986 5600  vsmraid - ok
13:57:58.0017 5600  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe
13:57:58.0095 5600  VSS - ok
13:57:58.0110 5600  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:57:58.0110 5600  vwifibus - ok
13:57:58.0126 5600  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:57:58.0142 5600  vwififlt - ok
13:57:58.0173 5600  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:57:58.0173 5600  vwifimp - ok
13:57:58.0188 5600  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
13:57:58.0204 5600  W32Time - ok
13:57:58.0220 5600  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:57:58.0220 5600  WacomPen - ok
13:57:58.0251 5600  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:57:58.0266 5600  WANARP - ok
13:57:58.0266 5600  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:57:58.0266 5600  Wanarpv6 - ok
13:57:58.0360 5600  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:57:58.0469 5600  WatAdminSvc - ok
13:57:58.0516 5600  [ B5A4DC2AA19F0D4594F7897E87A10D21 ] WavxDMgr        C:\Windows\system32\DRIVERS\WavxDMgr.sys
13:57:58.0532 5600  WavxDMgr - ok
13:57:58.0594 5600  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe
13:57:58.0672 5600  wbengine - ok
13:57:58.0688 5600  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:57:58.0703 5600  WbioSrvc - ok
13:57:58.0719 5600  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:57:58.0734 5600  wcncsvc - ok
13:57:58.0734 5600  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:57:58.0750 5600  WcsPlugInService - ok
13:57:58.0750 5600  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:57:58.0766 5600  Wd - ok
13:57:58.0797 5600  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:57:58.0859 5600  Wdf01000 - ok
13:57:58.0875 5600  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:57:58.0890 5600  WdiServiceHost - ok
13:57:58.0906 5600  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:57:58.0906 5600  WdiSystemHost - ok
13:57:58.0953 5600  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\Windows\System32\webclnt.dll
13:57:58.0984 5600  WebClient - ok
13:57:58.0984 5600  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:57:59.0000 5600  Wecsvc - ok
13:57:59.0015 5600  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:57:59.0015 5600  wercplsupport - ok
13:57:59.0046 5600  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:57:59.0062 5600  WerSvc - ok
13:57:59.0078 5600  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:57:59.0093 5600  WfpLwf - ok
13:57:59.0109 5600  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:57:59.0109 5600  WIMMount - ok
13:57:59.0124 5600  WinHttpAutoProxySvc - ok
13:57:59.0202 5600  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:57:59.0218 5600  Winmgmt - ok
13:57:59.0265 5600  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:57:59.0358 5600  WinRM - ok
13:57:59.0405 5600  [ B5BA3CC19D00F2EBA92F1CFBEBB5D650 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:57:59.0421 5600  WinUsb - ok
13:57:59.0452 5600  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:57:59.0499 5600  Wlansvc - ok
13:57:59.0530 5600  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:57:59.0530 5600  WmiAcpi - ok
13:57:59.0546 5600  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:57:59.0561 5600  wmiApSrv - ok
13:57:59.0639 5600  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:57:59.0670 5600  WMPNetworkSvc - ok
13:57:59.0686 5600  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:57:59.0702 5600  WPCSvc - ok
13:57:59.0717 5600  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:57:59.0717 5600  WPDBusEnum - ok
13:57:59.0764 5600  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:57:59.0764 5600  ws2ifsl - ok
13:57:59.0764 5600  WSearch - ok
13:57:59.0858 5600  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
13:57:59.0920 5600  wuauserv - ok
13:57:59.0982 5600  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:57:59.0982 5600  WudfPf - ok
13:58:00.0014 5600  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:58:00.0029 5600  WUDFRd - ok
13:58:00.0060 5600  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:58:00.0076 5600  wudfsvc - ok
13:58:00.0092 5600  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:58:00.0107 5600  WwanSvc - ok
13:58:00.0138 5600  ================ Scan global ===============================
13:58:00.0185 5600  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
13:58:00.0232 5600  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
13:58:00.0279 5600  [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
13:58:00.0326 5600  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
13:58:00.0341 5600  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
13:58:00.0372 5600  [Global] - ok
13:58:00.0372 5600  ================ Scan MBR ==================================
13:58:00.0388 5600  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:58:00.0684 5600  \Device\Harddisk0\DR0 - ok
13:58:00.0684 5600  ================ Scan VBR ==================================
13:58:00.0684 5600  [ 037901941CA83E7931AE88A56E47FE07 ] \Device\Harddisk0\DR0\Partition1
13:58:00.0684 5600  \Device\Harddisk0\DR0\Partition1 - ok
13:58:00.0700 5600  [ B38BFD6727C24498D6F7FD91EBDA2BC4 ] \Device\Harddisk0\DR0\Partition2
13:58:00.0716 5600  \Device\Harddisk0\DR0\Partition2 - ok
13:58:00.0716 5600  ============================================================
13:58:00.0716 5600  Scan finished
13:58:00.0716 5600  ============================================================
13:58:00.0731 5608  Detected object count: 1
13:58:00.0731 5608  Actual detected object count: 1
13:58:15.0520 5608  sptd ( LockedFile.Multi.Generic ) - skipped by user
13:58:15.0520 5608  sptd ( LockedFile.Multi.Generic ) - User select action: Skip
         
