Wie kommst du auf die Idee das Log da rein zu posten
Wozu hast du diesen Strang eröffnert natürlich soll das Log hier gepostet werden!

Ich weiß echt nicht wie du auf diese Idee kommst, du hast alle anderen Logs doch auch hier in diesen Strang gepostet!

ok missverständnis, sorry

Zitat:

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-a...entfernen.html

Code: Alles auswählenAufklappen

ATTFilter

12:55:31.0134 1340	TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
12:55:31.0605 1340	============================================================
12:55:31.0605 1340	Current date / time: 2012/04/02 12:55:31.0605
12:55:31.0605 1340	SystemInfo:
12:55:31.0605 1340	
12:55:31.0605 1340	OS Version: 6.1.7601 ServicePack: 1.0
12:55:31.0605 1340	Product type: Workstation
12:55:31.0606 1340	ComputerName: ISA-PC
12:55:31.0606 1340	UserName: Isa
12:55:31.0606 1340	Windows directory: C:\Windows
12:55:31.0606 1340	System windows directory: C:\Windows
12:55:31.0606 1340	Processor architecture: Intel x86
12:55:31.0606 1340	Number of processors: 2
12:55:31.0606 1340	Page size: 0x1000
12:55:31.0606 1340	Boot type: Normal boot
12:55:31.0606 1340	============================================================
12:55:34.0057 1340	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:55:34.0140 1340	Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:55:34.0141 1340	\Device\Harddisk0\DR0:
12:55:34.0141 1340	MBR used
12:55:34.0141 1340	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:55:34.0141 1340	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
12:55:34.0141 1340	\Device\Harddisk1\DR1:
12:55:34.0141 1340	MBR used
12:55:34.0141 1340	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x3A384C01
12:55:34.0165 1340	Initialize success
12:55:34.0165 1340	============================================================
12:56:34.0272 1044	============================================================
12:56:34.0272 1044	Scan started
12:56:34.0272 1044	Mode: Manual; SigCheck; TDLFS; 
12:56:34.0272 1044	============================================================
12:56:35.0380 1044	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
12:56:35.0562 1044	1394ohci - ok
12:56:35.0596 1044	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
12:56:35.0619 1044	ACPI - ok
12:56:35.0661 1044	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
12:56:35.0742 1044	AcpiPmi - ok
12:56:35.0838 1044	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:56:35.0860 1044	AdobeARMservice - ok
12:56:35.0963 1044	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
12:56:35.0999 1044	adp94xx - ok
12:56:36.0018 1044	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
12:56:36.0042 1044	adpahci - ok
12:56:36.0056 1044	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
12:56:36.0075 1044	adpu320 - ok
12:56:36.0114 1044	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
12:56:36.0182 1044	AeLookupSvc - ok
12:56:36.0229 1044	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
12:56:36.0301 1044	AFD - ok
12:56:36.0360 1044	AgereSoftModem  (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
12:56:36.0452 1044	AgereSoftModem - ok
12:56:36.0536 1044	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
12:56:36.0555 1044	agp440 - ok
12:56:36.0600 1044	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
12:56:36.0616 1044	aic78xx - ok
12:56:36.0666 1044	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
12:56:36.0721 1044	ALG - ok
12:56:36.0755 1044	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
12:56:36.0770 1044	aliide - ok
12:56:36.0795 1044	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
12:56:36.0812 1044	amdagp - ok
12:56:36.0833 1044	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
12:56:36.0848 1044	amdide - ok
12:56:36.0886 1044	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
12:56:36.0945 1044	AmdK8 - ok
12:56:36.0966 1044	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
12:56:37.0006 1044	AmdPPM - ok
12:56:37.0058 1044	amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
12:56:37.0078 1044	amdsata - ok
12:56:37.0100 1044	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
12:56:37.0119 1044	amdsbs - ok
12:56:37.0135 1044	amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
12:56:37.0150 1044	amdxata - ok
12:56:37.0243 1044	AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
12:56:37.0289 1044	AntiVirSchedulerService - ok
12:56:37.0324 1044	AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
12:56:37.0340 1044	AntiVirService - ok
12:56:37.0394 1044	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
12:56:37.0494 1044	AppID - ok
12:56:37.0578 1044	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
12:56:37.0662 1044	AppIDSvc - ok
12:56:37.0712 1044	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
12:56:37.0778 1044	Appinfo - ok
12:56:37.0853 1044	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
12:56:37.0885 1044	arc - ok
12:56:37.0899 1044	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
12:56:37.0918 1044	arcsas - ok
12:56:37.0938 1044	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
12:56:38.0055 1044	AsyncMac - ok
12:56:38.0128 1044	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
12:56:38.0152 1044	atapi - ok
12:56:38.0209 1044	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
12:56:38.0272 1044	AudioEndpointBuilder - ok
12:56:38.0289 1044	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
12:56:38.0333 1044	Audiosrv - ok
12:56:38.0375 1044	avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
12:56:38.0407 1044	avgntflt - ok
12:56:38.0451 1044	avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
12:56:38.0467 1044	avipbb - ok
12:56:38.0488 1044	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
12:56:38.0500 1044	avkmgr - ok
12:56:38.0543 1044	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
12:56:38.0632 1044	AxInstSV - ok
12:56:38.0696 1044	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
12:56:38.0785 1044	b06bdrv - ok
12:56:38.0819 1044	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
12:56:38.0842 1044	b57nd60x - ok
12:56:38.0880 1044	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
12:56:38.0946 1044	BDESVC - ok
12:56:38.0961 1044	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
12:56:39.0009 1044	Beep - ok
12:56:39.0063 1044	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
12:56:39.0120 1044	BFE - ok
12:56:39.0164 1044	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
12:56:39.0234 1044	BITS - ok
12:56:39.0297 1044	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
12:56:39.0328 1044	blbdrive - ok
12:56:39.0365 1044	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
12:56:39.0387 1044	bowser - ok
12:56:39.0404 1044	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:56:39.0468 1044	BrFiltLo - ok
12:56:39.0490 1044	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:56:39.0557 1044	BrFiltUp - ok
12:56:39.0591 1044	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
12:56:39.0666 1044	Browser - ok
12:56:39.0766 1044	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
12:56:39.0813 1044	Brserid - ok
12:56:39.0835 1044	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
12:56:39.0874 1044	BrSerWdm - ok
12:56:39.0902 1044	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:56:39.0923 1044	BrUsbMdm - ok
12:56:39.0941 1044	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
