hier der log:
btw was genau hab ich grad getan?

Code: Alles auswählenAufklappen

ATTFilter

All processes killed
========== OTL ==========
No active process named Program Files was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{13E5B5E4-3178-4996-ABBD-A80CAE738EA4}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13E5B5E4-3178-4996-ABBD-A80CAE738EA4}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9E9DE45D-BDAC-4E2C-96E9-7E247C70948C}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E9DE45D-BDAC-4E2C-96E9-7E247C70948C}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A895AEFE-55A2-4667-850C-A917F0E3D99E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A895AEFE-55A2-4667-850C-A917F0E3D99E}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{13E5B5E4-3178-4996-ABBD-A80CAE738EA4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13E5B5E4-3178-4996-ABBD-A80CAE738EA4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9E9DE45D-BDAC-4E2C-96E9-7E247C70948C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E9DE45D-BDAC-4E2C-96E9-7E247C70948C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A895AEFE-55A2-4667-850C-A917F0E3D99E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A895AEFE-55A2-4667-850C-A917F0E3D99E}\ not found.
HKU\S-1-5-21-664569077-1692678498-3200988846-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-664569077-1692678498-3200988846-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\{07FE1D34-95B0-48AE-B54E-82765D0826F3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07FE1D34-95B0-48AE-B54E-82765D0826F3}\ not found.
Registry key HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\{13E5B5E4-3178-4996-ABBD-A80CAE738EA4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13E5B5E4-3178-4996-ABBD-A80CAE738EA4}\ not found.
Registry key HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8C736967-5C86-49DC-B7F2-A1085DEE217F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C736967-5C86-49DC-B7F2-A1085DEE217F}\ not found.
Registry key HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\{90BB515B-2EF7-45CD-8D8A-3E59E183AD7F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90BB515B-2EF7-45CD-8D8A-3E59E183AD7F}\ not found.
Registry key HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\{923BD63B-269E-41F8-8013-3E82A2210CAC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{923BD63B-269E-41F8-8013-3E82A2210CAC}\ not found.
Registry key HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9D0551F6-821B-40A6-BF9D-620B9D7B477F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D0551F6-821B-40A6-BF9D-620B9D7B477F}\ not found.
Registry key HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9E9DE45D-BDAC-4E2C-96E9-7E247C70948C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E9DE45D-BDAC-4E2C-96E9-7E247C70948C}\ not found.
Registry key HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A895AEFE-55A2-4667-850C-A917F0E3D99E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A895AEFE-55A2-4667-850C-A917F0E3D99E}\ not found.
HKU\S-1-5-21-664569077-1692678498-3200988846-1009\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-664569077-1692678498-3200988846-1009\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully!
HKU\S-1-5-21-664569077-1692678498-3200988846-1009\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}\ deleted successfully.
C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ deleted successfully.
File C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll not found.
Registry value HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}\ not found.
File C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files (x86)\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1009\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideFastUserSwitching deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\WallpaperStyle deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\WallpaperStyle not found.
Registry value HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\WallpaperStyle deleted successfully.
Registry value HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableLockWorkstation deleted successfully.
Registry value HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableChangePassword deleted successfully.
Registry value HKEY_USERS\S-1-5-21-664569077-1692678498-3200988846-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\WallpaperStyle deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&AOL Toolbar-Suche\ deleted successfully.
File Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\power2go.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\power2go.exe\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d0ec72f-f259-11de-90b7-00269e8990f8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d0ec72f-f259-11de-90b7-00269e8990f8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d0ec72f-f259-11de-90b7-00269e8990f8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d0ec72f-f259-11de-90b7-00269e8990f8}\ not found.
File F:\LaunchBFII.exe not found.
========== FILES ==========
C:\Program Files (x86)\Ask.com\Updater folder moved successfully.
C:\Program Files (x86)\Ask.com\assets\oobe folder moved successfully.
C:\Program Files (x86)\Ask.com\assets folder moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Sinthoras
->Temp folder emptied: 346736934 bytes
->Temporary Internet Files folder emptied: 912913087 bytes
->Java cache emptied: 5366993 bytes
->FireFox cache emptied: 168873210 bytes
->Flash cache emptied: 8117995 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 233322090 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1.598,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.39.1 log created on 03222012_162826

Files\Folders moved on Reboot...
C:\Users\Sinthoras\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
         

mfg
sinthoras

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

hier bitte:

Code: Alles auswählenAufklappen

ATTFilter

23:28:49.0288 5716	TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
23:28:49.0648 5716	============================================================
23:28:49.0648 5716	Current date / time: 2012/03/23 23:28:49.0648
23:28:49.0648 5716	SystemInfo:
23:28:49.0648 5716	
23:28:49.0648 5716	OS Version: 6.1.7601 ServicePack: 1.0
23:28:49.0648 5716	Product type: Workstation
23:28:49.0648 5716	ComputerName: SINTHORAS
23:28:49.0648 5716	UserName: Sinthoras
23:28:49.0648 5716	Windows directory: C:\Windows
23:28:49.0648 5716	System windows directory: C:\Windows
23:28:49.0648 5716	Running under WOW64
23:28:49.0648 5716	Processor architecture: Intel x64
23:28:49.0648 5716	Number of processors: 8
23:28:49.0648 5716	Page size: 0x1000
23:28:49.0648 5716	Boot type: Normal boot
23:28:49.0648 5716	============================================================
23:28:50.0518 5716	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:28:50.0538 5716	\Device\Harddisk0\DR0:
23:28:50.0558 5716	MBR used
23:28:50.0558 5716	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:28:50.0558 5716	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2351A000
23:28:50.0558 5716	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2357E000, BlocksNum 0x1E7C800
23:28:50.0558 5716	\Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
23:28:50.0748 5716	Initialize success
23:28:50.0748 5716	============================================================
23:31:10.0352 1816	============================================================
23:31:10.0352 1816	Scan started
23:31:10.0352 1816	Mode: Manual; SigCheck; TDLFS; 
23:31:10.0352 1816	============================================================
23:31:12.0224 1816	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:31:12.0349 1816	1394ohci - ok
23:31:12.0411 1816	Accelerometer   (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
23:31:12.0442 1816	Accelerometer - ok
23:31:12.0505 1816	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:31:12.0520 1816	ACPI - ok
23:31:12.0551 1816	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:31:12.0676 1816	AcpiPmi - ok
23:31:12.0739 1816	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:31:12.0770 1816	adp94xx - ok
23:31:12.0863 1816	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:31:12.0895 1816	adpahci - ok
23:31:12.0926 1816	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:31:12.0941 1816	adpu320 - ok
23:31:12.0988 1816	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:31:13.0175 1816	AeLookupSvc - ok
23:31:13.0316 1816	AESTFilters     (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
23:31:13.0378 1816	AESTFilters - ok
23:31:13.0441 1816	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:31:13.0534 1816	AFD - ok
23:31:13.0628 1816	AgereSoftModem  (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
23:31:13.0721 1816	AgereSoftModem - ok
23:31:13.0784 1816	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:31:13.0799 1816	agp440 - ok
23:31:13.0846 1816	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:31:13.0909 1816	ALG - ok
23:31:13.0987 1816	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:31:14.0002 1816	aliide - ok
23:31:14.0080 1816	ALSysIO - ok
23:31:14.0143 1816	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:31:14.0143 1816	amdide - ok
23:31:14.0174 1816	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:31:14.0205 1816	AmdK8 - ok
23:31:14.0236 1816	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:31:14.0283 1816	AmdPPM - ok
23:31:14.0345 1816	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:31:14.0361 1816	amdsata - ok
23:31:14.0408 1816	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:31:14.0423 1816	amdsbs - ok
23:31:14.0439 1816	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:31:14.0455 1816	amdxata - ok
23:31:14.0564 1816	AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:31:14.0579 1816	AntiVirSchedulerService - ok
23:31:14.0626 1816	AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:31:14.0642 1816	AntiVirService - ok
23:31:14.0720 1816	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:31:14.0860 1816	AppID - ok
23:31:14.0938 1816	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:31:14.0985 1816	AppIDSvc - ok
23:31:15.0047 1816	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:31:15.0110 1816	Appinfo - ok
23:31:15.0172 1816	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:31:15.0188 1816	arc - ok
23:31:15.0188 1816	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:31:15.0203 1816	arcsas - ok
23:31:15.0250 1816	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:31:15.0313 1816	AsyncMac - ok
23:31:15.0359 1816	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:31:15.0375 1816	atapi - ok
23:31:15.0469 1816	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:31:15.0531 1816	AudioEndpointBuilder - ok
23:31:15.0547 1816	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:31:15.0578 1816	AudioSrv - ok
23:31:15.0656 1816	avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
23:31:15.0671 1816	avgntflt - ok
23:31:15.0749 1816	avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
23:31:15.0749 1816	avipbb - ok
23:31:15.0812 1816	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
23:31:15.0827 1816	avkmgr - ok
23:31:15.0952 1816	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:31:16.0015 1816	AxInstSV - ok
23:31:16.0077 1816	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:31:16.0124 1816	b06bdrv - ok
23:31:16.0217 1816	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:31:16.0264 1816	b57nd60a - ok
23:31:16.0311 1816	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:31:16.0358 1816	BDESVC - ok
23:31:16.0389 1816	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:31:16.0436 1816	Beep - ok
23:31:16.0514 1816	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
23:31:16.0576 1816	BFE - ok
23:31:16.0670 1816	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
23:31:16.0779 1816	BITS - ok
23:31:16.0826 1816	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:31:16.0857 1816	blbdrive - ok
23:31:16.0919 1816	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:31:16.0966 1816	bowser - ok
23:31:17.0044 1816	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:31:17.0122 1816	BrFiltLo - ok
23:31:17.0138 1816	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:31:17.0169 1816	BrFiltUp - ok
23:31:17.0216 1816	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:31:17.0278 1816	Browser - ok
23:31:17.0309 1816	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:31:17.0356 1816	Brserid - ok
23:31:17.0434 1816	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:31:17.0497 1816	BrSerWdm - ok
23:31:17.0528 1816	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:31:17.0559 1816	BrUsbMdm - ok
23:31:17.0575 1816	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:31:17.0590 1816	BrUsbSer - ok
23:31:17.0621 1816	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:31:17.0653 1816	BTHMODEM - ok
23:31:17.0699 1816	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:31:17.0731 1816	bthserv - ok
23:31:17.0793 1816	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:31:17.0824 1816	cdfs - ok
23:31:17.0918 1816	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:31:17.0949 1816	cdrom - ok
23:31:18.0011 1816	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:31:18.0074 1816	CertPropSvc - ok
23:31:18.0121 1816	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:31:18.0152 1816	circlass - ok
23:31:18.0183 1816	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:31:18.0214 1816	CLFS - ok
23:31:18.0261 1816	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:31:18.0277 1816	clr_optimization_v2.0.50727_32 - ok
23:31:18.0323 1816	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:31:18.0339 1816	clr_optimization_v2.0.50727_64 - ok
23:31:18.0464 1816	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:31:18.0479 1816	clr_optimization_v4.0.30319_32 - ok
23:31:18.0511 1816	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:31:18.0526 1816	clr_optimization_v4.0.30319_64 - ok
23:31:18.0589 1816	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:31:18.0635 1816	CmBatt - ok
23:31:18.0682 1816	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:31:18.0698 1816	cmdide - ok
23:31:18.0760 1816	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:31:18.0791 1816	CNG - ok
23:31:18.0885 1816	Com4QLBEx       (f9a79c5b27037821112c50a9c8fb367a) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
23:31:18.0901 1816	Com4QLBEx - ok
23:31:18.0979 1816	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:31:18.0994 1816	Compbatt - ok
23:31:19.0057 1816	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:31:19.0088 1816	CompositeBus - ok
23:31:19.0103 1816	COMSysApp - ok
23:31:19.0135 1816	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:31:19.0150 1816	crcdisk - ok
23:31:19.0197 1816	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
23:31:19.0244 1816	CryptSvc - ok
23:31:19.0322 1816	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:31:19.0369 1816	DcomLaunch - ok
23:31:19.0447 1816	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:31:19.0509 1816	defragsvc - ok
23:31:19.0571 1816	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:31:19.0618 1816	DfsC - ok
23:31:19.0649 1816	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:31:19.0681 1816	Dhcp - ok
23:31:19.0712 1816	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:31:19.0743 1816	discache - ok
23:31:19.0821 1816	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:31:19.0837 1816	Disk - ok
23:31:19.0883 1816	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:31:19.0930 1816	Dnscache - ok
23:31:20.0024 1816	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:31:20.0071 1816	dot3svc - ok