zoek:
Code:
ATTFilter
Zoek.exe Version 4.0.0.2 Updated 15-May-2013
Tool run by Schwoy on 16.05.2013 at 13:45:15,94.
Microsoft Windows 7 Professional  6.1.7600  x86
Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2148369650-1481080501-3592823048-1116\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Files \ Folders ======================

"C:\$Recycle.Bin\S-1-5-18\$dc1d3e9f9e8d427e40f64d94cf90f8f6" not found 
"C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\0e7jn55h.default\extensions\qtss3wbj@fyoaa-.org" not found 
"C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgblamdbnlccegnoeflgeelfkojpiae" not found 
"C:\$Recycle.Bin\S-1-5-21-2148369650-1481080501-3592823048-1116\$dc1d3e9f9e8d427e40f64d94cf90f8f6\@" deleted
"C:\$Recycle.Bin\S-1-5-21-2148369650-1481080501-3592823048-1116\$dc1d3e9f9e8d427e40f64d94cf90f8f6" deleted
"C:\$Recycle.Bin\S-1-5-21-2148369650-1481080501-3592823048-1116\$dc1d3e9f9e8d427e40f64d94cf90f8f6\L" deleted
"C:\$Recycle.Bin\S-1-5-21-2148369650-1481080501-3592823048-1116\$dc1d3e9f9e8d427e40f64d94cf90f8f6\U" deleted

==== Registry Search Results for "$dc1d3e9f9e8d427e40f64d94cf90f8f6" ======================

No instances of string "$dc1d3e9f9e8d427e40f64d94cf90f8f6" found.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\***\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-05-15 14:28:29	D0F47BFDDE810912F65E079B5956D6C7	94112	----a-w-	C:\Windows\System32\WindowsAccessBridge.dll
====== C:\Windows\system32\drivers =====
2013-05-15 13:58:06	4470E3C1E0C3378E4CAB137893C12C3A	22856	----a-w-	C:\Windows\System32\drivers\mbam.sys
2013-04-24 07:44:42	A8F59428E9F361C7AC42A94AC1560BC9	1210728	----a-w-	C:\Windows\System32\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Users\Schwoy\AppData\Roaming ======
2013-05-16 09:38:34	--------	d-----w-	C:\users\***\AppData\Roaming\webex
2013-05-15 15:33:50	0F728A9504EFCD674A56198A5BF5419C	61952	----a-w-	C:\users\***\AppData\Roaming\ie_util.exe
2013-05-15 13:57:23	--------	d-----w-	C:\users\***\AppData\Local\Programs
2013-05-14 11:46:25	--------	d-----w-	C:\users\***\AppData\Roaming\Reac
2013-05-14 11:46:25	--------	d-----w-	C:\users\***\AppData\Roaming\Ibha
2013-05-14 11:46:25	--------	d-----w-	C:\users\***\AppData\Roaming\Daxoqi
====== C:\Users\*** ======
2013-05-16 08:01:37	--------	d-----w-	C:\ProgramData\WebEx

