| |
| |||||||
Log-Analyse und Auswertung: Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht startenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
08.06.2012, 10:13
| #1 | |
 |  Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten Hallo, ich habe das gleiche Problem wie hier bereits von mehreren Usern beschrieben: Google-Link-Umleitung über "Rocketnews" oder "Rcoknseetw" usw. auf meist US-Werbeseiten. Zusätzlich lässt sich das Windows-Sicherheitscenter nicht starten mit Fehlermeldung #1058. Keine Funde bei Avira und tdsskiller. Browser Opera. Ich habe wie in der Anleitung beschrieben defogger, OTL und GMER laufen lassen. Zusätzlich Malwarebytes. Könnt Ihr Euch die Logfiles bitte mal ansehen und mir weiterhelfen? Danke im Voraus und viele Grüße!! J. Zitat:
|
|
08.06.2012, 16:09
| #2 | |
| | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten ....das hat ESET gefunden:
__________________Zitat:
VG J |
|
13.06.2012, 10:05
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
__________________Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.
__________________ |
|
13.06.2012, 20:47
| #4 | |||||
| | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten Hallo Arne, danke!! Hier die Logs: Zitat:
Zitat:
Zitat:
Zitat:
Zitat:
|
|
13.06.2012, 21:37
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.06.2012, 08:21
| #6 |
| | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten naja: 1) -Windows Sicherheitscenter lässt sich immer noch nicht aktivieren -heute früh hat der Rechner eine Systemstartreparatur durchführen müssen, er hatte vorgestern abend beim runterfahren noch Updates geladen. Gestern hatte ich ihn nicht an.. 2) -alle Ordner sind da, betitelt und nicht leer. |
|
15.06.2012, 14:12
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.06.2012, 21:03
| #8 |
| | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten Code:
ATTFilter OTL logfile created on: 6/17/2012 9:46:48 PM - Run 5 OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\*******\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.96 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 64.85% Memory free 3.92 Gb Paging File | 2.95 Gb Available in Paging File | 75.19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 50.00 Gb Total Space | 9.17 Gb Free Space | 18.34% Space Free | Partition Type: NTFS Drive D: | 246.08 Gb Total Space | 22.71 Gb Free Space | 9.23% Space Free | Partition Type: NTFS Computer Name: PHOENIX | User Name: ******* | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/04 09:57:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\*******\Desktop\OTL.exe PRC - [2012/05/02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2012/05/02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2012/05/02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2012/04/24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011/09/06 02:45:26 | 000,532,592 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\taxaktuell.exe PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/05/17 13:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/07/08 21:58:26 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\YouCam\YouCamTray.exe PRC - [2009/02/19 14:46:26 | 000,341,264 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ========== Modules (No Company Name) ========== MOD - [2011/09/06 09:48:02 | 007,809,536 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\wgui11.dll MOD - [2011/09/06 09:47:20 | 000,007,168 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\rscorewinapi47.dll MOD - [2011/09/06 03:23:18 | 004,449,792 | ---- | M] () -- C:\PROGRAM FILES\BUHL FINANCE\TAX STEUERSOFTWARE 2011\wstyle11.dll MOD - [2011/09/06 03:23:17 | 008,632,320 | ---- | M] () -- C:\PROGRAM FILES\BUHL FINANCE\TAX STEUERSOFTWARE 2011\wstyle511.dll MOD - [2011/09/06 03:21:42 | 004,233,728 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\wauff11.dll MOD - [2011/09/06 03:16:54 | 001,807,360 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\wfvie11.dll MOD - [2011/09/06 02:45:26 | 000,532,592 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\taxaktuell.exe MOD - [2011/09/06 02:32:22 | 001,371,648 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\wreli11.dll MOD - [2011/09/06 02:30:25 | 000,130,048 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\rsodbc47.dll MOD - [2011/09/06 02:30:14 | 000,028,672 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\rsdcom47.dll MOD - [2011/09/06 02:15:06 | 003,111,424 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\wcore11.dll MOD - [2011/09/06 02:10:09 | 001,367,040 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\wsteu11.dll MOD - [2011/09/06 02:07:58 | 000,314,880 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\rsguiwinapi47.dll MOD - [2011/03/21 13:49:42 | 000,701,952 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtSqlrs47.dll MOD - [2011/02/01 10:17:40 | 000,357,376 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtXmlrs47.dll MOD - [2011/02/01 10:17:19 | 011,162,624 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtWebKitrs47.dll MOD - [2011/02/01 10:17:18 | 000,280,576 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtSvgrs47.dll MOD - [2011/02/01 10:17:18 | 000,096,256 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtTestrs47.dll MOD - [2011/02/01 10:17:17 | 001,329,152 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtScriptrs47.dll MOD - [2011/02/01 10:17:16 | 000,925,696 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtNetworkrs47.dll MOD - [2011/02/01 10:17:13 | 008,854,016 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtGuirs47.dll MOD - [2011/02/01 10:17:10 | 002,394,112 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\Qt3Supportrs47.dll MOD - [2011/02/01 10:17:10 | 002,341,376 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\QtCorers47.dll MOD - [2011/02/01 10:17:09 | 000,271,360 | ---- | M] () -- C:\Program Files\Buhl finance\tax Steuersoftware 2011\phononrs47.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService) SRV - [2012/05/02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012/05/02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/11/20 14:19:33 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2010/11/05 03:52:39 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2009/07/14 03:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\wscsvc.dll -- (wscsvc) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009/07/14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2009/02/19 14:46:26 | 000,341,264 | ---- | M] (Fujitsu Technology Solutions) [Auto | Running] -- C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter) DRV - [2012/04/27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012/04/25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012/04/16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 10:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/10/06 01:31:48 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009/07/14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2009/07/14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2009/07/14 01:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2009/05/18 14:20:40 | 000,119,256 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/burn4free/{57CA7441-103A-495F-B327-99A6F505464F} IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {4783E907-3790-41F9-806E-BD1732B57A6C} IE - HKLM\..\SearchScopes\{4783E907-3790-41F9-806E-BD1732B57A6C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSA IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSA&bmod=EU01 IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.ts.fujitsu.com/index2 [binary data] IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ts.fujitsu.com/index2 [binary data] IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/burn4free/{57CA7441-103A-495F-B327-99A6F505464F} IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Burn4Free DB Toolbar\tbhelper.dll () IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\SearchScopes,DefaultScope = {4783E907-3790-41F9-806E-BD1732B57A6C} IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\SearchScopes\{4783E907-3790-41F9-806E-BD1732B57A6C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSA_deDE381 IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/burn4free/{57CA7441-103A-495F-B327-99A6F505464F}?q={searchTerms} IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\Toolbar\WebBrowser: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll () O3 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe File not found O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe File not found O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe File not found O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - c:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5C961D9-7B67-4619-AF6D-840EBBFA9FEE}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - c:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: 23430681.sys - Driver SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: 23430681.sys - Driver SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/06/08 22:18:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012/06/08 22:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012/06/08 22:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012/06/08 22:17:11 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\*******\Desktop\spybotsd162.exe [2012/06/08 11:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012/06/08 11:16:13 | 002,322,184 | ---- | C] (ESET) -- C:\Users\*******\Desktop\esetsmartinstaller_enu.exe [2012/06/04 10:26:56 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012/06/04 10:16:10 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\*******\Desktop\tdsskiller.exe [2012/06/04 09:57:42 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\*******\Desktop\OTL.exe [2012/05/29 09:45:23 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Malwarebytes [2012/05/29 09:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/05/29 09:41:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/05/29 09:41:46 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012/05/29 09:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/05/23 10:18:28 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Avira [2012/05/23 10:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012/05/23 10:12:37 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012/05/23 10:12:36 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012/05/23 10:12:36 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2012/05/23 10:12:36 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys [2012/05/23 10:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012/05/23 10:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\Avira ========== Files - Modified Within 30 Days ========== [2012/06/17 21:06:10 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/06/17 21:06:10 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/06/17 21:05:24 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012/06/17 21:05:24 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/06/17 21:05:24 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012/06/17 21:05:24 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/06/17 20:58:39 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\imnidqq.job [2012/06/17 20:58:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/06/17 20:58:27 | 1579,847,680 | -HS- | M] () -- C:\hiberfil.sys [2012/06/17 08:20:13 | 000,479,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/06/08 22:18:53 | 000,001,226 | ---- | M] () -- C:\Users\*******\Desktop\Spybot - Search & Destroy.lnk [2012/06/08 22:17:22 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\*******\Desktop\spybotsd162.exe [2012/06/08 11:16:13 | 002,322,184 | ---- | M] (ESET) -- C:\Users\*******\Desktop\esetsmartinstaller_enu.exe [2012/06/08 11:06:50 | 000,011,732 | ---- | M] () -- C:\Users\*******\Desktop\logfiles.zip [2012/06/08 10:38:50 | 000,000,369 | ---- | M] () -- C:\Users\*******\Desktop\defogger_disable.zip [2012/06/08 10:33:23 | 000,000,000 | ---- | M] () -- C:\Users\*******\defogger_reenable [2012/06/08 10:00:30 | 000,302,592 | ---- | M] () -- C:\Users\*******\Desktop\l1lwb7bp.exe [2012/06/05 09:59:47 | 000,020,520 | ---- | M] () -- C:\Users\*******\Documents\tabelle-kirschsorten.pdf [2012/06/05 09:14:54 | 000,050,477 | ---- | M] () -- C:\Users\*******\Desktop\Defogger.exe [2012/06/04 10:16:10 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\*******\Desktop\tdsskiller.exe [2012/06/04 09:57:43 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\*******\Desktop\OTL.exe [2012/05/29 09:45:43 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/05/23 10:12:53 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk ========== Files Created - No Company Name ========== [2012/06/08 22:18:53 | 000,001,226 | ---- | C] () -- C:\Users\*******\Desktop\Spybot - Search & Destroy.lnk [2012/06/08 10:54:12 | 000,011,732 | ---- | C] () -- C:\Users\*******\Desktop\logfiles.zip [2012/06/08 10:38:50 | 000,000,369 | ---- | C] () -- C:\Users\*******\Desktop\defogger_disable.zip [2012/06/08 10:33:23 | 000,000,000 | ---- | C] () -- C:\Users\*******\defogger_reenable [2012/06/08 10:00:29 | 000,302,592 | ---- | C] () -- C:\Users\*******\Desktop\l1lwb7bp.exe [2012/06/05 09:59:47 | 000,020,520 | ---- | C] () -- C:\Users\*******\Documents\tabelle-kirschsorten.pdf [2012/06/05 09:14:54 | 000,050,477 | ---- | C] () -- C:\Users\*******\Desktop\Defogger.exe [2012/05/29 09:41:48 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012/05/23 10:12:53 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012/05/13 20:30:17 | 000,151,552 | RHS- | C] () -- C:\Windows\System32\tapi32N.dll [2011/02/23 14:14:16 | 000,044,544 | ---- | C] () -- C:\Windows\System32\mhproc.dll [2010/11/12 22:11:33 | 000,008,192 | -HS- | C] () -- C:\Windows\o2cLicStore.bin [2010/11/12 21:51:33 | 000,000,503 | ---- | C] () -- C:\Windows\System32\FeMakro.ini [2010/11/12 21:51:33 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini [2010/10/05 21:23:20 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe [2010/08/29 19:12:33 | 000,007,597 | ---- | C] () -- C:\Users\*******\AppData\Local\Resmon.ResmonCfg [2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2010/08/17 20:48:05 | 000,054,781 | ---- | C] () -- C:\Users\*******\AppData\Roaming\mdbu.bin ========== LOP Check ========== [2010/08/27 23:41:51 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Amazon [2010/05/28 10:15:40 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Buhl Data Service [2010/11/23 11:10:14 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Canneverbe Limited [2010/10/03 10:23:16 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Cornelsen [2011/02/24 10:12:56 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\KIDDINX [2010/10/05 21:18:52 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\OpenOffice.org [2011/04/13 14:51:36 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Opera [2012/06/17 20:58:39 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\imnidqq.job [2012/05/22 17:03:23 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010/05/28 14:40:21 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Adobe [2010/08/27 23:41:51 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Amazon [2012/05/23 10:18:28 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Avira [2010/07/01 09:22:05 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\AVS4YOU [2010/05/28 10:15:40 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Buhl Data Service [2010/11/23 11:10:14 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Canneverbe Limited [2010/10/03 10:23:16 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Cornelsen [2010/05/26 14:47:18 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\CyberLink [2010/05/27 10:04:57 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Google [2010/05/26 14:29:24 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Identities [2011/02/24 10:12:56 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\KIDDINX [2010/05/28 14:40:21 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Macromedia [2012/05/29 09:45:23 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Malwarebytes [2009/07/14 09:48:18 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Media Center Programs [2011/12/22 23:04:56 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Media Player Classic [2012/03/15 16:58:20 | 000,000,000 | --SD | M] -- C:\Users\*******\AppData\Roaming\Microsoft [2010/11/23 11:53:16 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Mozilla [2010/07/24 10:24:45 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Nero [2010/10/05 21:18:52 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\OpenOffice.org [2011/04/13 14:51:36 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Opera < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: IASTORV.SYS > [2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys [2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys [2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009/07/14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010/11/20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010/11/20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009/07/14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009/07/14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2012/05/13 20:30:17 | 000,151,552 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\system32\tapi32N.dll < End of report > |
|
18.06.2012, 10:03
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{57CA7441-103A-495F-B327-99A6F505464F}
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.ts.fujitsu.com/index2 [binary data]
IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.ts.fujitsu.com/index2 [binary data]
IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{57CA7441-103A-495F-B327-99A6F505464F}
IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Burn4Free DB Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\SearchScopes,DefaultScope = {4783E907-3790-41F9-806E-BD1732B57A6C}
IE - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/burn4free/{57CA7441-103A-495F-B327-99A6F505464F}?q={searchTerms}
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\Toolbar\WebBrowser: (Burn4Free DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files\Winload\tbWinl.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKU\S-1-5-21-1803844160-1376310933-1680390839-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
:Files
C:\Windows\tasks\imnidqq.job
C:\Program Files\Ask.com
C:\Windows\system32\tapi32N.dll
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.06.2012, 19:09
| #10 |
| | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten hallo arne, hier das log: Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ deleted successfully.