23:31:20.0133 1816	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:31:20.0195 1816	DPS - ok
23:31:20.0289 1816	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:31:20.0305 1816	drmkaud - ok
23:31:20.0383 1816	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:31:20.0414 1816	DXGKrnl - ok
23:31:20.0492 1816	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:31:20.0539 1816	EapHost - ok
23:31:20.0632 1816	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:31:20.0710 1816	ebdrv - ok
23:31:20.0804 1816	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:31:20.0851 1816	EFS - ok
23:31:20.0929 1816	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:31:20.0991 1816	ehRecvr - ok
23:31:21.0007 1816	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:31:21.0053 1816	ehSched - ok
23:31:21.0147 1816	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:31:21.0178 1816	elxstor - ok
23:31:21.0225 1816	enecir          (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
23:31:21.0256 1816	enecir - ok
23:31:21.0303 1816	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:31:21.0334 1816	ErrDev - ok
23:31:21.0381 1816	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:31:21.0428 1816	EventSystem - ok
23:31:21.0537 1816	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:31:21.0584 1816	exfat - ok
23:31:21.0615 1816	ezSharedSvc - ok
23:31:21.0631 1816	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:31:21.0693 1816	fastfat - ok
23:31:21.0755 1816	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:31:21.0818 1816	Fax - ok
23:31:21.0911 1816	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:31:21.0943 1816	fdc - ok
23:31:21.0974 1816	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:31:22.0036 1816	fdPHost - ok
23:31:22.0052 1816	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:31:22.0099 1816	FDResPub - ok
23:31:22.0145 1816	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:31:22.0161 1816	FileInfo - ok
23:31:22.0177 1816	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:31:22.0223 1816	Filetrace - ok
23:31:22.0301 1816	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:31:22.0333 1816	flpydisk - ok
23:31:22.0379 1816	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:31:22.0395 1816	FltMgr - ok
23:31:22.0457 1816	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:31:22.0520 1816	FontCache - ok
23:31:22.0567 1816	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:31:22.0582 1816	FontCache3.0.0.0 - ok
23:31:22.0613 1816	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:31:22.0629 1816	FsDepends - ok
23:31:22.0707 1816	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:31:22.0723 1816	Fs_Rec - ok
23:31:22.0785 1816	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:31:22.0801 1816	fvevol - ok
23:31:22.0847 1816	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:31:22.0863 1816	gagp30kx - ok
23:31:22.0941 1816	GameConsoleService (551d463e4cceb5240234da6718c93a44) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
23:31:22.0957 1816	GameConsoleService - ok
23:31:23.0019 1816	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:31:23.0113 1816	gpsvc - ok
23:31:23.0206 1816	hamachi         (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
23:31:23.0222 1816	hamachi - ok
23:31:23.0378 1816	Hamachi2Svc     (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
23:31:23.0409 1816	Hamachi2Svc - ok
23:31:23.0503 1816	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:31:23.0549 1816	hcw85cir - ok
23:31:23.0612 1816	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:31:23.0643 1816	HdAudAddService - ok
23:31:23.0690 1816	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:31:23.0721 1816	HDAudBus - ok
23:31:23.0737 1816	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:31:23.0768 1816	HidBatt - ok
23:31:23.0783 1816	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:31:23.0815 1816	HidBth - ok
23:31:23.0861 1816	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:31:23.0893 1816	HidIr - ok
23:31:23.0939 1816	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
23:31:24.0002 1816	hidserv - ok
23:31:24.0064 1816	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
23:31:24.0080 1816	HidUsb - ok
23:31:24.0127 1816	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:31:24.0189 1816	hkmsvc - ok
23:31:24.0236 1816	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:31:24.0283 1816	HomeGroupListener - ok
23:31:24.0329 1816	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:31:24.0361 1816	HomeGroupProvider - ok
23:31:24.0517 1816	HP Support Assistant Service (170233b8d743efe35f462a5d516b93e3) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:31:24.0532 1816	HP Support Assistant Service - ok
23:31:24.0595 1816	HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
23:31:24.0610 1816	HPDrvMntSvc.exe - ok
23:31:24.0673 1816	hpdskflt        (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
23:31:24.0688 1816	hpdskflt - ok
23:31:24.0719 1816	HpqKbFiltr      (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
23:31:24.0766 1816	HpqKbFiltr - ok
23:31:24.0844 1816	hpqwmiex        (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
23:31:24.0875 1816	hpqwmiex - ok
23:31:24.0938 1816	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:31:24.0953 1816	HpSAMD - ok
23:31:25.0031 1816	hpsrv           (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
23:31:25.0031 1816	hpsrv - ok
23:31:25.0109 1816	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:31:25.0156 1816	HTTP - ok
23:31:25.0250 1816	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:31:25.0250 1816	hwpolicy - ok
23:31:25.0328 1816	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
23:31:25.0343 1816	i8042prt - ok
23:31:25.0406 1816	iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
23:31:25.0421 1816	iaStor - ok
23:31:25.0468 1816	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:31:25.0499 1816	iaStorV - ok
23:31:25.0593 1816	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:31:25.0609 1816	IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:31:25.0609 1816	IDriverT - detected UnsignedFile.Multi.Generic (1)
23:31:25.0687 1816	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:31:25.0718 1816	idsvc - ok
23:31:25.0889 1816	igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:31:26.0014 1816	igfx - ok
23:31:26.0123 1816	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:31:26.0139 1816	iirsp - ok
23:31:26.0201 1816	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:31:26.0248 1816	IKEEXT - ok
23:31:26.0295 1816	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:31:26.0311 1816	intelide - ok
23:31:26.0342 1816	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:31:26.0373 1816	intelppm - ok
23:31:26.0404 1816	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:31:26.0435 1816	IPBusEnum - ok
23:31:26.0545 1816	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:31:26.0607 1816	IpFilterDriver - ok
23:31:26.0654 1816	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
23:31:26.0701 1816	iphlpsvc - ok
23:31:26.0747 1816	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:31:26.0779 1816	IPMIDRV - ok
23:31:26.0825 1816	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:31:26.0872 1816	IPNAT - ok
23:31:26.0903 1816	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:31:26.0966 1816	IRENUM - ok
23:31:27.0075 1816	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:31:27.0091 1816	isapnp - ok
23:31:27.0137 1816	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:31:27.0169 1816	iScsiPrt - ok
23:31:27.0215 1816	JMCR            (f8844b00c10e386c704c610e95a9847d) C:\Windows\system32\DRIVERS\jmcr.sys
23:31:27.0231 1816	JMCR - ok
23:31:27.0262 1816	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
23:31:27.0278 1816	kbdclass - ok
23:31:27.0309 1816	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
23:31:27.0325 1816	kbdhid - ok
23:31:27.0387 1816	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:31:27.0403 1816	KeyIso - ok
23:31:27.0465 1816	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:31:27.0481 1816	KSecDD - ok
23:31:27.0527 1816	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:31:27.0543 1816	KSecPkg - ok
23:31:27.0574 1816	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:31:27.0621 1816	ksthunk - ok
23:31:27.0652 1816	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:31:27.0699 1816	KtmRm - ok
23:31:27.0746 1816	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
23:31:27.0808 1816	LanmanServer - ok
23:31:27.0855 1816	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:31:27.0902 1816	LanmanWorkstation - ok
23:31:27.0980 1816	LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:31:27.0995 1816	LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:31:27.0995 1816	LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:31:28.0089 1816	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:31:28.0151 1816	lltdio - ok
23:31:28.0183 1816	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:31:28.0245 1816	lltdsvc - ok
23:31:28.0261 1816	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:31:28.0292 1816	lmhosts - ok
23:31:28.0339 1816	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:31:28.0354 1816	LSI_FC - ok
23:31:28.0370 1816	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:31:28.0385 1816	LSI_SAS - ok
23:31:28.0417 1816	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:31:28.0432 1816	LSI_SAS2 - ok
23:31:28.0463 1816	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:31:28.0479 1816	LSI_SCSI - ok
23:31:28.0495 1816	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:31:28.0541 1816	luafv - ok
23:31:28.0666 1816	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
23:31:28.0682 1816	MBAMProtector - ok
23:31:28.0729 1816	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:31:28.0760 1816	MBAMService - ok