====== C: exe-files ==
2013-05-16 08:03:23	75E9E13757717F487CA877F5FCD2A8CC	46672	----a-w-	C:\ProgramData\WebEx\WebEx\1124\atasanot.exe
2013-05-16 08:03:18	86C397E1A562011D4276EB36BB78EF39	108112	----a-w-	C:\ProgramData\WebEx\WebEx\1124\wbxdmsupload.exe
2013-05-16 08:03:09	0E4AA434519437D9908C046A43E07DCA	212560	----a-w-	C:\ProgramData\WebEx\WebEx\1124\wbxreport.exe
2013-05-16 08:03:01	E680FF2A542DAB8D36C40CF6FF197020	516176	----a-w-	C:\ProgramData\WebEx\atcliun.exe
2013-05-16 08:02:12	3221C6CF60D6717019F1AED9284A27A4	582224	----a-w-	C:\ProgramData\WebEx\WebEx\1124\atmgr.exe
2013-05-16 08:01:34	DFE0A736D4F91BC1D9561D2C4D1BAE5F	140368	----a-w-	C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5JEEEQ2A\L255a2xpbmUvMTIzODExMTAxNS8tMTIxMjgzMTUxNzsxMjEyODMxNTE3L01DLzB8MC8wNjU1ZmZjZg==_webex[1].exe
2013-05-16 08:01:31	DFE0A736D4F91BC1D9561D2C4D1BAE5F	140368	----a-w-	C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\X25NI2R5\L255a2xpbmUvMTIzODExMTAxNS8tMTIxMjgzMTUxNzsxMjEyODMxNTE3L01DLzB8MC8wNjU1ZmZjZg==_webex[1].exe
2013-05-15 15:33:50	0F728A9504EFCD674A56198A5BF5419C	61952	----a-w-	C:\Users\***\AppData\Roaming\ie_util.exe
2013-05-15 15:33:50	0F728A9504EFCD674A56198A5BF5419C	61952	----a-w-	C:\Users\***\AppData\Local\Temp\tmp0c57f3a9\17.exe
2013-05-15 14:43:39	4ADCFEE16EE9978F06157634669D36FB	602112	----a-w-	C:\Users\***\Desktop\OTL.exe
2013-05-15 13:57:09	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88IQ56TB\mbam-setup-1.75.0.1300[1].exe
=== C: other files ==
2013-05-16 08:01:47	CECDF65A59A3394CB47B57DF14A8219F	151	----a-w-	C:\ProgramData\WebEx\reggpc.bat
2013-05-15 13:58:06	4470E3C1E0C3378E4CAB137893C12C3A	22856	----a-w-	C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2148369650-1481080501-3592823048-1116\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Bouqu"="C:\Users\***\AppData\Roaming\Reac\ebqou.exe"
"IExplorer Util"="C:\Users\***\AppData\Roaming\ie_util.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"DellControlPoint"="C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe"
"WavXMgr"="C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe"
"USCService"="C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe"
"PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"Dell Webcam Central"="C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"
"FreePDF Assistant"="C:\Program Files\FreePDF_XP\fpassist.exe"
"MFNetworkScanUtility"="C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Bouqu"="C:\Users\***\AppData\Roaming\Reac\ebqou.exe"
"IExplorer Util"="C:\Users\***\AppData\Roaming\ie_util.exe"

==== Startup Folders ======================

2010-08-16 21:50:46	834	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
2010-08-16 21:43:38	2273	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
2010-08-16 21:48:40	2213	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TdmNotify.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.05.2013 11:18]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11.10.2010 14:22]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undertermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kld8xk1k.default
- DAEMON Tools Toolbar - %ProfilePath%\extensions\DTToolbar@toolbarnet.com
- WEB.DE MailCheck - %ProfilePath%\extensions\toolbar@web.de
- DVDVideoSoftTB Toolbar - %ProfilePath%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
- DVDVideoSoft Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ebrxyid0.default
- Undetermined - %ProfilePath%\extensions\staged
- WEB.DE MailCheck - %ProfilePath%\extensions\toolbar@web.de