12:56:39.0983 1044	BrUsbSer - ok
12:56:40.0004 1044	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
12:56:40.0036 1044	BTHMODEM - ok
12:56:40.0073 1044	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
12:56:40.0125 1044	bthserv - ok
12:56:40.0155 1044	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
12:56:40.0219 1044	cdfs - ok
12:56:40.0285 1044	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
12:56:40.0349 1044	cdrom - ok
12:56:40.0394 1044	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
12:56:40.0461 1044	CertPropSvc - ok
12:56:40.0498 1044	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
12:56:40.0524 1044	circlass - ok
12:56:40.0563 1044	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
12:56:40.0598 1044	CLFS - ok
12:56:40.0686 1044	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:56:40.0716 1044	clr_optimization_v2.0.50727_32 - ok
12:56:40.0793 1044	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:56:40.0826 1044	clr_optimization_v4.0.30319_32 - ok
12:56:40.0899 1044	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
12:56:40.0933 1044	CmBatt - ok
12:56:40.0967 1044	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
12:56:40.0995 1044	cmdide - ok
12:56:41.0038 1044	CNG             (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
12:56:41.0104 1044	CNG - ok
12:56:41.0142 1044	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
12:56:41.0160 1044	Compbatt - ok
12:56:41.0210 1044	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
12:56:41.0263 1044	CompositeBus - ok
12:56:41.0292 1044	COMSysApp - ok
12:56:41.0309 1044	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
12:56:41.0337 1044	crcdisk - ok
12:56:41.0379 1044	CryptSvc        (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
12:56:41.0449 1044	CryptSvc - ok
12:56:41.0472 1044	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
12:56:41.0533 1044	DcomLaunch - ok
12:56:41.0567 1044	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
12:56:41.0620 1044	defragsvc - ok
12:56:41.0691 1044	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
12:56:41.0756 1044	DfsC - ok
12:56:41.0812 1044	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
12:56:41.0889 1044	Dhcp - ok
12:56:41.0915 1044	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
12:56:41.0961 1044	discache - ok
12:56:41.0997 1044	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
12:56:42.0016 1044	Disk - ok
12:56:42.0047 1044	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
12:56:42.0115 1044	Dnscache - ok
12:56:42.0157 1044	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
12:56:42.0224 1044	dot3svc - ok
12:56:42.0249 1044	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
12:56:42.0310 1044	DPS - ok
12:56:42.0383 1044	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
12:56:42.0428 1044	drmkaud - ok
12:56:42.0479 1044	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
12:56:42.0548 1044	DXGKrnl - ok
12:56:42.0582 1044	E100B           (20de769b84960606d8dbb2aec123021a) C:\Windows\system32\DRIVERS\e100b325.sys
12:56:42.0637 1044	E100B - ok
12:56:42.0666 1044	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
12:56:42.0730 1044	EapHost - ok
12:56:42.0845 1044	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
12:56:42.0949 1044	ebdrv - ok
12:56:43.0019 1044	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
12:56:43.0070 1044	EFS - ok
12:56:43.0130 1044	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
12:56:43.0219 1044	ehRecvr - ok
12:56:43.0253 1044	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
12:56:43.0330 1044	ehSched - ok
12:56:43.0438 1044	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
12:56:43.0480 1044	elxstor - ok
12:56:43.0515 1044	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
12:56:43.0557 1044	ErrDev - ok
12:56:43.0611 1044	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
12:56:43.0699 1044	EventSystem - ok
12:56:43.0719 1044	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
12:56:43.0766 1044	exfat - ok
12:56:43.0794 1044	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
12:56:43.0847 1044	fastfat - ok
12:56:43.0891 1044	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
12:56:43.0955 1044	Fax - ok
12:56:43.0983 1044	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
12:56:44.0013 1044	fdc - ok
12:56:44.0051 1044	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
12:56:44.0104 1044	fdPHost - ok
12:56:44.0120 1044	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
12:56:44.0206 1044	FDResPub - ok
12:56:44.0229 1044	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
12:56:44.0248 1044	FileInfo - ok
12:56:44.0259 1044	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
12:56:44.0307 1044	Filetrace - ok
12:56:44.0332 1044	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
12:56:44.0365 1044	flpydisk - ok
12:56:44.0394 1044	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
12:56:44.0414 1044	FltMgr - ok
12:56:44.0458 1044	FontCache       (fa6c66e4364d7da57aade5dcc03bb999) C:\Windows\system32\FntCache.dll
12:56:44.0529 1044	FontCache - ok
12:56:44.0611 1044	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:56:44.0636 1044	FontCache3.0.0.0 - ok
12:56:44.0660 1044	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
12:56:44.0675 1044	FsDepends - ok
12:56:44.0686 1044	Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
12:56:44.0700 1044	Fs_Rec - ok
12:56:44.0737 1044	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
12:56:44.0772 1044	fvevol - ok
12:56:44.0798 1044	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:56:44.0814 1044	gagp30kx - ok
12:56:44.0848 1044	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
12:56:44.0911 1044	gpsvc - ok
12:56:44.0987 1044	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:56:45.0014 1044	gupdate - ok
12:56:45.0030 1044	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:56:45.0055 1044	gupdatem - ok
12:56:45.0120 1044	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
12:56:45.0179 1044	hcw85cir - ok
12:56:45.0226 1044	HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
12:56:45.0269 1044	HdAudAddService - ok
12:56:45.0301 1044	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
12:56:45.0348 1044	HDAudBus - ok
12:56:45.0486 1044	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
12:56:45.0509 1044	HidBatt - ok
12:56:45.0531 1044	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
12:56:45.0564 1044	HidBth - ok
12:56:45.0593 1044	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
12:56:45.0625 1044	HidIr - ok
12:56:45.0655 1044	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
12:56:45.0708 1044	hidserv - ok
12:56:45.0755 1044	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
12:56:45.0773 1044	HidUsb - ok
12:56:45.0808 1044	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
12:56:45.0873 1044	hkmsvc - ok
12:56:45.0891 1044	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
12:56:45.0935 1044	HomeGroupListener - ok
12:56:45.0976 1044	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
12:56:46.0010 1044	HomeGroupProvider - ok
12:56:46.0092 1044	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
12:56:46.0118 1044	HpSAMD - ok
12:56:46.0186 1044	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
12:56:46.0250 1044	HTTP - ok
12:56:46.0279 1044	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
12:56:46.0292 1044	hwpolicy - ok