C:\Program Files\Winload\tbWinl.dll moved successfully.
HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-1803844160-1376310933-1680390839-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files\Winload\tbWinl.dll not found.
Registry value HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ deleted successfully.
C:\Program Files\Burn4Free DB Toolbar\tbhelper.dll moved successfully.
HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files\Winload\tbWinl.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ deleted successfully.
File C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files\Winload\tbWinl.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found.
File C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll not found.
Registry value HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{40C3CC16-7269-4B32-9531-17F2950FB06F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40C3CC16-7269-4B32-9531-17F2950FB06F}\ not found.
File C:\Program Files\Winload\tbWinl.dll not found.
Registry value HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1803844160-1376310933-1680390839-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
========== FILES ==========
C:\Windows\tasks\imnidqq.job moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Windows\system32\tapi32N.dll moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Journal
User: *****
->Temp folder emptied: 59693910 bytes
->Temporary Internet Files folder emptied: 53338272 bytes
->Java cache emptied: 1 bytes
->Opera cache emptied: 91431994 bytes
->Flash cache emptied: 2568 bytes
User: Public
User: RegBack
User: systemprofile
User: TxR
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30364794 bytes
RecycleBin emptied: 5212781330 bytes
Total Files Cleaned = 5,195.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Journal
User: ******
->Flash cache emptied: 0 bytes
User: Public
User: RegBack
User: systemprofile
User: TxR
Total Flash Files Cleaned = 0.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.46.0 log created on 06192012_195740
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
|
|
19.06.2012, 23:19
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen: 1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen! 2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen 3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! 4.) Wenns erfolgreich war Bescheid sagen 5.) Erst dann wieder den Virenscanner einschalten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.06.2012, 12:34
| #12 |
| | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten ok, upload hat geklappt, mit angegebenen Ordnereinstellungen... |
|
21.06.2012, 14:30
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht startenCode:
ATTFilter [2012/06/04 10:26:56 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/06/04 10:16:10 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users*****\Desktop\tdsskiller.exe
Dieses Tool ist KEIN Spielzeug! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.06.2012, 22:17
| #14 |
| | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten hallo arne, da kann ich nichts sinnvolles zur verteidigung bringen - ich habe gespielt... hier da aktuelle log, im anhang weitere vom 04.06./08.06. beim zweiten vom 04.06. war ich voreilig... Code:
ATTFilter 23:03:05.0764 2944 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
23:03:05.0779 2944 ============================================================
23:03:05.0779 2944 Current date / time: 2012/06/24 23:03:05.0779
23:03:05.0779 2944 SystemInfo:
23:03:05.0779 2944
23:03:05.0779 2944 OS Version: 6.1.7601 ServicePack: 1.0
23:03:05.0779 2944 Product type: Workstation
23:03:05.0779 2944 ComputerName: PHOENIX
23:03:05.0779 2944 UserName: *****
23:03:05.0779 2944 Windows directory: C:\Windows
23:03:05.0779 2944 System windows directory: C:\Windows
23:03:05.0779 2944 Processor architecture: Intel x86
23:03:05.0779 2944 Number of processors: 2
23:03:05.0779 2944 Page size: 0x1000
23:03:05.0779 2944 Boot type: Normal boot
23:03:05.0779 2944 ============================================================
23:03:06.0700 2944 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:03:06.0715 2944 ============================================================
23:03:06.0715 2944 \Device\Harddisk0\DR0:
23:03:06.0715 2944 MBR partitions:
23:03:06.0715 2944 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x40466C, BlocksNum 0x6400800
23:03:06.0715 2944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x6805000, BlocksNum 0x1EC29000
23:03:06.0715 2944 ============================================================
23:03:06.0746 2944 C: <-> \Device\Harddisk0\DR0\Partition0
23:03:06.0856 2944 D: <-> \Device\Harddisk0\DR0\Partition1
23:03:06.0856 2944 ============================================================
23:03:06.0856 2944 Initialize success
23:03:06.0856 2944 ============================================================
23:03:14.0125 3920 ============================================================
23:03:14.0125 3920 Scan started
23:03:14.0125 3920 Mode: Manual; SigCheck; TDLFS;
23:03:14.0125 3920 ============================================================
23:03:15.0482 3920 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
23:03:15.0607 3920 1394ohci - ok
23:03:15.0670 3920 61883 (beb5e6a8c17c3c7485563281e0f9e77e) C:\Windows\system32\DRIVERS\61883.sys
23:03:15.0763 3920 61883 - ok
23:03:15.0794 3920 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
23:03:15.0826 3920 ACPI - ok
23:03:15.0857 3920 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
23:03:15.0919 3920 AcpiPmi - ok
23:03:15.0982 3920 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:03:16.0013 3920 adp94xx - ok
23:03:16.0060 3920 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:03:16.0075 3920 adpahci - ok
23:03:16.0091 3920 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:03:16.0106 3920 adpu320 - ok
23:03:16.0138 3920 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
23:03:16.0200 3920 AeLookupSvc - ok
23:03:16.0247 3920 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
23:03:16.0309 3920 AFD - ok
23:03:16.0340 3920 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
23:03:16.0356 3920 agp440 - ok
23:03:16.0387 3920 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:03:16.0403 3920 aic78xx - ok
23:03:16.0434 3920 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
23:03:16.0512 3920 ALG - ok
23:03:16.0528 3920 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
23:03:16.0543 3920 aliide - ok
23:03:16.0559 3920 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
23:03:16.0574 3920 amdagp - ok
23:03:16.0590 3920 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
23:03:16.0606 3920 amdide - ok
23:03:16.0637 3920 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:03:16.0684 3920 AmdK8 - ok
23:03:16.0699 3920 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:03:16.0730 3920 AmdPPM - ok
23:03:16.0777 3920 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
23:03:16.0793 3920 amdsata - ok
23:03:16.0824 3920 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:03:16.0855 3920 amdsbs - ok
23:03:16.0855 3920 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
23:03:16.0871 3920 amdxata - ok
23:03:16.0949 3920 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:03:16.0980 3920 AntiVirSchedulerService - ok
23:03:17.0027 3920 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:03:17.0042 3920 AntiVirService - ok
23:03:17.0074 3920 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
23:03:17.0120 3920 AppID - ok
23:03:17.0167 3920 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
23:03:17.0214 3920 AppIDSvc - ok
23:03:17.0261 3920 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
23:03:17.0308 3920 Appinfo - ok
23:03:17.0339 3920 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:03:17.0354 3920 arc - ok
23:03:17.0386 3920 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:03:17.0401 3920 arcsas - ok
23:03:17.0432 3920 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:17.0542 3920 AsyncMac - ok