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ebrxyid0.default
E0FF893763BA82BAABB869A351F0C455	- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll -	Google Update
F00A0EF5835E1B96F783D617F1948704	- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll -	iTunes Application Detector
11EF47BE3D8A4A943E10A63870C1F2C6	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll -	QuickTime Plug-in 7.7.3
4ACB977AAB250731739302CB45A807B3	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll -	QuickTime Plug-in 7.7.3
6E7690D2EE4E530DAC8C562CF8CCE70B	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll -	QuickTime Plug-in 7.7.3
D2E4BDDD297B6A481BAC612C25A1F10A	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll -	QuickTime Plug-in 7.7.3
7A14B17E24CE74BBB603B824EDA79A72	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll -	QuickTime Plug-in 7.7.3
2A92F41DCBB5832872D8B0E941746112	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll -	QuickTime Plug-in 7.7.3
C1FD5EE5FD1F65CE223A5C3AE846DDF6	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll -	QuickTime Plug-in 7.7.3
4CD43010502A7E1337D72E2AD296B239	- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll -	Adobe Acrobat
E971E06DDE68684CB3957C5D0E133CB0	- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -	Google Earth Plugin
3509063A268A4197CF8E713BD22B0978	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Windows Live® Photo Gallery
4CD43010502A7E1337D72E2AD296B239	- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
4CD43010502A7E1337D72E2AD296B239	- C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
C1FD5EE5FD1F65CE223A5C3AE846DDF6	- C:\Program Files\QuickTime\Plugins\npqtplugin.dll -	QuickTime Plug-in 7.7.3
2A92F41DCBB5832872D8B0E941746112	- C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -	QuickTime Plug-in 7.7.3
7A14B17E24CE74BBB603B824EDA79A72	- C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -	QuickTime Plug-in 7.7.3
D2E4BDDD297B6A481BAC612C25A1F10A	- C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -	QuickTime Plug-in 7.7.3
6E7690D2EE4E530DAC8C562CF8CCE70B	- C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -	QuickTime Plug-in 7.7.3
4ACB977AAB250731739302CB45A807B3	- C:\Program Files\QuickTime\Plugins\npqtplugin6.dll -	QuickTime Plug-in 7.7.3
11EF47BE3D8A4A943E10A63870C1F2C6	- C:\Program Files\QuickTime\Plugins\npqtplugin7.dll -	QuickTime Plug-in 7.7.3


After Reboot
         
__________________

Alt 16.05.2013, 14:24   #4
smeenk
/// Malwareteam / Visitor
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Wir machen weiter
  • Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen.
  • Starte die Zoek.exe mit einem Doppelklick (nur Windows XP-Benutzer).
  • Windows Vista/7 Benutzer starten das Tool bitte per Rechtsklick auf das Icon und wählen "Als Administrator starten".
  • Kopiere untenstehende Code in das Textfeld:
    Code:
    ATTFilter
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
    autoclean;
    "Bouqu"=-;r
    "IExplorer Util"=-;r
             
  • Nun klicke auf "Run script" und warte geduldig, bis der Scan durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit dem Logfile öffnen (ggfs. erst nach einem Neustart).
    Nachträglich kannst Du den Bericht unter c:\zoek-results.log einsehen.
  • Poste mir das Log File zoek-results.log

Alt 16.05.2013, 15:59   #5
Leemur
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Supi =D

Incoming Logfile:

Code:
ATTFilter
Zoek.exe Version 4.0.0.2 Updated 30-04-2013
Tool run by *** on 16.05.2013 at 16:40:37,73.
Microsoft Windows 7 Professional  6.1.7600  x86
Running in: Normal Mode No Internet Access Detected

==== Older Logs ======================

C:\zoek-results16.05.2013-1639.log	17858 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"Bouqu"=- 
"IExplorer Util"=- 

==== Deleting Files \ Folders ======================

"C:\Users\***\AppData\Local\WavXMapDrive.bat" not deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kld8xk1k.default
- WEB.DE MailCheck - %ProfilePath%\extensions\toolbar@web.de
- DVDVideoSoft Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ebrxyid0.default
- WEB.DE MailCheck - %ProfilePath%\extensions\toolbar@web.de