12:56:46.0315 1044	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
12:56:46.0334 1044	i8042prt - ok
12:56:46.0393 1044	iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
12:56:46.0423 1044	iaStorV - ok
12:56:46.0524 1044	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:56:46.0570 1044	idsvc - ok
12:56:46.0617 1044	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
12:56:46.0633 1044	iirsp - ok
12:56:46.0683 1044	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
12:56:46.0748 1044	IKEEXT - ok
12:56:46.0777 1044	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
12:56:46.0791 1044	intelide - ok
12:56:46.0811 1044	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
12:56:46.0828 1044	intelppm - ok
12:56:46.0849 1044	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
12:56:46.0902 1044	IPBusEnum - ok
12:56:46.0932 1044	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:56:46.0982 1044	IpFilterDriver - ok
12:56:47.0032 1044	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
12:56:47.0099 1044	iphlpsvc - ok
12:56:47.0138 1044	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
12:56:47.0188 1044	IPMIDRV - ok
12:56:47.0214 1044	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
12:56:47.0255 1044	IPNAT - ok
12:56:47.0286 1044	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
12:56:47.0323 1044	IRENUM - ok
12:56:47.0354 1044	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
12:56:47.0369 1044	isapnp - ok
12:56:47.0394 1044	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
12:56:47.0415 1044	iScsiPrt - ok
12:56:47.0453 1044	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
12:56:47.0468 1044	kbdclass - ok
12:56:47.0501 1044	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
12:56:47.0528 1044	kbdhid - ok
12:56:47.0548 1044	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:56:47.0566 1044	KeyIso - ok
12:56:47.0583 1044	KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
12:56:47.0599 1044	KSecDD - ok
12:56:47.0612 1044	KSecPkg         (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
12:56:47.0630 1044	KSecPkg - ok
12:56:47.0682 1044	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
12:56:47.0756 1044	KtmRm - ok
12:56:47.0789 1044	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
12:56:47.0850 1044	LanmanServer - ok
12:56:47.0895 1044	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
12:56:47.0937 1044	LanmanWorkstation - ok
12:56:48.0010 1044	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
12:56:48.0082 1044	lltdio - ok
12:56:48.0127 1044	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
12:56:48.0171 1044	lltdsvc - ok
12:56:48.0193 1044	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
12:56:48.0234 1044	lmhosts - ok
12:56:48.0255 1044	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:56:48.0271 1044	LSI_FC - ok
12:56:48.0295 1044	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:56:48.0312 1044	LSI_SAS - ok
12:56:48.0325 1044	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:56:48.0341 1044	LSI_SAS2 - ok
12:56:48.0354 1044	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:56:48.0371 1044	LSI_SCSI - ok
12:56:48.0384 1044	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
12:56:48.0425 1044	luafv - ok
12:56:48.0462 1044	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
12:56:48.0474 1044	MBAMProtector - ok
12:56:48.0528 1044	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:56:48.0562 1044	MBAMService - ok
12:56:48.0586 1044	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
12:56:48.0607 1044	Mcx2Svc - ok
12:56:48.0634 1044	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
12:56:48.0649 1044	megasas - ok
12:56:48.0676 1044	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
12:56:48.0697 1044	MegaSR - ok
12:56:48.0725 1044	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
12:56:48.0773 1044	MMCSS - ok
12:56:48.0785 1044	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
12:56:48.0839 1044	Modem - ok
12:56:48.0857 1044	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
12:56:48.0887 1044	monitor - ok
12:56:48.0923 1044	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
12:56:48.0938 1044	mouclass - ok
12:56:48.0975 1044	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
12:56:49.0005 1044	mouhid - ok
12:56:49.0035 1044	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
12:56:49.0051 1044	mountmgr - ok
12:56:49.0083 1044	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
12:56:49.0115 1044	mpio - ok
12:56:49.0131 1044	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
12:56:49.0178 1044	mpsdrv - ok
12:56:49.0226 1044	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
12:56:49.0289 1044	MpsSvc - ok
12:56:49.0326 1044	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
12:56:49.0384 1044	MRxDAV - ok
12:56:49.0426 1044	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:56:49.0487 1044	mrxsmb - ok
12:56:49.0524 1044	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:56:49.0565 1044	mrxsmb10 - ok
12:56:49.0593 1044	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:56:49.0622 1044	mrxsmb20 - ok
12:56:49.0662 1044	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
12:56:49.0695 1044	msahci - ok
12:56:49.0720 1044	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
12:56:49.0737 1044	msdsm - ok
12:56:49.0774 1044	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
12:56:49.0824 1044	MSDTC - ok
12:56:49.0852 1044	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
12:56:49.0891 1044	Msfs - ok
12:56:49.0913 1044	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
12:56:49.0951 1044	mshidkmdf - ok
12:56:49.0969 1044	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
12:56:49.0983 1044	msisadrv - ok
12:56:50.0023 1044	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
12:56:50.0070 1044	MSiSCSI - ok
12:56:50.0110 1044	msiserver - ok
12:56:50.0260 1044	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
12:56:50.0333 1044	MSKSSRV - ok
12:56:50.0357 1044	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
12:56:50.0405 1044	MSPCLOCK - ok
12:56:50.0430 1044	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
12:56:50.0491 1044	MSPQM - ok
12:56:50.0542 1044	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
12:56:50.0580 1044	MsRPC - ok
12:56:50.0608 1044	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
12:56:50.0626 1044	mssmbios - ok
12:56:50.0638 1044	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
12:56:50.0677 1044	MSTEE - ok
12:56:50.0697 1044	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
12:56:50.0715 1044	MTConfig - ok
12:56:50.0726 1044	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
12:56:50.0741 1044	Mup - ok
12:56:50.0783 1044	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
12:56:50.0842 1044	napagent - ok
12:56:50.0916 1044	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
12:56:50.0955 1044	NativeWifiP - ok
12:56:50.0986 1044	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
12:56:51.0022 1044	NDIS - ok
12:56:51.0046 1044	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
12:56:51.0089 1044	NdisCap - ok
12:56:51.0109 1044	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
12:56:51.0159 1044	NdisTapi - ok
12:56:51.0201 1044	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
12:56:51.0237 1044	Ndisuio - ok
12:56:51.0270 1044	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