23:03:17.0573 3920 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
23:03:17.0588 3920 atapi - ok
23:03:17.0666 3920 athr (b01751cc563aecac09bbe36aaa21fbef) C:\Windows\system32\DRIVERS\athr.sys
23:03:17.0744 3920 athr - ok
23:03:17.0791 3920 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:03:17.0838 3920 AudioEndpointBuilder - ok
23:03:17.0838 3920 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:03:17.0869 3920 Audiosrv - ok
23:03:17.0932 3920 Avc (c44bdd77e06053cf5afe046f3a47c16b) C:\Windows\system32\DRIVERS\avc.sys
23:03:17.0978 3920 Avc - ok
23:03:18.0041 3920 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
23:03:18.0072 3920 avgntflt - ok
23:03:18.0088 3920 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
23:03:18.0119 3920 avipbb - ok
23:03:18.0134 3920 avkmgr (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS\avkmgr.sys
23:03:18.0150 3920 avkmgr - ok
23:03:18.0228 3920 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
23:03:18.0322 3920 AxInstSV - ok
23:03:18.0368 3920 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:03:18.0462 3920 b06bdrv - ok
23:03:18.0493 3920 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:03:18.0524 3920 b57nd60x - ok
23:03:18.0587 3920 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
23:03:18.0649 3920 BDESVC - ok
23:03:18.0665 3920 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:03:18.0712 3920 Beep - ok
23:03:18.0774 3920 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
23:03:18.0821 3920 BFE - ok
23:03:18.0883 3920 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
23:03:18.0930 3920 BITS - ok
23:03:18.0961 3920 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:03:18.0992 3920 blbdrive - ok
23:03:19.0024 3920 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
23:03:19.0039 3920 bowser - ok
23:03:19.0070 3920 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:03:19.0102 3920 BrFiltLo - ok
23:03:19.0133 3920 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:03:19.0180 3920 BrFiltUp - ok
23:03:19.0211 3920 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
23:03:19.0258 3920 Browser - ok
23:03:19.0273 3920 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:03:19.0351 3920 Brserid - ok
23:03:19.0367 3920 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:03:19.0429 3920 BrSerWdm - ok
23:03:19.0460 3920 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:03:19.0507 3920 BrUsbMdm - ok
23:03:19.0523 3920 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:03:19.0585 3920 BrUsbSer - ok
23:03:19.0601 3920 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:03:19.0648 3920 BTHMODEM - ok
23:03:19.0694 3920 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
23:03:19.0772 3920 bthserv - ok
23:03:19.0804 3920 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:03:19.0850 3920 cdfs - ok
23:03:19.0897 3920 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
23:03:19.0944 3920 cdrom - ok
23:03:19.0991 3920 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:03:20.0053 3920 CertPropSvc - ok
23:03:20.0084 3920 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:03:20.0116 3920 circlass - ok
23:03:20.0162 3920 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:03:20.0178 3920 CLFS - ok
23:03:20.0240 3920 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:03:20.0240 3920 clr_optimization_v2.0.50727_32 - ok
23:03:20.0272 3920 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:03:20.0303 3920 CmBatt - ok
23:03:20.0334 3920 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
23:03:20.0350 3920 cmdide - ok
23:03:20.0381 3920 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
23:03:20.0412 3920 CNG - ok
23:03:20.0428 3920 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:03:20.0443 3920 Compbatt - ok
23:03:20.0474 3920 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
23:03:20.0490 3920 CompositeBus - ok
23:03:20.0506 3920 COMSysApp - ok
23:03:20.0537 3920 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:03:20.0552 3920 crcdisk - ok
23:03:20.0584 3920 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
23:03:20.0630 3920 CryptSvc - ok
23:03:20.0677 3920 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:03:20.0724 3920 DcomLaunch - ok
23:03:20.0771 3920 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
23:03:20.0802 3920 defragsvc - ok
23:03:20.0849 3920 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
23:03:20.0880 3920 DfsC - ok
23:03:20.0942 3920 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
23:03:20.0989 3920 Dhcp - ok
23:03:21.0005 3920 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:03:21.0067 3920 discache - ok
23:03:21.0098 3920 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:03:21.0114 3920 Disk - ok
23:03:21.0145 3920 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
23:03:21.0208 3920 Dnscache - ok
23:03:21.0254 3920 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
23:03:21.0317 3920 dot3svc - ok
23:03:21.0348 3920 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
23:03:21.0395 3920 DPS - ok
23:03:21.0426 3920 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:03:21.0457 3920 drmkaud - ok
23:03:21.0520 3920 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
23:03:21.0551 3920 DXGKrnl - ok
23:03:21.0582 3920 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
23:03:21.0629 3920 EapHost - ok
23:03:21.0800 3920 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:03:21.0878 3920 ebdrv - ok
23:03:21.0988 3920 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
23:03:22.0066 3920 EFS - ok
23:03:22.0144 3920 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
23:03:22.0237 3920 ehRecvr - ok
23:03:22.0253 3920 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
23:03:22.0315 3920 ehSched - ok
23:03:22.0393 3920 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:03:22.0409 3920 elxstor - ok
23:03:22.0440 3920 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
23:03:22.0487 3920 ErrDev - ok
23:03:22.0534 3920 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
23:03:22.0596 3920 EventSystem - ok
23:03:22.0627 3920 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:03:22.0674 3920 exfat - ok
23:03:22.0705 3920 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:03:22.0752 3920 fastfat - ok
23:03:22.0814 3920 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
23:03:22.0892 3920 Fax - ok
23:03:22.0908 3920 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:03:22.0939 3920 fdc - ok
23:03:22.0970 3920 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
23:03:23.0033 3920 fdPHost - ok
23:03:23.0048 3920 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
23:03:23.0095 3920 FDResPub - ok
23:03:23.0126 3920 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:03:23.0142 3920 FileInfo - ok
23:03:23.0158 3920 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:03:23.0204 3920 Filetrace - ok
23:03:23.0220 3920 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:03:23.0251 3920 flpydisk - ok
23:03:23.0423 3920 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:03:23.0454 3920 FltMgr - ok
23:03:23.0501 3920 FontCache (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
23:03:23.0563 3920 FontCache - ok
23:03:23.0657 3920 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:03:23.0672 3920 FontCache3.0.0.0 - ok
23:03:23.0688 3920 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:03:23.0704 3920 FsDepends - ok
23:03:23.0735 3920 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
23:03:23.0750 3920 Fs_Rec - ok
23:03:23.0797 3920 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
23:03:23.0813 3920 fvevol - ok
23:03:23.0844 3920 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:03:23.0860 3920 gagp30kx - ok
23:03:23.0891 3920 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
23:03:23.0953 3920 gpsvc - ok
23:03:24.0000 3920 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:03:24.0062 3920 hcw85cir - ok
23:03:24.0125 3920 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
23:03:24.0172 3920 HdAudAddService - ok
23:03:24.0203 3920 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