23:31:28.0822 1816	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:31:28.0853 1816	Mcx2Svc - ok
23:31:28.0885 1816	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:31:28.0900 1816	megasas - ok
23:31:28.0963 1816	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:31:28.0978 1816	MegaSR - ok
23:31:29.0009 1816	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:31:29.0056 1816	MMCSS - ok
23:31:29.0103 1816	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:31:29.0134 1816	Modem - ok
23:31:29.0165 1816	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:31:29.0197 1816	monitor - ok
23:31:29.0243 1816	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
23:31:29.0259 1816	mouclass - ok
23:31:29.0290 1816	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:31:29.0321 1816	mouhid - ok
23:31:29.0431 1816	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:31:29.0446 1816	mountmgr - ok
23:31:29.0477 1816	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:31:29.0493 1816	mpio - ok
23:31:29.0540 1816	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:31:29.0587 1816	mpsdrv - ok
23:31:29.0649 1816	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
23:31:29.0696 1816	MpsSvc - ok
23:31:29.0758 1816	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:31:29.0774 1816	MRxDAV - ok
23:31:29.0852 1816	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:31:29.0914 1816	mrxsmb - ok
23:31:29.0961 1816	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:31:29.0992 1816	mrxsmb10 - ok
23:31:30.0023 1816	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:31:30.0039 1816	mrxsmb20 - ok
23:31:30.0086 1816	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:31:30.0101 1816	msahci - ok
23:31:30.0133 1816	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:31:30.0148 1816	msdsm - ok
23:31:30.0179 1816	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:31:30.0211 1816	MSDTC - ok
23:31:30.0242 1816	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:31:30.0273 1816	Msfs - ok
23:31:30.0304 1816	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:31:30.0351 1816	mshidkmdf - ok
23:31:30.0413 1816	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:31:30.0429 1816	msisadrv - ok
23:31:30.0881 1816	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:31:30.0928 1816	MSiSCSI - ok
23:31:30.0944 1816	msiserver - ok
23:31:30.0991 1816	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:31:31.0037 1816	MSKSSRV - ok
23:31:31.0053 1816	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:31:31.0100 1816	MSPCLOCK - ok
23:31:31.0131 1816	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:31:31.0178 1816	MSPQM - ok
23:31:31.0225 1816	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:31:31.0240 1816	MsRPC - ok
23:31:31.0287 1816	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:31:31.0303 1816	mssmbios - ok
23:31:31.0318 1816	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:31:31.0349 1816	MSTEE - ok
23:31:31.0427 1816	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:31:31.0459 1816	MTConfig - ok
23:31:31.0474 1816	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:31:31.0490 1816	Mup - ok
23:31:31.0552 1816	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:31:31.0599 1816	napagent - ok
23:31:31.0646 1816	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:31:31.0693 1816	NativeWifiP - ok
23:31:31.0755 1816	Nbdrv           (0b5d0dd9fa104ef87801c8f58f068b3e) C:\Windows\system32\DRIVERS\nbdrv.sys
23:31:31.0755 1816	Nbdrv - ok
23:31:31.0927 1816	NBService       (f46070ddada5c396b1f2ebf1c46dbb08) C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
23:31:31.0958 1816	NBService - ok
23:31:32.0098 1816	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:31:32.0129 1816	NDIS - ok
23:31:32.0192 1816	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:31:32.0239 1816	NdisCap - ok
23:31:32.0270 1816	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:31:32.0317 1816	NdisTapi - ok
23:31:32.0395 1816	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:31:32.0426 1816	Ndisuio - ok
23:31:32.0488 1816	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:31:32.0519 1816	NdisWan - ok
23:31:32.0566 1816	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:31:32.0613 1816	NDProxy - ok
23:31:32.0753 1816	Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
23:31:32.0785 1816	Nero BackItUp Scheduler 4.0 - ok
23:31:32.0878 1816	NetBalancer Windows Service (3792b717b385ed6f65677e3aabda1eb2) C:\Program Files\NetBalancer2\SeriousBit.NetBalancer.Service.exe
23:31:32.0909 1816	NetBalancer Windows Service ( UnsignedFile.Multi.Generic ) - warning
23:31:32.0909 1816	NetBalancer Windows Service - detected UnsignedFile.Multi.Generic (1)
23:31:32.0987 1816	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:31:33.0034 1816	NetBIOS - ok
23:31:33.0112 1816	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:31:33.0159 1816	NetBT - ok
23:31:33.0206 1816	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:31:33.0237 1816	Netlogon - ok
23:31:33.0268 1816	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:31:33.0315 1816	Netman - ok
23:31:33.0331 1816	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:31:33.0393 1816	netprofm - ok
23:31:33.0455 1816	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:31:33.0471 1816	NetTcpPortSharing - ok
23:31:33.0689 1816	NETw5s64        (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
23:31:33.0845 1816	NETw5s64 - ok
23:31:34.0017 1816	netw5v64        (d68de412a3243f8d57ddb814aa509813) C:\Windows\system32\DRIVERS\netw5v64.sys
23:31:34.0126 1816	netw5v64 - ok
23:31:34.0220 1816	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:31:34.0235 1816	nfrd960 - ok
23:31:34.0298 1816	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:31:34.0345 1816	NlaSvc - ok
23:31:34.0469 1816	NMIndexingService (433049770b810d7c83c5c94cdb3e09d2) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
23:31:34.0485 1816	NMIndexingService - ok
23:31:34.0516 1816	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:31:34.0547 1816	Npfs - ok
23:31:34.0579 1816	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:31:34.0625 1816	nsi - ok
23:31:34.0641 1816	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:31:34.0688 1816	nsiproxy - ok
23:31:34.0797 1816	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:31:34.0828 1816	Ntfs - ok
23:31:34.0906 1816	ntiomin - ok
23:31:34.0922 1816	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:31:34.0969 1816	Null - ok
23:31:35.0000 1816	NVHDA           (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys
23:31:35.0015 1816	NVHDA - ok
23:31:35.0327 1816	nvlddmkm        (9fc53830053787fad2078f39d3ab68dc) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:31:35.0702 1816	nvlddmkm - ok
23:31:35.0811 1816	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:31:35.0827 1816	nvraid - ok
23:31:35.0842 1816	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:31:35.0858 1816	nvstor - ok
23:31:35.0920 1816	nvsvc           (9943f143d62c6a546c0995feae4b4784) C:\Windows\system32\nvvsvc.exe
23:31:35.0951 1816	nvsvc - ok
23:31:36.0076 1816	nvUpdatusService (6c2d25f82671d8aef9f717fd17821c3b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:31:36.0123 1816	nvUpdatusService - ok
23:31:36.0217 1816	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:31:36.0232 1816	nv_agp - ok
23:31:36.0310 1816	odserv          (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:31:36.0326 1816	odserv - ok
23:31:36.0404 1816	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:31:36.0435 1816	ohci1394 - ok
23:31:36.0482 1816	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:31:36.0497 1816	ose - ok
23:31:36.0544 1816	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:31:36.0607 1816	p2pimsvc - ok
23:31:36.0638 1816	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:31:36.0653 1816	p2psvc - ok
23:31:36.0685 1816	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:31:36.0700 1816	Parport - ok
23:31:36.0747 1816	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:31:36.0763 1816	partmgr - ok
23:31:36.0794 1816	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:31:36.0825 1816	PcaSvc - ok
23:31:36.0872 1816	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:31:36.0903 1816	pci - ok
23:31:36.0950 1816	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:31:36.0965 1816	pciide - ok
23:31:36.0981 1816	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:31:36.0997 1816	pcmcia - ok
23:31:37.0028 1816	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:31:37.0043 1816	pcw - ok
23:31:37.0075 1816	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:31:37.0137 1816	PEAUTH - ok
23:31:37.0199 1816	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:31:37.0231 1816	PerfHost - ok
23:31:37.0309 1816	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:31:37.0387 1816	pla - ok
23:31:37.0465 1816	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:31:37.0496 1816	PlugPlay - ok
23:31:37.0511 1816	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:31:37.0558 1816	PNRPAutoReg - ok
23:31:37.0605 1816	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:31:37.0621 1816	PNRPsvc - ok
23:31:37.0683 1816	Point64         (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
23:31:37.0699 1816	Point64 - ok
23:31:37.0761 1816	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:31:37.0808 1816	PolicyAgent - ok
23:31:37.0839 1816	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:31:37.0886 1816	Power - ok
23:31:37.0948 1816	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:31:37.0995 1816	PptpMiniport - ok
23:31:38.0073 1816	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:31:38.0104 1816	Processor - ok
23:31:38.0135 1816	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
23:31:38.0167 1816	ProfSvc - ok