12:56:51.0329 1044	NdisWan - ok
12:56:51.0376 1044	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
12:56:51.0425 1044	NDProxy - ok
12:56:51.0464 1044	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
12:56:51.0546 1044	NetBIOS - ok
12:56:51.0586 1044	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
12:56:51.0643 1044	NetBT - ok
12:56:51.0665 1044	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:56:51.0692 1044	Netlogon - ok
12:56:51.0733 1044	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
12:56:51.0792 1044	Netman - ok
12:56:51.0828 1044	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
12:56:51.0886 1044	netprofm - ok
12:56:51.0972 1044	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:56:51.0997 1044	NetTcpPortSharing - ok
12:56:52.0155 1044	netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
12:56:52.0315 1044	netw5v32 - ok
12:56:52.0408 1044	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
12:56:52.0438 1044	nfrd960 - ok
12:56:52.0480 1044	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
12:56:52.0564 1044	NlaSvc - ok
12:56:52.0576 1044	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
12:56:52.0639 1044	Npfs - ok
12:56:52.0669 1044	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
12:56:52.0709 1044	nsi - ok
12:56:52.0719 1044	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
12:56:52.0770 1044	nsiproxy - ok
12:56:52.0817 1044	Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
12:56:52.0869 1044	Ntfs - ok
12:56:52.0887 1044	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
12:56:52.0935 1044	Null - ok
12:56:53.0118 1044	nvlddmkm        (05b288b25c2ebd9a4e9e5114ae790876) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:56:53.0409 1044	nvlddmkm - ok
12:56:53.0518 1044	nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
12:56:53.0552 1044	nvraid - ok
12:56:53.0575 1044	nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
12:56:53.0593 1044	nvstor - ok
12:56:53.0633 1044	nvsvc           (e937a615d4289e83e234c3ec26092431) C:\Windows\system32\nvvsvc.exe
12:56:53.0651 1044	nvsvc - ok
12:56:53.0672 1044	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
12:56:53.0689 1044	nv_agp - ok
12:56:53.0714 1044	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
12:56:53.0739 1044	ohci1394 - ok
12:56:53.0772 1044	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
12:56:53.0823 1044	p2pimsvc - ok
12:56:53.0852 1044	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
12:56:53.0900 1044	p2psvc - ok
12:56:53.0931 1044	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
12:56:53.0958 1044	Parport - ok
12:56:53.0986 1044	partmgr         (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
12:56:54.0001 1044	partmgr - ok
12:56:54.0024 1044	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
12:56:54.0041 1044	Parvdm - ok
12:56:54.0063 1044	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
12:56:54.0087 1044	PcaSvc - ok
12:56:54.0117 1044	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
12:56:54.0135 1044	pci - ok
12:56:54.0151 1044	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
12:56:54.0166 1044	pciide - ok
12:56:54.0179 1044	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
12:56:54.0198 1044	pcmcia - ok
12:56:54.0209 1044	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
12:56:54.0224 1044	pcw - ok
12:56:54.0253 1044	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
12:56:54.0315 1044	PEAUTH - ok
12:56:54.0387 1044	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
12:56:54.0485 1044	pla - ok
12:56:54.0570 1044	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
12:56:54.0633 1044	PlugPlay - ok
12:56:54.0660 1044	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
12:56:54.0694 1044	PNRPAutoReg - ok
12:56:54.0715 1044	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
12:56:54.0741 1044	PNRPsvc - ok
12:56:54.0808 1044	Point32         (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
12:56:54.0832 1044	Point32 - ok
12:56:54.0869 1044	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
12:56:54.0921 1044	PolicyAgent - ok
12:56:54.0948 1044	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
12:56:54.0989 1044	Power - ok
12:56:55.0032 1044	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
12:56:55.0109 1044	PptpMiniport - ok
12:56:55.0142 1044	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
12:56:55.0175 1044	Processor - ok
12:56:55.0231 1044	ProfSvc         (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
12:56:55.0287 1044	ProfSvc - ok
12:56:55.0315 1044	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:56:55.0332 1044	ProtectedStorage - ok
12:56:55.0362 1044	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
12:56:55.0411 1044	Psched - ok
12:56:55.0461 1044	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
12:56:55.0519 1044	ql2300 - ok
12:56:55.0538 1044	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
12:56:55.0555 1044	ql40xx - ok
12:56:55.0594 1044	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
12:56:55.0655 1044	QWAVE - ok
12:56:55.0667 1044	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
12:56:55.0688 1044	QWAVEdrv - ok
12:56:55.0709 1044	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
12:56:55.0760 1044	RasAcd - ok
12:56:55.0810 1044	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:56:55.0885 1044	RasAgileVpn - ok
12:56:55.0907 1044	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
12:56:55.0950 1044	RasAuto - ok
12:56:55.0972 1044	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:56:56.0021 1044	Rasl2tp - ok
12:56:56.0081 1044	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
12:56:56.0149 1044	RasMan - ok
12:56:56.0177 1044	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
12:56:56.0216 1044	RasPppoe - ok
12:56:56.0254 1044	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
12:56:56.0330 1044	RasSstp - ok
12:56:56.0368 1044	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
12:56:56.0438 1044	rdbss - ok
12:56:56.0466 1044	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
12:56:56.0500 1044	rdpbus - ok
12:56:56.0533 1044	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:56:56.0596 1044	RDPCDD - ok
12:56:56.0629 1044	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
12:56:56.0676 1044	RDPENCDD - ok
12:56:56.0696 1044	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
12:56:56.0743 1044	RDPREFMP - ok
12:56:56.0771 1044	RDPWD           (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
12:56:56.0815 1044	RDPWD - ok
12:56:56.0869 1044	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
12:56:56.0896 1044	rdyboost - ok
12:56:56.0933 1044	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
12:56:56.0993 1044	RemoteAccess - ok
12:56:57.0047 1044	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
12:56:57.0116 1044	RemoteRegistry - ok
12:56:57.0156 1044	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
12:56:57.0231 1044	RpcEptMapper - ok
12:56:57.0259 1044	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
12:56:57.0282 1044	RpcLocator - ok
12:56:57.0318 1044	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
12:56:57.0361 1044	RpcSs - ok
12:56:57.0426 1044	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
12:56:57.0489 1044	rspndr - ok
12:56:57.0511 1044	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:56:57.0528 1044	SamSs - ok