23:03:24.0250 3920 HDAudBus - ok
23:03:24.0281 3920 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:03:24.0328 3920 HidBatt - ok
23:03:24.0343 3920 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:03:24.0374 3920 HidBth - ok
23:03:24.0406 3920 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:03:24.0437 3920 HidIr - ok
23:03:24.0468 3920 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
23:03:24.0530 3920 hidserv - ok
23:03:24.0577 3920 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
23:03:24.0624 3920 HidUsb - ok
23:03:24.0655 3920 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
23:03:24.0718 3920 hkmsvc - ok
23:03:24.0749 3920 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
23:03:24.0811 3920 HomeGroupListener - ok
23:03:24.0842 3920 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
23:03:24.0874 3920 HomeGroupProvider - ok
23:03:24.0905 3920 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
23:03:24.0920 3920 HpSAMD - ok
23:03:24.0983 3920 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
23:03:25.0014 3920 HTTP - ok
23:03:25.0030 3920 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
23:03:25.0045 3920 hwpolicy - ok
23:03:25.0076 3920 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
23:03:25.0108 3920 i8042prt - ok
23:03:25.0139 3920 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
23:03:25.0170 3920 iaStorV - ok
23:03:25.0295 3920 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:03:25.0326 3920 idsvc - ok
23:03:25.0700 3920 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
23:03:26.0012 3920 igfx - ok
23:03:26.0153 3920 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:03:26.0168 3920 iirsp - ok
23:03:26.0246 3920 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
23:03:26.0309 3920 IKEEXT - ok
23:03:26.0527 3920 IntcAzAudAddService (4440fd5ee670dfbbbfdb9742ea8f51e6) C:\Windows\system32\drivers\RTKVHDA.sys
23:03:26.0605 3920 IntcAzAudAddService - ok
23:03:26.0714 3920 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
23:03:26.0730 3920 intelide - ok
23:03:26.0761 3920 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:03:26.0808 3920 intelppm - ok
23:03:26.0824 3920 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
23:03:26.0886 3920 IPBusEnum - ok
23:03:26.0902 3920 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:26.0948 3920 IpFilterDriver - ok
23:03:26.0980 3920 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
23:03:27.0042 3920 iphlpsvc - ok
23:03:27.0073 3920 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
23:03:27.0120 3920 IPMIDRV - ok
23:03:27.0136 3920 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:03:27.0182 3920 IPNAT - ok
23:03:27.0198 3920 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:03:27.0229 3920 IRENUM - ok
23:03:27.0260 3920 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
23:03:27.0276 3920 isapnp - ok
23:03:27.0292 3920 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
23:03:27.0307 3920 iScsiPrt - ok
23:03:27.0338 3920 JMCR (2137795d207280d5707554aaf936fd19) C:\Windows\system32\DRIVERS\jmcr.sys
23:03:27.0385 3920 JMCR - ok
23:03:27.0416 3920 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
23:03:27.0432 3920 kbdclass - ok
23:03:27.0463 3920 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
23:03:27.0494 3920 kbdhid - ok
23:03:27.0526 3920 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:03:27.0541 3920 KeyIso - ok
23:03:27.0541 3920 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
23:03:27.0557 3920 KSecDD - ok
23:03:27.0588 3920 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
23:03:27.0604 3920 KSecPkg - ok
23:03:27.0635 3920 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
23:03:27.0666 3920 KtmRm - ok
23:03:27.0697 3920 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
23:03:27.0728 3920 LanmanServer - ok
23:03:27.0775 3920 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
23:03:27.0838 3920 LanmanWorkstation - ok
23:03:27.0884 3920 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:03:27.0947 3920 lltdio - ok
23:03:27.0978 3920 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
23:03:28.0025 3920 lltdsvc - ok
23:03:28.0040 3920 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
23:03:28.0087 3920 lmhosts - ok
23:03:28.0134 3920 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:03:28.0165 3920 LSI_FC - ok
23:03:28.0196 3920 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:03:28.0212 3920 LSI_SAS - ok
23:03:28.0243 3920 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:03:28.0259 3920 LSI_SAS2 - ok
23:03:28.0259 3920 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:03:28.0274 3920 LSI_SCSI - ok
23:03:28.0306 3920 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:03:28.0352 3920 luafv - ok
23:03:28.0399 3920 massfilter - ok
23:03:28.0477 3920 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
23:03:28.0508 3920 Mcx2Svc - ok
23:03:28.0524 3920 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:03:28.0540 3920 megasas - ok
23:03:28.0571 3920 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:03:28.0586 3920 MegaSR - ok
23:03:28.0618 3920 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:03:28.0664 3920 MMCSS - ok
23:03:28.0680 3920 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:03:28.0742 3920 Modem - ok
23:03:28.0774 3920 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:03:28.0789 3920 monitor - ok
23:03:28.0820 3920 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
23:03:28.0836 3920 mouclass - ok
23:03:28.0867 3920 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:03:28.0898 3920 mouhid - ok
23:03:28.0945 3920 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
23:03:28.0961 3920 mountmgr - ok
23:03:28.0992 3920 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
23:03:29.0008 3920 mpio - ok
23:03:29.0023 3920 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:03:29.0070 3920 mpsdrv - ok
23:03:29.0117 3920 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
23:03:29.0179 3920 MpsSvc - ok
23:03:29.0226 3920 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
23:03:29.0242 3920 MRxDAV - ok
23:03:29.0288 3920 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:29.0351 3920 mrxsmb - ok
23:03:29.0382 3920 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:29.0398 3920 mrxsmb10 - ok
23:03:29.0413 3920 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:29.0444 3920 mrxsmb20 - ok
23:03:29.0476 3920 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
23:03:29.0476 3920 msahci - ok
23:03:29.0507 3920 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
23:03:29.0522 3920 msdsm - ok
23:03:29.0554 3920 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
23:03:29.0569 3920 MSDTC - ok
23:03:29.0616 3920 MSDV (114b67c324d64c8195fd3bf93b4df02a) C:\Windows\system32\DRIVERS\msdv.sys
23:03:29.0647 3920 MSDV - ok
23:03:29.0678 3920 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:03:29.0710 3920 Msfs - ok
23:03:29.0741 3920 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:03:29.0788 3920 mshidkmdf - ok
23:03:29.0819 3920 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
23:03:29.0819 3920 msisadrv - ok
23:03:29.0866 3920 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
23:03:29.0912 3920 MSiSCSI - ok
23:03:29.0912 3920 msiserver - ok
23:03:29.0959 3920 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:03:30.0022 3920 MSKSSRV - ok
23:03:30.0037 3920 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:30.0084 3920 MSPCLOCK - ok
23:03:30.0115 3920 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:03:30.0162 3920 MSPQM - ok
23:03:30.0178 3920 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:03:30.0193 3920 MsRPC - ok
23:03:30.0224 3920 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
23:03:30.0240 3920 mssmbios - ok
23:03:30.0271 3920 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:03:30.0302 3920 MSTEE - ok
23:03:30.0302 3920 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:03:30.0334 3920 MTConfig - ok