23:31:38.0213 1816	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:31:38.0229 1816	ProtectedStorage - ok
23:31:38.0291 1816	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:31:38.0323 1816	Psched - ok
23:31:38.0385 1816	PSI_SVC_2       (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
23:31:38.0401 1816	PSI_SVC_2 - ok
23:31:38.0494 1816	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:31:38.0557 1816	ql2300 - ok
23:31:38.0588 1816	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:31:38.0603 1816	ql40xx - ok
23:31:38.0635 1816	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:31:38.0650 1816	QWAVE - ok
23:31:38.0697 1816	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:31:38.0728 1816	QWAVEdrv - ok
23:31:38.0728 1816	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:31:38.0775 1816	RasAcd - ok
23:31:38.0806 1816	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:31:38.0837 1816	RasAgileVpn - ok
23:31:38.0869 1816	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:31:38.0915 1816	RasAuto - ok
23:31:38.0962 1816	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:31:38.0993 1816	Rasl2tp - ok
23:31:39.0071 1816	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:31:39.0118 1816	RasMan - ok
23:31:39.0149 1816	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:31:39.0196 1816	RasPppoe - ok
23:31:39.0243 1816	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:31:39.0290 1816	RasSstp - ok
23:31:39.0337 1816	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:31:39.0368 1816	rdbss - ok
23:31:39.0399 1816	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:31:39.0430 1816	rdpbus - ok
23:31:39.0477 1816	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:31:39.0524 1816	RDPCDD - ok
23:31:39.0539 1816	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:31:39.0586 1816	RDPENCDD - ok
23:31:39.0602 1816	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:31:39.0633 1816	RDPREFMP - ok
23:31:39.0695 1816	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
23:31:39.0742 1816	RDPWD - ok
23:31:39.0820 1816	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:31:39.0836 1816	rdyboost - ok
23:31:39.0867 1816	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:31:39.0914 1816	RemoteAccess - ok
23:31:39.0945 1816	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:31:39.0992 1816	RemoteRegistry - ok
23:31:40.0070 1816	RichVideo       (498eb62a160674e793fa40fd65390625) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
23:31:40.0085 1816	RichVideo - ok
23:31:40.0101 1816	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:31:40.0163 1816	RpcEptMapper - ok
23:31:40.0179 1816	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:31:40.0210 1816	RpcLocator - ok
23:31:40.0273 1816	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:31:40.0319 1816	RpcSs - ok
23:31:40.0382 1816	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:31:40.0429 1816	rspndr - ok
23:31:40.0507 1816	RTL8167         (91296f0b2653281b2f11e0fce56aa427) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:31:40.0538 1816	RTL8167 - ok
23:31:40.0585 1816	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:31:40.0600 1816	SamSs - ok
23:31:40.0647 1816	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:31:40.0663 1816	sbp2port - ok
23:31:40.0678 1816	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:31:40.0725 1816	SCardSvr - ok
23:31:40.0787 1816	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:31:40.0834 1816	scfilter - ok
23:31:40.0912 1816	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:31:40.0975 1816	Schedule - ok
23:31:41.0037 1816	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:31:41.0068 1816	SCPolicySvc - ok
23:31:41.0131 1816	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
23:31:41.0162 1816	sdbus - ok
23:31:41.0209 1816	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:31:41.0240 1816	SDRSVC - ok
23:31:41.0302 1816	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:31:41.0349 1816	secdrv - ok
23:31:41.0380 1816	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:31:41.0427 1816	seclogon - ok
23:31:41.0458 1816	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
23:31:41.0505 1816	SENS - ok
23:31:41.0552 1816	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:31:41.0567 1816	SensrSvc - ok
23:31:41.0614 1816	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:31:41.0630 1816	Serenum - ok
23:31:41.0645 1816	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:31:41.0692 1816	Serial - ok
23:31:41.0755 1816	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:31:41.0786 1816	sermouse - ok
23:31:41.0848 1816	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:31:41.0895 1816	SessionEnv - ok
23:31:41.0942 1816	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:31:41.0973 1816	sffdisk - ok
23:31:42.0020 1816	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:31:42.0051 1816	sffp_mmc - ok
23:31:42.0067 1816	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:31:42.0098 1816	sffp_sd - ok
23:31:42.0145 1816	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:31:42.0176 1816	sfloppy - ok
23:31:42.0238 1816	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:31:42.0285 1816	SharedAccess - ok
23:31:42.0332 1816	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:31:42.0379 1816	ShellHWDetection - ok
23:31:42.0441 1816	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:31:42.0457 1816	SiSRaid2 - ok
23:31:42.0472 1816	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:31:42.0488 1816	SiSRaid4 - ok
23:31:42.0519 1816	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:31:42.0581 1816	Smb - ok
23:31:42.0628 1816	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:31:42.0644 1816	SNMPTRAP - ok
23:31:42.0737 1816	speedfan        (545df58bd126cf850439040397a63929) C:\Windows\syswow64\speedfan.sys
23:31:42.0753 1816	speedfan ( UnsignedFile.Multi.Generic ) - warning
23:31:42.0753 1816	speedfan - detected UnsignedFile.Multi.Generic (1)
23:31:42.0800 1816	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:31:42.0815 1816	spldr - ok
23:31:42.0878 1816	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:31:42.0925 1816	Spooler - ok
23:31:43.0018 1816	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:31:43.0127 1816	sppsvc - ok
23:31:43.0221 1816	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:31:43.0283 1816	sppuinotify - ok
23:31:43.0408 1816	sptd            (88e5162e58c8919cc873f5d8946197cf) C:\Windows\System32\Drivers\sptd.sys
23:31:43.0439 1816	sptd - ok
23:31:43.0486 1816	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:31:43.0533 1816	srv - ok
23:31:43.0611 1816	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:31:43.0642 1816	srv2 - ok
23:31:43.0689 1816	SrvHsfHDA       (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:31:43.0705 1816	SrvHsfHDA - ok
23:31:43.0751 1816	SrvHsfV92       (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:31:43.0798 1816	SrvHsfV92 - ok
23:31:43.0814 1816	SrvHsfWinac     (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:31:43.0845 1816	SrvHsfWinac - ok
23:31:43.0970 1816	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:31:44.0001 1816	srvnet - ok
23:31:44.0048 1816	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:31:44.0095 1816	SSDPSRV - ok
23:31:44.0126 1816	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:31:44.0173 1816	SstpSvc - ok
23:31:44.0329 1816	STacSV          (7595d53ee8e8b0baa9a2ddde867ebb0c) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
23:31:44.0375 1816	STacSV - ok
23:31:44.0453 1816	Steam Client Service - ok
23:31:44.0594 1816	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:31:44.0609 1816	stexstor - ok
23:31:44.0687 1816	STHDA           (dffbc024dfc7bb05b2129e05cbc7a201) C:\Windows\system32\DRIVERS\stwrt64.sys
23:31:44.0734 1816	STHDA - ok
23:31:44.0797 1816	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:31:44.0828 1816	stisvc - ok
23:31:44.0875 1816	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:31:44.0890 1816	swenum - ok
23:31:44.0999 1816	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:31:45.0077 1816	swprv - ok
23:31:45.0140 1816	SynTP           (772493a8945495f1a287bf6c4ca25b48) C:\Windows\system32\DRIVERS\SynTP.sys
23:31:45.0171 1816	SynTP - ok
23:31:45.0249 1816	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:31:45.0296 1816	SysMain - ok
23:31:45.0389 1816	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:31:45.0421 1816	TabletInputService - ok
23:31:45.0483 1816	tap0901         (bcd6a90d6fd757ce9c29ddc850f7f231) C:\Windows\system32\DRIVERS\tap0901.sys
23:31:45.0514 1816	tap0901 - ok
23:31:45.0577 1816	taphss          (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
23:31:45.0592 1816	taphss - ok
23:31:45.0623 1816	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:31:45.0686 1816	TapiSrv - ok
23:31:45.0717 1816	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:31:45.0748 1816	TBS - ok
23:31:45.0857 1816	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:31:45.0904 1816	Tcpip - ok
23:31:45.0998 1816	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:31:46.0029 1816	TCPIP6 - ok
23:31:46.0076 1816	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:31:46.0123 1816	tcpipreg - ok
23:31:46.0169 1816	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:31:46.0185 1816	TDPIPE - ok
23:31:46.0216 1816	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:31:46.0247 1816	TDTCP - ok
23:31:46.0310 1816	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:31:46.0357 1816	tdx - ok
23:31:46.0403 1816	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:31:46.0419 1816	TermDD - ok
23:31:46.0450 1816	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:31:46.0513 1816	TermService - ok
23:31:46.0575 1816	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:31:46.0606 1816	Themes - ok