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Schwoy\AppData\Roaming\Mozilla\Firefox\Profiles\ebrxyid0.default
E0FF893763BA82BAABB869A351F0C455	- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll -	Google Update
F00A0EF5835E1B96F783D617F1948704	- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll -	iTunes Application Detector
11EF47BE3D8A4A943E10A63870C1F2C6	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll -	QuickTime Plug-in 7.7.3
4ACB977AAB250731739302CB45A807B3	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll -	QuickTime Plug-in 7.7.3
6E7690D2EE4E530DAC8C562CF8CCE70B	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll -	QuickTime Plug-in 7.7.3
D2E4BDDD297B6A481BAC612C25A1F10A	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll -	QuickTime Plug-in 7.7.3
7A14B17E24CE74BBB603B824EDA79A72	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll -	QuickTime Plug-in 7.7.3
2A92F41DCBB5832872D8B0E941746112	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll -	QuickTime Plug-in 7.7.3
C1FD5EE5FD1F65CE223A5C3AE846DDF6	- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll -	QuickTime Plug-in 7.7.3
4CD43010502A7E1337D72E2AD296B239	- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll -	Adobe Acrobat
E971E06DDE68684CB3957C5D0E133CB0	- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -	Google Earth Plugin
3509063A268A4197CF8E713BD22B0978	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Windows Live® Photo Gallery
4CD43010502A7E1337D72E2AD296B239	- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
4CD43010502A7E1337D72E2AD296B239	- C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
C1FD5EE5FD1F65CE223A5C3AE846DDF6	- C:\Program Files\QuickTime\Plugins\npqtplugin.dll -	QuickTime Plug-in 7.7.3
2A92F41DCBB5832872D8B0E941746112	- C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -	QuickTime Plug-in 7.7.3
7A14B17E24CE74BBB603B824EDA79A72	- C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -	QuickTime Plug-in 7.7.3
D2E4BDDD297B6A481BAC612C25A1F10A	- C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -	QuickTime Plug-in 7.7.3
6E7690D2EE4E530DAC8C562CF8CCE70B	- C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -	QuickTime Plug-in 7.7.3
4ACB977AAB250731739302CB45A807B3	- C:\Program Files\QuickTime\Plugins\npqtplugin6.dll -	QuickTime Plug-in 7.7.3
11EF47BE3D8A4A943E10A63870C1F2C6	- C:\Program Files\QuickTime\Plugins\npqtplugin7.dll -	QuickTime Plug-in 7.7.3


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.de/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.de/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{2E5477D5-EE7B-4E9F-97B1-604E9E507E08} 1und1 Suche Url="hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}"
{2FD1614C-4DA5-4A34-BE62-75EC57D3ACB7} WEB.DE Suche Url="hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}"
{4D9042FC-D1C4-4BF2-A8AB-C707A66B0E05} GMX search Url="hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{E5F508BA-0E7A-4F2C-9DEE-D3771E9BA685} GMX Suche Url="hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}"

==== Empty IE Cache ======================

C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\administrator.***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\***\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\***\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\***\AppData\Local\Mozilla\Firefox\Profiles\kld8xk1k.default\Cache emptied successfully
C:\users\***\AppData\Local\Mozilla\Firefox\Profiles\ebrxyid0.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\***\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\***\AppData\Local\WavXMapDrive.bat"  not found
"C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
         
Darf ich fragen wonach genau gesucht wird?
Für einen Laien ist das viel Text ohne viel Bedeutung... ^^

Grüße

leemur


Alt 16.05.2013, 16:38   #6
smeenk
/// Malwareteam / Visitor
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Zitat:
Zitat von Leemur Beitrag anzeigen
Darf ich fragen wonach genau gesucht wird?
Für einen Laien ist das viel Text ohne viel Bedeutung... ^^
Selbsverstandlich

Ich lass Zoek suchen nach Ordner und Dateien die zur Infektion gehören

  • Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen.
  • Starte die Zoek.exe mit einem Doppelklick (nur Windows XP-Benutzer).
  • Windows Vista/7 Benutzer starten das Tool bitte per Rechtsklick auf das Icon und wählen "Als Administrator starten".
  • Kopiere untenstehende Code in das Textfeld:
    Code:
    ATTFilter
    startupall;
    %appdata%;V
    process;
             
  • Nun klicke auf "Run script" und warte geduldig, bis der Scan durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit dem Logfile öffnen (ggfs. erst nach einem Neustart).
    Nachträglich kannst Du den Bericht unter c:\zoek-results.log einsehen.
  • Poste mir das Log File zoek-results.log

Alt 17.05.2013, 08:58   #7
Leemur
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Guten Morgen Smeenk,

hier der nächste Log. =)

Code:
ATTFilter
Zoek.exe Version 4.0.0.2 Updated 30-04-2013
Tool run by *** on 17.05.2013 at  9:52:53,54.
Microsoft Windows 7 Professional  6.1.7600  x86
Running in: Normal Mode No Internet Access Detected

==== Older Logs ======================

C:\zoek-results17.05.2013-0951.log	9094 bytes

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Program Files\Fingerprint Sensor\AtService.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
c:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\FreePDF_XP\fpassist.exe
C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\program files\avira\antivir desktop\avcenter.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Users\Schwoy\Desktop\CASS\zoek.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