12:56:57.0572 1044	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
12:56:57.0588 1044	sbp2port - ok
12:56:57.0622 1044	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
12:56:57.0663 1044	SCardSvr - ok
12:56:57.0698 1044	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
12:56:57.0766 1044	scfilter - ok
12:56:57.0814 1044	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
12:56:57.0918 1044	Schedule - ok
12:56:57.0958 1044	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
12:56:58.0010 1044	SCPolicySvc - ok
12:56:58.0090 1044	sdbus           (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
12:56:58.0143 1044	sdbus - ok
12:56:58.0177 1044	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
12:56:58.0227 1044	SDRSVC - ok
12:56:58.0282 1044	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:56:58.0352 1044	secdrv - ok
12:56:58.0378 1044	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
12:56:58.0431 1044	seclogon - ok
12:56:58.0467 1044	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
12:56:58.0521 1044	SENS - ok
12:56:58.0553 1044	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
12:56:58.0597 1044	SensrSvc - ok
12:56:58.0650 1044	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
12:56:58.0689 1044	Serenum - ok
12:56:58.0726 1044	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
12:56:58.0761 1044	Serial - ok
12:56:58.0797 1044	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
12:56:58.0830 1044	sermouse - ok
12:56:58.0869 1044	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
12:56:58.0950 1044	SessionEnv - ok
12:56:58.0987 1044	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
12:56:59.0036 1044	sffdisk - ok
12:56:59.0049 1044	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
12:56:59.0075 1044	sffp_mmc - ok
12:56:59.0095 1044	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
12:56:59.0115 1044	sffp_sd - ok
12:56:59.0136 1044	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
12:56:59.0166 1044	sfloppy - ok
12:56:59.0206 1044	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
12:56:59.0265 1044	SharedAccess - ok
12:56:59.0312 1044	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
12:56:59.0382 1044	ShellHWDetection - ok
12:56:59.0444 1044	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
12:56:59.0476 1044	sisagp - ok
12:56:59.0525 1044	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:56:59.0554 1044	SiSRaid2 - ok
12:56:59.0573 1044	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
12:56:59.0589 1044	SiSRaid4 - ok
12:56:59.0615 1044	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
12:56:59.0654 1044	Smb - ok
12:56:59.0701 1044	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
12:56:59.0726 1044	SNMPTRAP - ok
12:56:59.0738 1044	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
12:56:59.0753 1044	spldr - ok
12:56:59.0784 1044	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
12:56:59.0829 1044	Spooler - ok
12:56:59.0918 1044	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
12:57:00.0040 1044	sppsvc - ok
12:57:00.0109 1044	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
12:57:00.0182 1044	sppuinotify - ok
12:57:00.0252 1044	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
12:57:00.0299 1044	srv - ok
12:57:00.0315 1044	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
12:57:00.0353 1044	srv2 - ok
12:57:00.0378 1044	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
12:57:00.0396 1044	srvnet - ok
12:57:00.0429 1044	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
12:57:00.0496 1044	SSDPSRV - ok
12:57:00.0522 1044	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
12:57:00.0543 1044	ssmdrv - ok
12:57:00.0562 1044	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
12:57:00.0636 1044	SstpSvc - ok
12:57:00.0679 1044	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
12:57:00.0694 1044	stexstor - ok
12:57:00.0746 1044	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
12:57:00.0793 1044	StiSvc - ok
12:57:00.0825 1044	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
12:57:00.0839 1044	swenum - ok
12:57:00.0877 1044	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
12:57:00.0936 1044	swprv - ok
12:57:00.0988 1044	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
12:57:01.0041 1044	SysMain - ok
12:57:01.0071 1044	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
12:57:01.0096 1044	TabletInputService - ok
12:57:01.0133 1044	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
12:57:01.0176 1044	TapiSrv - ok
12:57:01.0211 1044	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
12:57:01.0263 1044	TBS - ok
12:57:01.0362 1044	Tcpip           (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
12:57:01.0417 1044	Tcpip - ok
12:57:01.0534 1044	TCPIP6          (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
12:57:01.0577 1044	TCPIP6 - ok
12:57:01.0623 1044	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
12:57:01.0686 1044	tcpipreg - ok
12:57:01.0714 1044	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
12:57:01.0740 1044	TDPIPE - ok
12:57:01.0765 1044	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
12:57:01.0797 1044	TDTCP - ok
12:57:01.0829 1044	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
12:57:01.0905 1044	tdx - ok
12:57:01.0933 1044	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
12:57:01.0949 1044	TermDD - ok
12:57:01.0996 1044	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
12:57:02.0086 1044	TermService - ok
12:57:02.0112 1044	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
12:57:02.0155 1044	Themes - ok
12:57:02.0191 1044	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
12:57:02.0246 1044	THREADORDER - ok
12:57:02.0273 1044	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
12:57:02.0330 1044	TrkWks - ok
12:57:02.0370 1044	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
12:57:02.0428 1044	TrustedInstaller - ok
12:57:02.0480 1044	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:57:02.0532 1044	tssecsrv - ok
12:57:02.0558 1044	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
12:57:02.0600 1044	TsUsbFlt - ok
12:57:02.0654 1044	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
12:57:02.0719 1044	tunnel - ok
12:57:02.0774 1044	TVALZ           (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:57:02.0785 1044	TVALZ - ok
12:57:02.0811 1044	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
12:57:02.0826 1044	uagp35 - ok
12:57:02.0864 1044	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
12:57:02.0911 1044	udfs - ok
12:57:02.0949 1044	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
12:57:02.0980 1044	UI0Detect - ok
12:57:03.0029 1044	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
12:57:03.0059 1044	uliagpkx - ok
12:57:03.0099 1044	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
12:57:03.0132 1044	umbus - ok
12:57:03.0163 1044	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
12:57:03.0197 1044	UmPass - ok
12:57:03.0239 1044	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
12:57:03.0319 1044	upnphost - ok
12:57:03.0355 1044	usbccgp         (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers\usbccgp.sys
12:57:03.0405 1044	usbccgp - ok
12:57:03.0432 1044	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
12:57:03.0471 1044	usbcir - ok
12:57:03.0498 1044	usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
12:57:03.0515 1044	usbehci - ok