23:31:46.0637 1816	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:31:46.0669 1816	THREADORDER - ok
23:31:46.0684 1816	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:31:46.0715 1816	TrkWks - ok
23:31:46.0778 1816	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:31:46.0809 1816	TrustedInstaller - ok
23:31:46.0871 1816	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:31:46.0903 1816	tssecsrv - ok
23:31:46.0965 1816	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:31:46.0996 1816	TsUsbFlt - ok
23:31:47.0090 1816	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:31:47.0121 1816	tunnel - ok
23:31:47.0168 1816	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:31:47.0183 1816	uagp35 - ok
23:31:47.0246 1816	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:31:47.0293 1816	udfs - ok
23:31:47.0324 1816	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:31:47.0339 1816	UI0Detect - ok
23:31:47.0402 1816	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:31:47.0417 1816	uliagpkx - ok
23:31:47.0464 1816	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
23:31:47.0495 1816	umbus - ok
23:31:47.0542 1816	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:31:47.0573 1816	UmPass - ok
23:31:47.0620 1816	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:31:47.0667 1816	upnphost - ok
23:31:47.0745 1816	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
23:31:47.0776 1816	usbaudio - ok
23:31:47.0823 1816	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:31:47.0885 1816	usbccgp - ok
23:31:47.0932 1816	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:31:47.0948 1816	usbcir - ok
23:31:47.0995 1816	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:31:48.0026 1816	usbehci - ok
23:31:48.0057 1816	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:31:48.0088 1816	usbhub - ok
23:31:48.0166 1816	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:31:48.0182 1816	usbohci - ok
23:31:48.0229 1816	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:31:48.0244 1816	usbprint - ok
23:31:48.0322 1816	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:31:48.0353 1816	usbscan - ok
23:31:48.0369 1816	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:31:48.0431 1816	USBSTOR - ok
23:31:48.0478 1816	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:31:48.0509 1816	usbuhci - ok
23:31:48.0603 1816	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
23:31:48.0634 1816	usbvideo - ok
23:31:48.0665 1816	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:31:48.0712 1816	UxSms - ok
23:31:48.0759 1816	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:31:48.0775 1816	VaultSvc - ok
23:31:48.0837 1816	VBoxDrv         (00203e05f2fe6cfb94229ed91d6010a2) C:\Windows\system32\DRIVERS\VBoxDrv.sys
23:31:48.0868 1816	VBoxDrv - ok
23:31:48.0915 1816	VBoxNetAdp      (85df2c59645d374be7e3234241761230) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
23:31:48.0931 1816	VBoxNetAdp - ok
23:31:48.0993 1816	VBoxNetFlt      (57daefdd2c459afef2596a656f016e74) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
23:31:49.0024 1816	VBoxNetFlt - ok
23:31:49.0087 1816	VBoxUSBMon      (74ce29e023c79c195ddff87fbf075037) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
23:31:49.0102 1816	VBoxUSBMon - ok
23:31:49.0165 1816	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:31:49.0180 1816	vdrvroot - ok
23:31:49.0258 1816	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:31:49.0336 1816	vds - ok
23:31:49.0383 1816	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:31:49.0399 1816	vga - ok
23:31:49.0414 1816	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:31:49.0461 1816	VgaSave - ok
23:31:49.0508 1816	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:31:49.0523 1816	vhdmp - ok
23:31:49.0617 1816	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:31:49.0617 1816	viaide - ok
23:31:49.0664 1816	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:31:49.0679 1816	volmgr - ok
23:31:49.0726 1816	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:31:49.0757 1816	volmgrx - ok
23:31:49.0773 1816	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:31:49.0789 1816	volsnap - ok
23:31:49.0835 1816	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:31:49.0851 1816	vsmraid - ok
23:31:49.0913 1816	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:31:49.0976 1816	VSS - ok
23:31:50.0054 1816	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:31:50.0085 1816	vwifibus - ok
23:31:50.0163 1816	VWiFiFlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:31:50.0194 1816	VWiFiFlt - ok
23:31:50.0225 1816	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
23:31:50.0241 1816	vwifimp - ok
23:31:50.0288 1816	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:31:50.0319 1816	W32Time - ok
23:31:50.0350 1816	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:31:50.0381 1816	WacomPen - ok
23:31:50.0444 1816	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:31:50.0491 1816	WANARP - ok
23:31:50.0491 1816	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:31:50.0522 1816	Wanarpv6 - ok
23:31:50.0615 1816	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:31:50.0678 1816	wbengine - ok
23:31:50.0709 1816	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:31:50.0725 1816	WbioSrvc - ok
23:31:50.0771 1816	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:31:50.0818 1816	wcncsvc - ok
23:31:50.0849 1816	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:31:50.0865 1816	WcsPlugInService - ok
23:31:50.0912 1816	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:31:50.0927 1816	Wd - ok
23:31:50.0990 1816	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:31:51.0005 1816	Wdf01000 - ok
23:31:51.0037 1816	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:31:51.0130 1816	WdiServiceHost - ok
23:31:51.0146 1816	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:31:51.0161 1816	WdiSystemHost - ok
23:31:51.0224 1816	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:31:51.0255 1816	WebClient - ok
23:31:51.0302 1816	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:31:51.0349 1816	Wecsvc - ok
23:31:51.0380 1816	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:31:51.0427 1816	wercplsupport - ok
23:31:51.0458 1816	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:31:51.0505 1816	WerSvc - ok
23:31:51.0536 1816	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:31:51.0583 1816	WfpLwf - ok
23:31:51.0598 1816	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:31:51.0614 1816	WIMMount - ok
23:31:51.0645 1816	WinDefend - ok
23:31:51.0645 1816	WinHttpAutoProxySvc - ok
23:31:51.0707 1816	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:31:51.0770 1816	Winmgmt - ok
23:31:52.0066 1816	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:31:52.0129 1816	WinRM - ok
23:31:52.0207 1816	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:31:52.0253 1816	Wlansvc - ok
23:31:52.0331 1816	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:31:52.0363 1816	WmiAcpi - ok
23:31:52.0425 1816	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:31:52.0456 1816	wmiApSrv - ok
23:31:52.0503 1816	WMPNetworkSvc - ok
23:31:52.0550 1816	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:31:52.0581 1816	WPCSvc - ok
23:31:52.0643 1816	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:31:52.0659 1816	WPDBusEnum - ok
23:31:52.0690 1816	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:31:52.0737 1816	ws2ifsl - ok
23:31:52.0768 1816	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
23:31:52.0799 1816	wscsvc - ok
23:31:52.0799 1816	WSearch - ok
23:31:52.0893 1816	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
23:31:52.0971 1816	wuauserv - ok
23:31:53.0080 1816	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:31:53.0127 1816	WudfPf - ok
23:31:53.0158 1816	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:31:53.0205 1816	WUDFRd - ok
23:31:53.0252 1816	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:31:53.0283 1816	wudfsvc - ok
23:31:53.0314 1816	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:31:53.0345 1816	WwanSvc - ok
23:31:53.0408 1816	yukonw7         (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
23:31:53.0439 1816	yukonw7 - ok
23:31:53.0486 1816	MBR (0x1B8)     (2e6dfddf83fbb7908b038c68abfb4566) \Device\Harddisk0\DR0
23:31:53.0579 1816	\Device\Harddisk0\DR0 - ok
23:31:53.0595 1816	Boot (0x1200)   (2c9a4b92866f4a9328fc2ae56a85df42) \Device\Harddisk0\DR0\Partition0
23:31:53.0595 1816	\Device\Harddisk0\DR0\Partition0 - ok
23:31:53.0611 1816	Boot (0x1200)   (9f06345952d547aac52bb5ef666956f2) \Device\Harddisk0\DR0\Partition1
23:31:53.0611 1816	\Device\Harddisk0\DR0\Partition1 - ok
23:31:53.0626 1816	Boot (0x1200)   (ec54f8ab66faf486f0eb1f0c1b6ea462) \Device\Harddisk0\DR0\Partition2
23:31:53.0642 1816	\Device\Harddisk0\DR0\Partition2 - ok
23:31:53.0642 1816	Boot (0x1200)   (6367b61586d605461ffbca9e3a310e58) \Device\Harddisk0\DR0\Partition3
23:31:53.0642 1816	\Device\Harddisk0\DR0\Partition3 - ok
23:31:53.0657 1816	============================================================
23:31:53.0657 1816	Scan finished
23:31:53.0657 1816	============================================================
23:31:53.0657 4960	Detected object count: 4
23:31:53.0657 4960	Actual detected object count: 4
23:32:06.0839 4960	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:06.0839 4960	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:06.0839 4960	LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:06.0839 4960	LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:06.0839 4960	NetBalancer Windows Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:06.0839 4960	NetBalancer Windows Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:32:06.0839 4960	speedfan ( UnsignedFile.Multi.Generic ) - skipped by user
23:32:06.0839 4960	speedfan ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