23:03:30.0365 3920 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:03:30.0380 3920 Mup - ok
23:03:30.0412 3920 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
23:03:30.0474 3920 napagent - ok
23:03:30.0521 3920 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:03:30.0583 3920 NativeWifiP - ok
23:03:30.0646 3920 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
23:03:30.0661 3920 NDIS - ok
23:03:30.0677 3920 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:03:30.0724 3920 NdisCap - ok
23:03:30.0755 3920 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:30.0802 3920 NdisTapi - ok
23:03:30.0848 3920 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:30.0864 3920 Ndisuio - ok
23:03:30.0895 3920 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:30.0958 3920 NdisWan - ok
23:03:30.0989 3920 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
23:03:31.0020 3920 NDProxy - ok
23:03:31.0051 3920 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:03:31.0082 3920 NetBIOS - ok
23:03:31.0114 3920 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
23:03:31.0160 3920 NetBT - ok
23:03:31.0192 3920 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:03:31.0207 3920 Netlogon - ok
23:03:31.0254 3920 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
23:03:31.0301 3920 Netman - ok
23:03:31.0348 3920 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
23:03:31.0394 3920 netprofm - ok
23:03:31.0472 3920 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:03:31.0488 3920 NetTcpPortSharing - ok
23:03:31.0519 3920 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:03:31.0535 3920 nfrd960 - ok
23:03:31.0550 3920 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
23:03:31.0613 3920 NlaSvc - ok
23:03:31.0660 3920 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:03:31.0706 3920 Npfs - ok
23:03:31.0722 3920 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
23:03:31.0769 3920 nsi - ok
23:03:31.0800 3920 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:03:31.0831 3920 nsiproxy - ok
23:03:31.0894 3920 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
23:03:31.0925 3920 Ntfs - ok
23:03:31.0956 3920 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:03:32.0003 3920 Null - ok
23:03:32.0034 3920 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
23:03:32.0050 3920 nvraid - ok
23:03:32.0065 3920 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
23:03:32.0081 3920 nvstor - ok
23:03:32.0096 3920 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
23:03:32.0112 3920 nv_agp - ok
23:03:32.0206 3920 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:03:32.0237 3920 odserv - ok
23:03:32.0252 3920 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
23:03:32.0284 3920 ohci1394 - ok
23:03:32.0330 3920 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:32.0346 3920 ose - ok
23:03:32.0408 3920 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:03:32.0455 3920 p2pimsvc - ok
23:03:32.0486 3920 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
23:03:32.0533 3920 p2psvc - ok
23:03:32.0564 3920 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:03:32.0596 3920 Parport - ok
23:03:32.0627 3920 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
23:03:32.0658 3920 partmgr - ok
23:03:32.0658 3920 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:03:32.0689 3920 Parvdm - ok
23:03:32.0736 3920 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
23:03:32.0783 3920 PcaSvc - ok
23:03:32.0814 3920 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
23:03:32.0830 3920 pci - ok
23:03:32.0830 3920 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
23:03:32.0845 3920 pciide - ok
23:03:32.0876 3920 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:03:32.0892 3920 pcmcia - ok
23:03:32.0908 3920 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:03:32.0923 3920 pcw - ok
23:03:32.0970 3920 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:03:33.0032 3920 PEAUTH - ok
23:03:33.0142 3920 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
23:03:33.0220 3920 pla - ok
23:03:33.0376 3920 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
23:03:33.0438 3920 PlugPlay - ok
23:03:33.0469 3920 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
23:03:33.0516 3920 PNRPAutoReg - ok
23:03:33.0547 3920 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:03:33.0578 3920 PNRPsvc - ok
23:03:33.0610 3920 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
23:03:33.0656 3920 PolicyAgent - ok
23:03:33.0703 3920 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
23:03:33.0750 3920 Power - ok
23:03:33.0797 3920 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:03:33.0859 3920 PptpMiniport - ok
23:03:33.0890 3920 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:03:33.0922 3920 Processor - ok
23:03:33.0968 3920 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
23:03:34.0015 3920 ProfSvc - ok
23:03:34.0031 3920 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:03:34.0046 3920 ProtectedStorage - ok
23:03:34.0078 3920 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:03:34.0124 3920 Psched - ok
23:03:34.0202 3920 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:03:34.0249 3920 ql2300 - ok
23:03:34.0358 3920 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:03:34.0374 3920 ql40xx - ok
23:03:34.0405 3920 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
23:03:34.0436 3920 QWAVE - ok
23:03:34.0483 3920 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:03:34.0514 3920 QWAVEdrv - ok
23:03:34.0546 3920 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:03:34.0592 3920 RasAcd - ok
23:03:34.0624 3920 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:03:34.0670 3920 RasAgileVpn - ok
23:03:34.0702 3920 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
23:03:34.0748 3920 RasAuto - ok
23:03:34.0780 3920 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:34.0826 3920 Rasl2tp - ok
23:03:34.0873 3920 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
23:03:34.0920 3920 RasMan - ok
23:03:34.0951 3920 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:34.0998 3920 RasPppoe - ok
23:03:35.0029 3920 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:03:35.0076 3920 RasSstp - ok
23:03:35.0107 3920 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
23:03:35.0154 3920 rdbss - ok
23:03:35.0185 3920 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:03:35.0201 3920 rdpbus - ok
23:03:35.0216 3920 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:35.0263 3920 RDPCDD - ok
23:03:35.0310 3920 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:03:35.0341 3920 RDPENCDD - ok
23:03:35.0372 3920 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:03:35.0419 3920 RDPREFMP - ok
23:03:35.0450 3920 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
23:03:35.0497 3920 RDPWD - ok
23:03:35.0544 3920 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
23:03:35.0560 3920 rdyboost - ok
23:03:35.0575 3920 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
23:03:35.0622 3920 RemoteAccess - ok
23:03:35.0653 3920 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
23:03:35.0731 3920 RemoteRegistry - ok
23:03:35.0747 3920 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
23:03:35.0794 3920 RpcEptMapper - ok
23:03:35.0809 3920 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
23:03:35.0856 3920 RpcLocator - ok
23:03:35.0903 3920 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:03:35.0934 3920 RpcSs - ok
23:03:35.0950 3920 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:03:36.0028 3920 rspndr - ok
23:03:36.0074 3920 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys
23:03:36.0137 3920 RTL8167 - ok
23:03:36.0168 3920 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:03:36.0184 3920 SamSs - ok
23:03:36.0215 3920 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
23:03:36.0230 3920 sbp2port - ok
23:03:36.0355 3920 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
23:03:36.0402 3920 SBSDWSCService - ok
23:03:36.0433 3920 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
23:03:36.0480 3920 SCardSvr - ok