==== Folders Found In %appdata% ======================

2012-10-11 15:34:23	d-----w-	C:\Users\***\AppData\Roaming\Media Center Programs
2012-10-11 15:34:23	d-s---w-	C:\Users\***\AppData\Roaming\Microsoft
2012-10-11 15:34:53	d-----w-	C:\Users\***\AppData\Roaming\TeamViewer
2012-10-11 15:35:01	d-----w-	C:\Users\***\AppData\Roaming\Identities
2012-10-11 15:35:20	d-----w-	C:\Users\***\AppData\Roaming\Apple Computer
2012-10-11 15:35:21	d-----w-	C:\Users\***\AppData\Roaming\Creative
2012-10-11 15:35:29	d-----w-	C:\Users\***\AppData\Roaming\Broadcom
2012-10-11 15:35:29	d-----w-	C:\Users\***\AppData\Roaming\Wave Systems Corp
2012-10-11 15:39:05	d-----w-	C:\Users\***\AppData\Roaming\Intel
2012-10-11 16:06:05	d-----w-	C:\Users\***\AppData\Roaming\Adobe
2012-10-11 16:38:46	d-----w-	C:\Users\***\AppData\Roaming\CyberLink
2012-10-11 17:33:32	d-----w-	C:\Users\***\AppData\Roaming\Google
2012-10-11 17:35:50	d-----w-	C:\Users\***\AppData\Roaming\Macromedia
2012-10-12 16:12:24	d-----w-	C:\Users\***\AppData\Roaming\Canon
2012-12-21 08:50:24	d-----w-	C:\Users\***\AppData\Roaming\Avira
2013-02-21 14:21:49	d-----w-	C:\Users\***\AppData\Roaming\Mozilla
2013-05-15 13:58:20	d-----w-	C:\Users\***\AppData\Roaming\Malwarebytes

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2148369650-1481080501-3592823048-1116\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"DellControlPoint"="C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe"
"WavXMgr"="C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe"
"USCService"="C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe"
"PDVDDXSrv"="C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
"Dell Webcam Central"="C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"
"FreePDF Assistant"="C:\Program Files\FreePDF_XP\fpassist.exe"
"MFNetworkScanUtility"="C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==== Startup Folders ======================

2010-08-16 21:50:46	834	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
2010-08-16 21:43:38	2273	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
2010-08-16 21:48:40	2213	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TdmNotify.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.05.2013 11:18]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11.10.2010 14:22]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undertermined Task]
         

Grüße Leemur

Alt 17.05.2013, 10:40   #8
smeenk
/// Malwareteam / Visitor
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Es sieht eigentlich sehr gut aus

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


Erzähle mir auch ob Du momentan noch Probleme bemerkst ?

Alt 17.05.2013, 14:37   #9
Leemur
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Also so bemerke ich keine Probleme weiter.
Allerdings muss ich auch dazu sagen das ich das mit dem Onlinebanking erst wieder Testen kann, wenn ich meine neuen Nummern zugesand bekommen habe.

Ich danke dir aber auf jedenfall schonmal hier für deine Intensive Hilfe.
Es ist nicht umbedingt selbstverständlich das einem so geholfen wirrd =)

Anbei nun noch die Logs.

AdwCleanerS1
Code:
ATTFilter
# AdwCleaner v2.301 - Datei am 17/05/2013 um 14:44:29 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Professional  (32 bits)
# Benutzer : schwoy - PCGNBMS
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\CASS\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\***\AppData\Roaming\dvdvideosoftiehelpers

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7600.17267

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v14.0.1 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ebrxyid0.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kld8xk1k.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1198 octets] - [17/05/2013 14:44:29]

########## EOF - C:\AdwCleaner[S1].txt - [1258 octets] ##########
         
system-log
Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.261000 GHz
Memory total: 3680346112, free: 2480623616