mfg
sinthoras

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop.

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

so hat alles geklappt,
hier der log:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 12-03-22.01 - Sinthoras 25.03.2012  15:11:14.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4087.2573 [GMT 2:00]
ausgeführt von:: c:\users\Sinthoras\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Sinthoras\AppData\Local\TempDIR
c:\users\Sinthoras\AppData\Local\TempDIR\dfn-verein-g01-ca.der
c:\users\Sinthoras\AppData\Local\TempDIR\rhrk-g02-ca.der
c:\windows\IsUn0407.exe
c:\windows\iun6002.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-02-25 bis 2012-03-25  ))))))))))))))))))))))))))))))
.
.
2012-03-25 13:34 . 2012-03-25 13:34	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-03-25 13:34 . 2012-03-25 13:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-03-23 10:04 . 2012-03-14 03:27	8669240	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{08E385F5-00FB-47C7-8A6E-DA9DFD69092A}\mpengine.dll
2012-03-20 18:06 . 2012-03-20 18:06	592824	----a-w-	c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-20 18:06 . 2012-03-20 18:06	44472	----a-w-	c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-14 19:46 . 2011-11-19 15:20	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-14 19:46 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 19:46 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 17:20 . 2012-02-03 04:34	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 17:20 . 2012-02-10 06:36	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 17:20 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-13 18:18 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-13 18:18 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-03-13 18:18 . 2012-02-17 04:58	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-13 18:18 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-13 18:18 . 2012-01-25 06:38	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-13 18:18 . 2012-01-25 06:38	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-13 18:18 . 2012-01-25 06:33	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-12 22:09 . 2012-03-12 22:09	--------	d-----w-	c:\program files (x86)\ESET
2012-03-11 11:02 . 2012-03-11 11:02	--------	d-----w-	c:\users\Sinthoras\AppData\Roaming\Avira
2012-03-11 10:58 . 2012-01-31 07:56	97312	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-03-11 10:58 . 2012-01-31 07:56	132320	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-03-11 10:58 . 2011-09-16 15:08	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-03-11 10:58 . 2012-03-11 10:58	--------	d-----w-	c:\programdata\Avira
2012-03-11 10:58 . 2012-03-11 10:58	--------	d-----w-	c:\program files (x86)\Avira
2012-03-10 09:09 . 2012-03-10 09:09	--------	d-----w-	c:\programdata\Ask
2012-03-07 15:35 . 2010-11-21 18:45	--------	d---a-w-	c:\windows\SysWow64\.minecraft
2012-03-03 21:13 . 2012-03-03 21:13	--------	d--h--w-	c:\windows\AxInstSV
2012-03-02 13:05 . 2012-03-02 13:05	--------	d-----w-	c:\users\Sinthoras\AppData\Roaming\NVIDIA
2012-03-02 12:10 . 2008-10-15 05:22	5631312	----a-w-	c:\windows\system32\D3DX9_40.dll
2012-03-02 12:10 . 2008-10-15 05:22	4379984	----a-w-	c:\windows\SysWow64\D3DX9_40.dll
2012-03-02 12:10 . 2008-07-31 09:41	72200	----a-w-	c:\windows\system32\XAPOFX1_1.dll
2012-03-02 12:10 . 2008-07-31 09:40	513544	----a-w-	c:\windows\system32\XAudio2_2.dll
2012-03-02 12:10 . 2008-07-31 09:41	238088	----a-w-	c:\windows\SysWow64\xactengine3_2.dll
2012-03-02 12:10 . 2008-07-31 09:41	177672	----a-w-	c:\windows\system32\xactengine3_2.dll
2012-02-29 15:09 . 2012-02-29 15:09	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2012-02-27 17:05 . 2012-02-27 17:05	--------	d-----w-	c:\users\Sinthoras\AppData\Local\Windows Live Writer
2012-02-27 17:05 . 2012-02-27 17:05	--------	d-----w-	c:\users\Sinthoras\AppData\Roaming\Windows Live Writer
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-10 09:08 . 2010-04-27 17:52	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-03-06 16:55 . 2011-09-09 09:08	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-12-22 17:33	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-03 21:16 . 2012-02-03 21:16	750488	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-02-03 21:16 . 2012-02-03 20:56	660368	----a-w-	c:\windows\system32\deployJava1.dll
2012-01-04 10:44 . 2012-02-16 16:16	509952	----a-w-	c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-16 16:16	442880	----a-w-	c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-16 16:16	515584	----a-w-	c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-16 16:16	478720	----a-w-	c:\windows\SysWow64\timedate.cpl
2011-12-28 23:57 . 2011-12-28 23:57	37888	----a-w-	c:\windows\system32\drivers\taphss.sys
2011-12-28 03:59 . 2012-02-16 16:14	498688	----a-w-	c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZDF.nachrichtenkurier"="c:\program files (x86)\ZDFnachrichtenkurier\0" [X]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2009-06-22 16712]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-12 581480]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-06-22 60464]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-01-31 258512]
.
c:\users\Sinthoras\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenVPN GUI.lnk - c:\windows\System32\schtasks.exe [2011-7-2 285696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 ntiomin;ntiomin; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R3 ALSysIO;ALSysIO;c:\users\SINTHO~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-01-31 86224]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 NetBalancer Windows Service;NetBalancer Windows Service;c:\program files\NetBalancer2\SeriousBit.NetBalancer.Service.exe [2010-12-10 10240]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-25 2214504]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Nbdrv;NetBalancer Service;c:\windows\system32\DRIVERS\nbdrv.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-22 c:\windows\Tasks\HPCeeScheduleForSinthoras.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mStart Page = 
mLocal Page = 
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Sinthoras\AppData\Roaming\Mozilla\Firefox\Profiles\vtfpqkie.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.de/
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Blobby Volley 2.0 Alpha 6_is1 - c:\program files (x86)\Blobby Volley 2.0 Alpha 6\unins000.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-nachkur - c:\program files (x86)\ZDFnachrichtenkurier\0
AddRemove-Yawle_0.3b - c:\windows\iun6002.exe
AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files (x86)\Ask.com\Updater\Updater.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-03-25  15:41:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-03-25 13:41
.
Vor Suchlauf: 15 Verzeichnis(se), 100.826.005.504 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 100.672.638.976 Bytes frei
.
- - End Of File - - AF0764CF4E23D6D6D833AC954AF305CB
         