23:03:36.0542 3920 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
23:03:36.0605 3920 scfilter - ok
23:03:36.0667 3920 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
23:03:36.0730 3920 Schedule - ok
23:03:36.0761 3920 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:03:36.0792 3920 SCPolicySvc - ok
23:03:36.0808 3920 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
23:03:36.0854 3920 SDRSVC - ok
23:03:36.0886 3920 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:03:36.0932 3920 secdrv - ok
23:03:36.0964 3920 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
23:03:37.0010 3920 seclogon - ok
23:03:37.0042 3920 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
23:03:37.0073 3920 SENS - ok
23:03:37.0088 3920 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
23:03:37.0135 3920 SensrSvc - ok
23:03:37.0182 3920 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:03:37.0198 3920 Serenum - ok
23:03:37.0229 3920 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:03:37.0276 3920 Serial - ok
23:03:37.0307 3920 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:03:37.0354 3920 sermouse - ok
23:03:37.0400 3920 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
23:03:37.0432 3920 SessionEnv - ok
23:03:37.0463 3920 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
23:03:37.0494 3920 sffdisk - ok
23:03:37.0525 3920 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
23:03:37.0541 3920 sffp_mmc - ok
23:03:37.0556 3920 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
23:03:37.0572 3920 sffp_sd - ok
23:03:37.0603 3920 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:03:37.0634 3920 sfloppy - ok
23:03:37.0697 3920 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
23:03:37.0744 3920 SharedAccess - ok
23:03:37.0775 3920 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
23:03:37.0837 3920 ShellHWDetection - ok
23:03:37.0868 3920 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
23:03:37.0884 3920 sisagp - ok
23:03:37.0915 3920 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:03:37.0931 3920 SiSRaid2 - ok
23:03:37.0946 3920 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:03:37.0962 3920 SiSRaid4 - ok
23:03:37.0993 3920 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:03:38.0024 3920 Smb - ok
23:03:38.0040 3920 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
23:03:38.0087 3920 SNMPTRAP - ok
23:03:38.0102 3920 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:03:38.0118 3920 spldr - ok
23:03:38.0149 3920 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
23:03:38.0212 3920 Spooler - ok
23:03:38.0414 3920 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
23:03:38.0492 3920 sppsvc - ok
23:03:38.0617 3920 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
23:03:38.0664 3920 sppuinotify - ok
23:03:38.0711 3920 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
23:03:38.0773 3920 srv - ok
23:03:38.0789 3920 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
23:03:38.0804 3920 srv2 - ok
23:03:38.0820 3920 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
23:03:38.0851 3920 srvnet - ok
23:03:38.0898 3920 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
23:03:38.0945 3920 SSDPSRV - ok
23:03:38.0976 3920 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
23:03:38.0992 3920 ssmdrv - ok
23:03:39.0007 3920 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
23:03:39.0023 3920 SstpSvc - ok
23:03:39.0054 3920 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:03:39.0070 3920 stexstor - ok
23:03:39.0101 3920 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
23:03:39.0163 3920 StiSvc - ok
23:03:39.0194 3920 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
23:03:39.0210 3920 swenum - ok
23:03:39.0241 3920 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
23:03:39.0272 3920 swprv - ok
23:03:39.0335 3920 SynTP (502986ad48c1169072cff1e087f45a2d) C:\Windows\system32\DRIVERS\SynTP.sys
23:03:39.0350 3920 SynTP - ok
23:03:39.0413 3920 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
23:03:39.0491 3920 SysMain - ok
23:03:39.0538 3920 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
23:03:39.0569 3920 TabletInputService - ok
23:03:39.0600 3920 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
23:03:39.0647 3920 TapiSrv - ok
23:03:39.0694 3920 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
23:03:39.0740 3920 TBS - ok
23:03:39.0850 3920 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
23:03:39.0896 3920 Tcpip - ok
23:03:39.0912 3920 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
23:03:39.0959 3920 TCPIP6 - ok
23:03:40.0006 3920 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
23:03:40.0037 3920 tcpipreg - ok
23:03:40.0084 3920 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
23:03:40.0099 3920 TDPIPE - ok
23:03:40.0130 3920 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
23:03:40.0146 3920 TDTCP - ok
23:03:40.0177 3920 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
23:03:40.0224 3920 tdx - ok
23:03:40.0255 3920 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
23:03:40.0271 3920 TermDD - ok
23:03:40.0318 3920 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
23:03:40.0364 3920 TermService - ok
23:03:40.0474 3920 TestHandler (76468df7a7a92413a57c998de5c39290) C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
23:03:40.0489 3920 TestHandler - ok
23:03:40.0505 3920 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
23:03:40.0552 3920 Themes - ok
23:03:40.0583 3920 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:03:40.0614 3920 THREADORDER - ok
23:03:40.0661 3920 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys
23:03:40.0676 3920 TPM - ok
23:03:40.0692 3920 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
23:03:40.0739 3920 TrkWks - ok
23:03:40.0801 3920 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
23:03:40.0832 3920 TrustedInstaller - ok
23:03:40.0879 3920 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:40.0942 3920 tssecsrv - ok
23:03:40.0973 3920 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
23:03:41.0020 3920 TsUsbFlt - ok
23:03:41.0082 3920 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
23:03:41.0144 3920 tunnel - ok
23:03:41.0176 3920 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:03:41.0191 3920 uagp35 - ok
23:03:41.0222 3920 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
23:03:41.0269 3920 udfs - ok
23:03:41.0300 3920 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
23:03:41.0332 3920 UI0Detect - ok
23:03:41.0378 3920 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
23:03:41.0394 3920 uliagpkx - ok
23:03:41.0425 3920 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
23:03:41.0456 3920 umbus - ok
23:03:41.0488 3920 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:03:41.0534 3920 UmPass - ok
23:03:41.0581 3920 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
23:03:41.0628 3920 upnphost - ok
23:03:41.0690 3920 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
23:03:41.0737 3920 usbaudio - ok
23:03:41.0768 3920 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:41.0784 3920 usbccgp - ok
23:03:41.0800 3920 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
23:03:41.0862 3920 usbcir - ok
23:03:41.0878 3920 usbehci (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
23:03:41.0924 3920 usbehci - ok
23:03:41.0956 3920 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
23:03:41.0987 3920 usbhub - ok
23:03:42.0002 3920 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
23:03:42.0018 3920 usbohci - ok
23:03:42.0049 3920 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:03:42.0080 3920 usbprint - ok
23:03:42.0127 3920 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
23:03:42.0143 3920 usbscan - ok
23:03:42.0174 3920 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:03:42.0205 3920 USBSTOR - ok
23:03:42.0236 3920 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
23:03:42.0268 3920 usbuhci - ok
23:03:42.0299 3920 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
23:03:42.0314 3920 usbvideo - ok