12:57:03.0550 1044	usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
12:57:03.0582 1044	usbhub - ok
12:57:03.0607 1044	usbohci         (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
12:57:03.0637 1044	usbohci - ok
12:57:03.0672 1044	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
12:57:03.0693 1044	usbprint - ok
12:57:03.0716 1044	USBSTOR         (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
12:57:03.0753 1044	USBSTOR - ok
12:57:03.0775 1044	usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
12:57:03.0793 1044	usbuhci - ok
12:57:03.0819 1044	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
12:57:03.0871 1044	UxSms - ok
12:57:03.0900 1044	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
12:57:03.0942 1044	VaultSvc - ok
12:57:03.0974 1044	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
12:57:03.0988 1044	vdrvroot - ok
12:57:04.0024 1044	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
12:57:04.0125 1044	vds - ok
12:57:04.0156 1044	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
12:57:04.0176 1044	vga - ok
12:57:04.0196 1044	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
12:57:04.0235 1044	VgaSave - ok
12:57:04.0270 1044	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
12:57:04.0289 1044	vhdmp - ok
12:57:04.0338 1044	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
12:57:04.0358 1044	viaagp - ok
12:57:04.0384 1044	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
12:57:04.0423 1044	ViaC7 - ok
12:57:04.0451 1044	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
12:57:04.0468 1044	viaide - ok
12:57:04.0493 1044	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
12:57:04.0508 1044	volmgr - ok
12:57:04.0553 1044	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
12:57:04.0576 1044	volmgrx - ok
12:57:04.0610 1044	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
12:57:04.0631 1044	volsnap - ok
12:57:04.0662 1044	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
12:57:04.0685 1044	vsmraid - ok
12:57:04.0750 1044	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
12:57:04.0879 1044	VSS - ok
12:57:04.0929 1044	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
12:57:04.0969 1044	vwifibus - ok
12:57:05.0020 1044	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
12:57:05.0096 1044	W32Time - ok
12:57:05.0119 1044	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
12:57:05.0151 1044	WacomPen - ok
12:57:05.0201 1044	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
12:57:05.0268 1044	WANARP - ok
12:57:05.0274 1044	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
12:57:05.0330 1044	Wanarpv6 - ok
12:57:05.0396 1044	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
12:57:05.0456 1044	wbengine - ok
12:57:05.0486 1044	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
12:57:05.0523 1044	WbioSrvc - ok
12:57:05.0565 1044	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
12:57:05.0601 1044	wcncsvc - ok
12:57:05.0623 1044	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
12:57:05.0658 1044	WcsPlugInService - ok
12:57:05.0711 1044	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
12:57:05.0726 1044	Wd - ok
12:57:05.0752 1044	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
12:57:05.0781 1044	Wdf01000 - ok
12:57:05.0802 1044	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
12:57:05.0876 1044	WdiServiceHost - ok
12:57:05.0886 1044	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
12:57:05.0910 1044	WdiSystemHost - ok
12:57:05.0938 1044	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
12:57:05.0977 1044	WebClient - ok
12:57:05.0997 1044	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
12:57:06.0042 1044	Wecsvc - ok
12:57:06.0061 1044	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
12:57:06.0110 1044	wercplsupport - ok
12:57:06.0149 1044	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
12:57:06.0207 1044	WerSvc - ok
12:57:06.0259 1044	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
12:57:06.0298 1044	WfpLwf - ok
12:57:06.0314 1044	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
12:57:06.0328 1044	WIMMount - ok
12:57:06.0423 1044	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
12:57:06.0486 1044	WinDefend - ok
12:57:06.0491 1044	WinHttpAutoProxySvc - ok
12:57:06.0534 1044	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
12:57:06.0575 1044	Winmgmt - ok
12:57:06.0626 1044	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
12:57:06.0703 1044	WinRM - ok
12:57:06.0793 1044	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
12:57:06.0847 1044	Wlansvc - ok
12:57:06.0905 1044	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
12:57:06.0937 1044	WmiAcpi - ok
12:57:06.0989 1044	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
12:57:07.0041 1044	wmiApSrv - ok
12:57:07.0140 1044	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:57:07.0230 1044	WMPNetworkSvc - ok
12:57:07.0297 1044	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
12:57:07.0346 1044	WPCSvc - ok
12:57:07.0373 1044	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
12:57:07.0465 1044	WPDBusEnum - ok
12:57:07.0519 1044	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
12:57:07.0587 1044	ws2ifsl - ok
12:57:07.0615 1044	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
12:57:07.0650 1044	wscsvc - ok
12:57:07.0660 1044	WSearch - ok
12:57:07.0730 1044	wuauserv        (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
12:57:07.0818 1044	wuauserv - ok
12:57:07.0869 1044	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
12:57:07.0906 1044	WudfPf - ok
12:57:07.0951 1044	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:57:07.0989 1044	WUDFRd - ok
12:57:08.0034 1044	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
12:57:08.0085 1044	wudfsvc - ok
12:57:08.0116 1044	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
12:57:08.0151 1044	WwanSvc - ok
12:57:08.0168 1044	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:57:08.0299 1044	\Device\Harddisk0\DR0 - ok
12:57:08.0302 1044	MBR (0x1B8)     (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk1\DR1
12:57:14.0945 1044	\Device\Harddisk1\DR1 - ok
12:57:14.0959 1044	Boot (0x1200)   (6fdcdb384eb402f5fb79a7fa17b3665d) \Device\Harddisk0\DR0\Partition0
12:57:14.0960 1044	\Device\Harddisk0\DR0\Partition0 - ok
12:57:14.0987 1044	Boot (0x1200)   (15031afd4d9f49814de92e81c9326051) \Device\Harddisk0\DR0\Partition1
12:57:14.0988 1044	\Device\Harddisk0\DR0\Partition1 - ok
12:57:14.0990 1044	Boot (0x1200)   (10d3435927362cf0cbf8b5c8d71f1609) \Device\Harddisk1\DR1\Partition0
12:57:14.0991 1044	\Device\Harddisk1\DR1\Partition0 - ok
12:57:14.0991 1044	============================================================
12:57:14.0991 1044	Scan finished
12:57:14.0991 1044	============================================================
12:57:14.0993 2328	Detected object count: 0
12:57:14.0993 2328	Actual detected object count: 0
         

Zitat:

ok missverständnis, sorry

Der Link dazu ist eine Anleitung! Wenn man das mal richtig liest ist der Artikel auch klar als Anleitung erkennbar!

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop.

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 12-04-01.01 - Isa 02.04.2012  13:57:50.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.1022.387 [GMT 2:00]
ausgeführt von:: c:\users\Isa\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-02 bis 2012-04-02  ))))))))))))))))))))))))))))))
.
.