------------ Kernel report ------------
     05/17/2013 14:50:10
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\sppv.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\stdfltn.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\PBADRV.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETw5s32.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\risdpe86.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\b57nd60x.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\Impcd.sys
\SystemRoot\System32\Drivers\ajrz6l15.SYS
\SystemRoot\system32\DRIVERS\Accelern.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\CtClsFlt.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\odysseyIM3.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\drivers\btwampfl.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\WavxDMgr.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Program Files\DAEMON Tools Lite\Engine.dll
\Windows\System32\imm32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\nsi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\wininet.dll
\Windows\System32\shlwapi.dll
\Windows\System32\lpk.dll
\Windows\System32\usp10.dll
\Windows\System32\difxapi.dll
\Windows\System32\user32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msctf.dll
\Windows\System32\iertutil.dll
\Windows\System32\advapi32.dll
\Windows\System32\urlmon.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shell32.dll
\Windows\System32\normaliz.dll
\Windows\System32\kernel32.dll
\Windows\System32\sechost.dll
\Windows\System32\imagehlp.dll
\Windows\System32\clbcatq.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\gdi32.dll
\Windows\System32\psapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\crypt32.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff888b9598
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000080\
Lower Device Object: 0xffffffff8878ec00
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff883d6030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff867e2028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
Downloaded database version: v2013.05.17.04
Downloaded database version: v2013.05.14.03
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff883d6030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff883d51d8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff883d6030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff883d5530, DeviceName: Unknown, DriverName: \Driver\stdflt\
DevicePointer: 0xffffffff868339b8, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff867e2028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffb65940a0, 0xffffffff883d6030, 0xffffffff8621e3d8
Lower DeviceData: 0xffffffffb7047130, 0xffffffff867e2028, 0xffffffff86158cf0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\Windows\system32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 80E7D225

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 80262

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 81920  Numsec = 30720000
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 30801920  Numsec = 457593200

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-488377168-488397168)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff888b9598, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff888da020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff888b9598, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8878ec00, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffb7c71478, 0xffffffff888b9598, 0xffffffff86222440
Lower DeviceData: 0xffffffffb6541ac0, 0xffffffff8878ec00, 0xffffffff8610aab8
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5EDEED

Partition information:

    Partition 0 type is Other (0xe)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 997568
    Partition file system is FAT
    Partition is not bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 510787072 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Infected: HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} --> [Hijack.Trojan.Siredef.C]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Executing an action fixdamage.exe...
Success!
Removal successful. No system shutdown is required.
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.261000 GHz
Memory total: 3680346112, free: 2786340864

Removal queue found; removal started
Removal finished
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.261000 GHz
Memory total: 3680346112, free: 2626117632

------------ Kernel report ------------
     05/17/2013 15:09:36
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\spju.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\stdfltn.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\PBADRV.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETw5s32.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\risdpe86.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\b57nd60x.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\Impcd.sys
\SystemRoot\System32\Drivers\a46496mc.SYS
\SystemRoot\system32\DRIVERS\Accelern.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\CtClsFlt.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\odysseyIM3.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\btwampfl.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\WavxDMgr.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\clbcatq.dll
\Windows\System32\imm32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\setupapi.dll
\Windows\System32\wininet.dll
\Windows\System32\urlmon.dll
\Program Files\DAEMON Tools Lite\Engine.dll
\Windows\System32\nsi.dll
\Windows\System32\difxapi.dll
\Windows\System32\ole32.dll
\Windows\System32\shell32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\lpk.dll
\Windows\System32\usp10.dll
\Windows\System32\advapi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\psapi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\sechost.dll
\Windows\System32\user32.dll
\Windows\System32\kernel32.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\gdi32.dll
\Windows\System32\normaliz.dll
\Windows\System32\msctf.dll
\Windows\System32\oleaut32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\wintrust.dll
\Windows\System32\crypt32.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff8a648ac8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007a\
Lower Device Object: 0xffffffff8a3eb498
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff883d0030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff867e1028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff883d0030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff883d0d10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff883d0030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff883cf700, DeviceName: Unknown, DriverName: \Driver\stdflt\
DevicePointer: 0xffffffff868789b8, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff867e1028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffb7d63828, 0xffffffff883d0030, 0xffffffff85c1e4b0
Lower DeviceData: 0xffffffffb814b048, 0xffffffff867e1028, 0xffffffff85d90d18
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\Windows\system32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 80E7D225

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 80262

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 81920  Numsec = 30720000
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 30801920  Numsec = 457593200

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-488377168-488397168)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8a648ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a3528b8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8a648ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8a3eb498, DeviceName: \Device\0000007a\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffb3f00cc8, 0xffffffff8a648ac8, 0xffffffff85c41048
Lower DeviceData: 0xffffffffb2690c70, 0xffffffff8a3eb498, 0xffffffff8842c4a8
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5EDEED

Partition information:

    Partition 0 type is Other (0xe)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 997568
    Partition file system is FAT
    Partition is not bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 510787072 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
         
mbar-log-15:05
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.17.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
*** :: *** [administrator]

17.05.2013 15:05:28
mbar-log-2013-05-17 (15-05-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28407
Time elapsed: 13 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Hijack.Trojan.Siredef.C) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
mbar-log-15:25