23:03:42.0346 3920 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
23:03:42.0392 3920 UxSms - ok
23:03:42.0424 3920 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:03:42.0424 3920 VaultSvc - ok
23:03:42.0470 3920 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
23:03:42.0486 3920 vdrvroot - ok
23:03:42.0533 3920 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
23:03:42.0564 3920 vds - ok
23:03:42.0595 3920 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:42.0642 3920 vga - ok
23:03:42.0673 3920 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:03:42.0704 3920 VgaSave - ok
23:03:42.0720 3920 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
23:03:42.0736 3920 vhdmp - ok
23:03:42.0782 3920 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
23:03:42.0782 3920 viaagp - ok
23:03:42.0814 3920 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:03:42.0829 3920 ViaC7 - ok
23:03:42.0860 3920 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
23:03:42.0860 3920 viaide - ok
23:03:42.0892 3920 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
23:03:42.0907 3920 volmgr - ok
23:03:42.0938 3920 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:03:42.0954 3920 volmgrx - ok
23:03:43.0001 3920 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
23:03:43.0016 3920 volsnap - ok
23:03:43.0048 3920 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:03:43.0063 3920 vsmraid - ok
23:03:43.0126 3920 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
23:03:43.0188 3920 VSS - ok
23:03:43.0235 3920 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
23:03:43.0250 3920 vwifibus - ok
23:03:43.0266 3920 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
23:03:43.0313 3920 vwififlt - ok
23:03:43.0344 3920 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
23:03:43.0391 3920 vwifimp - ok
23:03:43.0438 3920 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
23:03:43.0484 3920 W32Time - ok
23:03:43.0531 3920 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:03:43.0547 3920 WacomPen - ok
23:03:43.0594 3920 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:03:43.0640 3920 WANARP - ok
23:03:43.0640 3920 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:03:43.0672 3920 Wanarpv6 - ok
23:03:43.0765 3920 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
23:03:43.0843 3920 wbengine - ok
23:03:43.0874 3920 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
23:03:43.0890 3920 WbioSrvc - ok
23:03:43.0921 3920 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
23:03:43.0952 3920 wcncsvc - ok
23:03:43.0984 3920 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
23:03:44.0030 3920 WcsPlugInService - ok
23:03:44.0077 3920 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:03:44.0108 3920 Wd - ok
23:03:44.0155 3920 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:03:44.0171 3920 Wdf01000 - ok
23:03:44.0202 3920 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:03:44.0233 3920 WdiServiceHost - ok
23:03:44.0233 3920 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:03:44.0249 3920 WdiSystemHost - ok
23:03:44.0280 3920 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
23:03:44.0327 3920 WebClient - ok
23:03:44.0342 3920 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
23:03:44.0389 3920 Wecsvc - ok
23:03:44.0420 3920 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
23:03:44.0467 3920 wercplsupport - ok
23:03:44.0498 3920 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
23:03:44.0530 3920 WerSvc - ok
23:03:44.0561 3920 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:03:44.0592 3920 WfpLwf - ok
23:03:44.0608 3920 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:03:44.0623 3920 WIMMount - ok
23:03:44.0717 3920 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
23:03:44.0795 3920 WinDefend - ok
23:03:44.0795 3920 WinHttpAutoProxySvc - ok
23:03:44.0857 3920 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
23:03:44.0904 3920 Winmgmt - ok
23:03:44.0998 3920 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
23:03:45.0044 3920 WinRM - ok
23:03:45.0107 3920 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
23:03:45.0122 3920 WinUsb - ok
23:03:45.0185 3920 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
23:03:45.0216 3920 Wlansvc - ok
23:03:45.0247 3920 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
23:03:45.0310 3920 WmiAcpi - ok
23:03:45.0356 3920 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
23:03:45.0403 3920 wmiApSrv - ok
23:03:45.0528 3920 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
23:03:45.0606 3920 WMPNetworkSvc - ok
23:03:45.0637 3920 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
23:03:45.0715 3920 WPCSvc - ok
23:03:45.0731 3920 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
23:03:45.0762 3920 WPDBusEnum - ok
23:03:45.0809 3920 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:03:45.0871 3920 ws2ifsl - ok
23:03:45.0902 3920 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
23:03:45.0934 3920 wscsvc - ok
23:03:45.0934 3920 WSearch - ok
23:03:46.0058 3920 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
23:03:46.0105 3920 wuauserv - ok
23:03:46.0214 3920 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
23:03:46.0292 3920 WudfPf - ok
23:03:46.0324 3920 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:03:46.0355 3920 WUDFRd - ok
23:03:46.0370 3920 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
23:03:46.0417 3920 wudfsvc - ok
23:03:46.0464 3920 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
23:03:46.0495 3920 WwanSvc - ok
23:03:46.0526 3920 ZTEusbmdm6k - ok
23:03:46.0526 3920 ZTEusbnmea - ok
23:03:46.0558 3920 ZTEusbser6k - ok
23:03:46.0589 3920 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:03:46.0838 3920 \Device\Harddisk0\DR0 - ok
23:03:46.0885 3920 Boot (0x1200) (2a3381801337bc8eaa81d6dfe1e60a87) \Device\Harddisk0\DR0\Partition0
23:03:46.0885 3920 \Device\Harddisk0\DR0\Partition0 - ok
23:03:46.0901 3920 Boot (0x1200) (b447d870d5dd042a85837dc180a3c4d6) \Device\Harddisk0\DR0\Partition1
23:03:46.0901 3920 \Device\Harddisk0\DR0\Partition1 - ok
23:03:46.0901 3920 ============================================================
23:03:46.0901 3920 Scan finished
23:03:46.0901 3920 ============================================================
23:03:46.0932 3400 Detected object count: 0
23:03:46.0932 3400 Actual detected object count: 0
|
|
25.06.2012, 10:51
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht startenCode:
ATTFilter 10:31:29.0273 2340 C:\Windows\system32\drivers\Hotkey.sys - copied to quarantine
10:31:29.0275 2340 HKLM\SYSTEM\ControlSet001\services\Hotkey - will be deleted on reboot
10:31:29.0310 2340 HKLM\SYSTEM\ControlSet002\services\Hotkey - will be deleted on reboot
10:31:29.0438 2340 C:\Windows\system32\drivers\Hotkey.sys - will be deleted on reboot
10:31:29.0438 2340 Hotkey ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:31:29.0500 2340 C:\Program Files\Launch Manager\WisLMSvc.exe - copied to quarantine
10:31:29.0503 2340 HKLM\SYSTEM\ControlSet001\services\WisLMSvc - will be deleted on reboot
10:31:29.0508 2340 HKLM\SYSTEM\ControlSet002\services\WisLMSvc - will be deleted on reboot
10:31:29.0513 2340 C:\Program Files\Launch Manager\WisLMSvc.exe - will be deleted on reboot
10:31:29.0513 2340 WisLMSvc ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:31:34.0080 2404 Deinitialize success
Ja herzlichen Glückwunsch, du hast dir da ein paar legitime Einträge mit gelöscht   Ich hoffe du hast so keine Probleme, denn mir ist nicht bekannt, wie man gefixte Einträge auf Knopfdruck wiederherstellt Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Redirect Virus > Rocketnews, Sicherheitscenter lässt sich nicht starten |
| alternative, antivir, avira, bho, browser, canon, conduit, defender, excel, explorer, explorer.exe, fehlermeldung, firefox, format, home, ics, ie7, kaspersky, launch, logfiles, microsoft, nicht starten, plug-in, problem, registry, scan, searchscopes, software, starten, taskhost.exe, virus, winload toolbar, winlogon |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