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

• Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
• Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
• Klicke auf Scan.
• Warte bitte bis Scan finished successfully im DOS Fenster steht.
• Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

reicht ein quickscan?
wenn ja dann hier der log:

Code: Alles auswählenAufklappen

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-25 16:58:09
-----------------------------
16:58:09.354    OS Version: Windows x64 6.1.7601 Service Pack 1
16:58:09.354    Number of processors: 8 586 0x1E05
16:58:09.354    ComputerName: SINTHORAS  UserName: Sinthoras
16:58:10.444    Initialize success
17:16:53.264    AVAST engine defs: 12032500
17:23:16.310    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:23:16.310    Disk 0 Vendor: Hitachi_ FC4O Size: 305245MB BusType: 3
17:23:16.326    Disk 0 MBR read successfully
17:23:16.342    Disk 0 MBR scan
17:23:16.357    Disk 0 unknown MBR code
17:23:16.357    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
17:23:16.388    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       289332 MB offset 409600
17:23:16.420    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        15609 MB offset 592961536
17:23:16.435    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      103 MB offset 624928768
17:23:16.482    Disk 0 scanning C:\Windows\system32\drivers
17:23:27.464    Service scanning
17:23:50.506    Modules scanning
17:23:50.506    Disk 0 trace - called modules:
17:23:51.036    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll 
17:23:51.036    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800591e790]
17:23:51.052    3 CLASSPNP.SYS[fffff8800110f43f] -> nt!IofCallDriver -> [0xfffffa8005840b10]
17:23:51.052    5 hpdskflt.sys[fffff8800238a189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b4b050]
17:23:52.877    AVAST engine scan C:\Windows
17:23:56.153    AVAST engine scan C:\Windows\system32
17:26:42.235    AVAST engine scan C:\Windows\system32\drivers
17:26:54.824    AVAST engine scan C:\Users\Sinthoras
17:43:06.337    AVAST engine scan C:\ProgramData
17:49:46.805    Scan finished successfully
17:52:05.754    Disk 0 MBR has been saved successfully to "C:\Users\Sinthoras\Desktop\MBR.dat"
17:52:05.754    The log file has been saved successfully to "C:\Users\Sinthoras\Desktop\aswMBR.txt"
         

mfg
sinthoras

Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.

Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar.
Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast

Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

Anschließend Windows neu starten und ein neues Log mit aswMBR machen.

ist das wirklich notwendig?weil ich im moment keine möglichkeit hab eine sicherung durchzuführen mir wurde vor ein paar wochen meine externe gestohlen, ich müsst mir erst wieder eine besorgen gehen...

mfg sinthoras

Ja der MBR-Fix muss sein und wenn du meinst deine Daten müssen nie gesichert werden dann hast du auch keine wichtigen Daten
Mal ehrlich, ist das jetzt das erste mal dass man dir sagt, man muss wichtige Daten auch mal extern sichern?

nein natürlich nicht meine backups und meine sicherungen waren auf der festplatte nur die ist ja leider abhanden gekommen -.-
und das muss ich nun zugeben ich war bis weilen zu faul mir ne neue zu kaufen^^
das werd ich wohl jetzt korrigieren müssen.

mfg
sinthroras

Ja gut wenn du geklaut wurde ist das doof.
Hast du die überall mitgenommen? Das Medium wo all meine wichtigsten/persönlichsten Daten und auch die Backups drauf sind, würde ich niemals irgendwo mit nach draußen nehmen wo das mal eben geklaut werden kann!

die lag in meiner wohnung in meiner schreibtischschulade...
ich kann dir übrigens jetzt den rat geben niemals das fenster auf kipp zu machen auch wenn du nur zum supermarkt um die ecke gehst
btw hättest du ne empfehlung für ne platte(so 500gb)?

mfg
sinthoras

Zitat:

ich kann dir übrigens jetzt den rat geben niemals das fenster auf kipp zu machen auch wenn du nur zum supermarkt um die ecke gehst

EInbruch im 2.OG ist rel. schwierig, aber ich lass meine Fenster nie auf Kipp wenn ich länger als 5 Minuten weg bin

Zitat:

btw hättest du ne empfehlung für ne platte(so 500gb)?

Das ist schon fast egal. Du kannst dir auch eine interne Platte holen und dazu ein USB-Gehäuse um aus dieser internen Platte eine USB-PLatte zu machen. Muss du schauen was dir besser gefällt und wieviel Geld du ausgeben willst.

so neue festplatte habsch eingeweiht (die is schon fast voll hät wohl doch ne nummer größer holen sollen^^)
hier der log nach dem fix:

Code: Alles auswählenAufklappen

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-29 17:57:27
-----------------------------
17:57:27.365    OS Version: Windows x64 6.1.7601 Service Pack 1
17:57:27.365    Number of processors: 8 586 0x1E05
17:57:27.365    ComputerName: SINTHORAS  UserName: Sinthoras
17:57:35.118    Initialize success
17:57:44.821    AVAST engine defs: 12032900
17:57:57.848    The log file has been saved successfully to "C:\Users\Sinthoras\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-29 17:57:27
-----------------------------
17:57:27.365    OS Version: Windows x64 6.1.7601 Service Pack 1
17:57:27.365    Number of processors: 8 586 0x1E05
17:57:27.365    ComputerName: SINTHORAS  UserName: Sinthoras
17:57:35.118    Initialize success
17:57:44.821    AVAST engine defs: 12032900
17:57:57.848    The log file has been saved successfully to "C:\Users\Sinthoras\Desktop\aswMBR.txt"
17:58:44.342    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:58:44.358    Disk 0 Vendor: Hitachi_ FC4O Size: 305245MB BusType: 3
17:58:44.374    Disk 0 MBR read successfully
17:58:44.374    Disk 0 MBR scan
17:58:44.389    Disk 0 Windows 7 default MBR code
17:58:44.389    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
17:58:44.420    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       289332 MB offset 409600
17:58:44.452    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        15609 MB offset 592961536
17:58:44.498    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      103 MB offset 624928768
17:58:44.545    Disk 0 scanning C:\Windows\system32\drivers
17:59:09.349    Service scanning
17:59:41.595    Modules scanning
17:59:41.595    Disk 0 trace - called modules:
17:59:41.626    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll 
17:59:41.626    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005922790]
17:59:41.626    3 CLASSPNP.SYS[fffff8800115343f] -> nt!IofCallDriver -> [0xfffffa8005844b10]
17:59:41.641    5 hpdskflt.sys[fffff880023c2189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004aff050]
17:59:43.155    AVAST engine scan C:\Windows
17:59:49.889    AVAST engine scan C:\Windows\system32
18:03:33.125    AVAST engine scan C:\Windows\system32\drivers
18:04:03.686    AVAST engine scan C:\Users\Sinthoras
18:19:32.074    AVAST engine scan C:\ProgramData
18:26:24.102    Scan finished successfully
18:28:18.232    Disk 0 MBR has been saved successfully to "C:\Users\Sinthoras\Desktop\MBR.dat"
18:28:18.232    The log file has been saved successfully to "C:\Users\Sinthoras\Desktop\aswMBR.txt"
         

mfg

sinthoras