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.17.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
*** :: *** [administrator]

17.05.2013 15:25:05
mbar-log-2013-05-17 (15-25-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28407
Time elapsed: 15 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
viele Grüße

Leemur

Alt 17.05.2013, 15:00   #10
smeenk
/// Malwareteam / Visitor
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Es sieht gut aus

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

Alt 17.05.2013, 15:20   #11
Leemur
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Hier nun der Security Check Log:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.63  
 Windows 7  x86 (UAC is enabled)  
 Out of date service pack!! 
 Internet Explorer 8 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 21  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox 14.0.1 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
viele Grüße

leemur

Alt 17.05.2013, 15:33   #12
smeenk
/// Malwareteam / Visitor
 
Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Standard

Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank



Veraltete Software ist eine Sicherheitsrisiko, hier gibt es noch einiges zu tun

Windows 7 und Windows Server 2008 R2 Service Pack 1 (KB976932) aus dem Microsoft Download Center herunterladen.

Firefox auf die letzte Version aktualisieren | Hilfe zu Firefox

Adobe - Adobe Reader herunterladen - Alle Versionen

Wenn Du alles abgearbeitet hast eine neue SecurityCheck-Log erstellen.
Poste mir bitte diese Log

Antwort

Themen zu Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank
arbeiten, aufsetzen, bild, browser, daten, deutsche, ebanking, erlaubt, gestern, guten, klicke, kunde, kundendaten, morgen, neuer, nichts, nummern, onlinebanking, problem, prozess, ratlos, recht, scan, stelle, system, system neu, tan, versuche, ändern



Ähnliche Themen: Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank


  1. Bank Austria Onlinebanking, falsche Webseite
    Plagegeister aller Art und deren Bekämpfung - 19.11.2015 (16)
  2. Onlinebanking Zugang von der Bank gesperrt - keine Infektion gefunden
    Log-Analyse und Auswertung - 09.10.2015 (20)
  3. Bank Austria Onlinebanking - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.08.2015 (17)
  4. Windows 7: mitb Trojaner - Onlinebanking wurde von Bank gesperrt
    Log-Analyse und Auswertung - 04.06.2014 (1)
  5. Multi-Tan-Trojaner blockiert Online-Banking-Seite der Deutschen Bank
    Log-Analyse und Auswertung - 04.05.2013 (3)
  6. Trojan.Agent.IET / IPH.Trojan.Zbot.Rke / 100er Tan Abfrage OnlineBanking Deutsche Bank
    Log-Analyse und Auswertung - 27.03.2013 (10)
  7. TR/Agent.ar.55 mit Folge beim Onlinebanking
    Log-Analyse und Auswertung - 01.06.2011 (10)
  8. TR/Kazy.23983.3 Trojaner beim Onlinebanking
    Log-Analyse und Auswertung - 26.05.2011 (2)
  9. 20-TAN-Trojaner beim Onlinebanking (Sparkasse) entdeckt
    Log-Analyse und Auswertung - 19.05.2011 (1)
  10. Trojaner beim Onlinebanking?
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (9)
  11. 20 TANs von Deutsche Bank OnlineBanking gefordert
    Plagegeister aller Art und deren Bekämpfung - 10.02.2011 (27)
  12. tanabfrage deutschebank, tanwurm, trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.01.2011 (6)
  13. 100 TAN beim Postbank Onlinebanking eingeben?
    Plagegeister aller Art und deren Bekämpfung - 02.01.2011 (4)
  14. TAN Trojaner beim Online Banking der Deutschen Bank :(
    Plagegeister aller Art und deren Bekämpfung - 15.09.2010 (12)
  15. Probleme beim Onlinebanking
    Plagegeister aller Art und deren Bekämpfung - 11.09.2010 (12)
  16. Tan Phishing Versuch beim Onlinebanking
    Plagegeister aller Art und deren Bekämpfung - 08.09.2010 (12)
  17. Popupfenster beim IE und Notebook startet selbstständig aus dem Standbymodus
    Log-Analyse und Auswertung - 11.10.2008 (9)

Zum Thema Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank - Guten Morgen Trojaner-Board-Team, ich habe seit gestern ein Problem bei meinem Onlinebanking der Deutschen Bank. Jedesmal wenn ich versuche mich mit meinen Kundendaten einzuloggen, erscheint ein Popup- Fenster, welches 100 - Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank...
Archiv
Du betrachtest: Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.