2012-04-02 12:04 . 2012-04-02 12:04	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-02 11:58 . 2012-04-02 11:58	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DACFB00C-1D88-4AE7-B991-93505BE666E0}\offreg.dll
2012-04-02 09:16 . 2012-04-02 09:16	--------	d-----w-	C:\_OTL
2012-04-01 12:06 . 2012-04-01 12:06	--------	d-----w-	c:\programdata\WinZip
2012-03-30 18:01 . 2012-03-30 18:01	--------	d-----w-	c:\program files\Common Files\Java
2012-03-30 18:01 . 2012-03-30 18:00	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-03-30 18:00 . 2012-03-30 18:00	--------	d-----w-	c:\program files\Java
2012-03-30 17:30 . 2012-03-30 17:30	--------	d-----w-	c:\program files\ESET
2012-03-30 16:59 . 2012-03-14 02:15	6582328	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DACFB00C-1D88-4AE7-B991-93505BE666E0}\mpengine.dll
2012-03-29 17:37 . 2012-03-29 17:37	--------	d-----w-	c:\program files\7-Zip
2012-03-29 16:49 . 2012-03-29 16:49	--------	d-----w-	c:\program files\Microsoft IntelliPoint
2012-03-29 16:49 . 2012-03-29 16:49	--------	d-----w-	c:\windows\PCHEALTH
2012-03-29 14:36 . 2012-03-29 14:36	--------	d-----w-	c:\users\Isa\AppData\Roaming\Malwarebytes
2012-03-29 14:36 . 2012-03-29 14:36	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-29 14:36 . 2012-03-29 14:36	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-03-29 14:36 . 2011-12-10 13:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-16 12:46 . 2012-03-16 12:46	--------	d-----w-	c:\program files\AC3Filter
2012-03-16 12:46 . 2009-07-19 15:03	497664	----a-w-	c:\windows\system32\ac3filter.acm
2012-03-16 12:38 . 2012-03-16 12:39	--------	d-----w-	c:\users\Isa\AppData\Roaming\DivX
2012-03-16 12:37 . 2012-04-01 12:03	--------	d-----w-	c:\program files\Common Files\PX Storage Engine
2012-03-16 12:25 . 2012-03-16 12:34	--------	d-----w-	c:\users\Isa\AppData\Local\Google
2012-03-16 12:25 . 2012-03-16 12:27	--------	d-----w-	c:\program files\Google
2012-03-16 12:24 . 2012-04-01 12:03	--------	d-----w-	c:\program files\DivX
2012-03-16 12:23 . 2012-04-01 12:03	--------	d-----w-	c:\programdata\DivX
2012-03-16 09:22 . 2011-11-19 14:50	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-03-16 09:22 . 2011-11-19 14:50	3913584	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-14 09:46 . 2012-02-03 03:54	2343424	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 09:46 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 09:41 . 2012-01-25 05:32	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 09:41 . 2012-01-25 05:32	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 09:41 . 2012-01-25 05:27	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-14 09:40 . 2012-02-17 05:34	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 09:40 . 2012-02-17 04:14	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-14 09:40 . 2012-02-17 04:13	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-14 09:35 . 2012-03-14 09:35	--------	d-----w-	c:\programdata\boost_interprocess
2012-03-10 18:17 . 2012-03-10 18:17	--------	d-----w-	c:\windows\system32\SPReview
2012-03-10 18:16 . 2012-03-10 18:16	--------	d-----w-	c:\windows\system32\EventProviders
2012-03-10 16:47 . 2010-11-05 01:58	1130824	----a-w-	c:\windows\system32\dfshim.dll
2012-03-10 16:46 . 2010-11-20 12:21	1010688	----a-w-	c:\windows\system32\WindowsCodecs.dll
2012-03-10 16:45 . 2010-11-20 12:21	1326592	----a-w-	c:\windows\system32\wlanpref.dll
2012-03-10 16:44 . 2010-11-20 12:21	11264	----a-w-	c:\windows\system32\wshirda.dll
2012-03-10 16:19 . 2011-03-25 02:58	284672	----a-w-	c:\windows\system32\drivers\usbport.sys
2012-03-10 12:13 . 2012-03-10 12:13	--------	d-----w-	c:\program files\Microsoft.NET
2012-03-10 12:03 . 2012-03-10 12:03	--------	d-----w-	c:\windows\system32\wbem\en-US
2012-03-09 20:30 . 2010-02-11 07:10	293376	----a-w-	c:\windows\system32\browserchoice.exe
2012-03-08 18:12 . 2012-01-31 07:56	74640	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-03-08 18:12 . 2012-01-31 07:56	137416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-03-08 18:12 . 2011-09-16 15:08	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-03-08 18:12 . 2012-03-08 18:12	--------	d-----w-	c:\programdata\Avira
2012-03-08 18:12 . 2012-03-08 18:12	--------	d-----w-	c:\program files\Avira
2012-03-08 17:57 . 2011-04-29 02:46	311808	----a-w-	c:\windows\system32\drivers\srv.sys
2012-03-08 17:57 . 2011-04-29 02:46	310272	----a-w-	c:\windows\system32\drivers\srv2.sys
2012-03-08 17:57 . 2011-04-29 02:46	114688	----a-w-	c:\windows\system32\drivers\srvnet.sys
2012-03-08 17:57 . 2011-04-25 02:18	338944	----a-w-	c:\windows\system32\drivers\afd.sys
2012-03-08 17:57 . 2011-09-29 16:03	1290608	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-03-08 17:57 . 2010-11-20 12:29	187776	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-03-08 17:57 . 2011-11-17 05:38	1288472	----a-w-	c:\windows\system32\ntdll.dll
2012-03-08 17:57 . 2011-02-18 05:39	31232	----a-w-	c:\windows\system32\prevhost.exe
2012-03-08 17:56 . 2011-03-03 05:38	132608	----a-w-	c:\windows\system32\dnsrslvr.dll
2012-03-08 17:56 . 2011-03-03 05:36	28672	----a-w-	c:\windows\system32\dnscacheugc.exe
2012-03-08 17:56 . 2011-02-19 06:30	34304	----a-w-	c:\windows\system32\atmlib.dll
2012-03-08 17:56 . 2011-02-19 04:34	294912	----a-w-	c:\windows\system32\atmfd.dll
2012-03-08 17:56 . 2010-09-30 06:47	70656	----a-w-	c:\windows\system32\fontsub.dll
2012-03-08 17:56 . 2011-10-01 04:37	708608	----a-w-	c:\program files\Common Files\System\wab32.dll
2012-03-08 17:56 . 2011-05-24 10:44	293376	----a-w-	c:\windows\system32\umpnpmgr.dll
2012-03-08 17:56 . 2010-11-20 12:18	145920	----a-w-	c:\windows\system32\cfgmgr32.dll
2012-03-08 17:54 . 2011-11-19 14:01	67072	----a-w-	c:\windows\system32\packager.dll
2012-03-08 17:54 . 2011-05-04 04:34	1549312	----a-w-	c:\windows\system32\tquery.dll
2012-03-08 17:54 . 2011-05-04 04:32	1401344	----a-w-	c:\windows\system32\mssrch.dll
2012-03-08 17:54 . 2011-05-04 04:32	666624	----a-w-	c:\windows\system32\mssvp.dll
2012-03-08 17:54 . 2011-05-04 04:32	337408	----a-w-	c:\windows\system32\mssph.dll
2012-03-08 17:54 . 2011-05-04 04:32	197120	----a-w-	c:\windows\system32\mssphtb.dll
2012-03-08 17:54 . 2011-05-04 04:32	59392	----a-w-	c:\windows\system32\msscntrs.dll
2012-03-08 17:54 . 2011-05-04 04:28	86528	----a-w-	c:\windows\system32\SearchFilterHost.exe
2012-03-08 17:54 . 2011-05-04 04:28	427520	----a-w-	c:\windows\system32\SearchIndexer.exe
2012-03-08 17:54 . 2011-05-04 04:28	164352	----a-w-	c:\windows\system32\SearchProtocolHost.exe
2012-03-08 17:53 . 2011-02-12 05:35	191488	----a-w-	c:\windows\system32\FXSCOVER.exe
2012-03-08 17:53 . 2010-11-20 12:17	802304	----a-w-	c:\windows\system32\WFS.exe
2012-03-08 17:53 . 2011-10-15 05:38	534528	----a-w-	c:\windows\system32\EncDec.dll
2012-03-08 17:53 . 2011-03-12 11:23	870912	----a-w-	c:\windows\system32\XpsPrint.dll
2012-03-08 17:53 . 2011-02-24 05:38	288256	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2012-03-08 17:52 . 2011-10-26 04:28	38912	----a-w-	c:\windows\system32\csrsrv.dll
2012-03-08 17:52 . 2010-12-23 05:54	850944	----a-w-	c:\windows\system32\sbe.dll
2012-03-08 17:52 . 2010-12-23 05:54	642048	----a-w-	c:\windows\system32\CPFilters.dll
2012-03-08 17:52 . 2010-12-23 05:50	199680	----a-w-	c:\windows\system32\mpg2splt.ax
2012-03-08 17:52 . 2011-10-26 04:32	1328128	----a-w-	c:\windows\system32\quartz.dll
2012-03-08 17:52 . 2011-10-26 04:32	514560	----a-w-	c:\windows\system32\qdvd.dll
2012-03-08 17:52 . 2011-02-25 05:30	2616320	----a-w-	c:\windows\explorer.exe
2012-03-08 17:50 . 2011-06-15 08:55	86016	----a-w-	c:\windows\system32\odbccu32.dll
2012-03-08 17:50 . 2011-06-15 08:55	81920	----a-w-	c:\windows\system32\odbccr32.dll
2012-03-08 17:50 . 2011-06-15 08:55	319488	----a-w-	c:\windows\system32\odbcjt32.dll
2012-03-08 17:50 . 2011-06-15 08:55	163840	----a-w-	c:\windows\system32\odbctrac.dll
2012-03-08 17:50 . 2011-06-15 08:55	122880	----a-w-	c:\windows\system32\odbccp32.dll
2012-03-08 17:50 . 2011-06-15 08:54	94208	----a-w-	c:\program files\Common Files\System\Ole DB\msdaosp.dll
2012-03-08 17:50 . 2011-01-17 05:47	161792	----a-w-	c:\windows\system32\d3d10_1.dll
2012-03-08 17:50 . 2010-11-20 12:18	219136	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-03-08 17:50 . 2011-12-16 07:52	690688	----a-w-	c:\windows\system32\msvcrt.dll
2012-03-08 17:50 . 2012-01-04 08:58	442880	----a-w-	c:\windows\system32\ntshrui.dll
2012-03-08 17:45 . 2012-02-23 07:18	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-03-08 17:38 . 2012-03-08 17:38	--------	d-----w-	c:\users\Isa\AppData\Local\Adobe
2012-03-08 17:35 . 2011-03-11 05:33	1164288	----a-w-	c:\windows\system32\mfc42u.dll
2012-03-08 17:35 . 2011-03-11 05:33	1137664	----a-w-	c:\windows\system32\mfc42.dll
2012-03-08 17:35 . 2012-03-08 17:35	--------	d-----w-	c:\program files\Common Files\Adobe
2012-03-08 17:35 . 2011-02-23 04:47	69632	----a-w-	c:\windows\system32\drivers\bowser.sys
2012-03-08 17:35 . 2011-04-09 05:56	123904	----a-w-	c:\windows\system32\poqexec.exe
2012-03-08 17:34 . 2011-04-22 19:14	27008	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2012-03-08 17:34 . 2011-02-03 05:54	219008	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2012-03-08 17:34 . 2010-11-20 12:29	728448	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2012-03-08 17:34 . 2010-11-20 11:56	107520	----a-w-	c:\windows\system32\cdd.dll
2012-03-08 17:34 . 2012-04-01 12:06	--------	d-sh--w-	c:\windows\Installer
2012-03-08 17:31 . 2012-03-08 17:31	--------	d-----w-	c:\programdata\NVIDIA
2012-03-08 17:29 . 2009-03-06 10:52	797216	----a-w-	c:\windows\system32\nvcplui.exe
2012-03-08 17:29 . 2009-03-06 10:52	453152	----a-w-	c:\windows\system32\nvuninst.exe
2012-03-08 17:29 . 2009-03-06 10:52	420384	----a-w-	c:\windows\system32\nvcpl.cpl
2012-03-08 17:29 . 2009-03-06 10:52	1108512	----a-w-	c:\windows\system32\nvcpluir.dll
2012-03-08 17:28 . 2012-03-08 17:28	--------	d-----w-	c:\users\Isa\AppData\Local\Mozilla
2012-03-08 17:25 . 2012-03-08 17:39	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-08 17:25 . 2012-03-08 17:25	--------	d-----w-	c:\windows\system32\Macromed
2012-03-06 09:22 . 2012-04-02 08:18	--------	d-----w-	c:\windows\system32\wbem\Performance
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 09:23 . 2009-07-14 02:05	152576	----a-w-	c:\windows\system32\msclmd.dll
2011-06-16 04:32 . 2012-03-08 17:28	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-01-31 258512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-16 135664]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-03-16 135664]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-01-31 86224]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 75581297
*Deregistered* - 75581297
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-16 12:25]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-16 12:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Isa\AppData\Roaming\Mozilla\Firefox\Profiles\gn3rs1nl.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-02  14:07:18
ComboFix-quarantined-files.txt  2012-04-02 12:07
.
Vor Suchlauf: 6 Verzeichnis(se), 475.206.565.888 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 474.880.020.480 Bytes frei
.
- - End Of File - - C0149E0823C101B3FDEE6A758C0D4B44
         

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

• Starte die aswMBR.exe - (aswMBR.exe Anleitung)
  Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
• Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
  Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  
• Klicke auf Scan.
• Warte bitte bis Scan finished successfully im DOS-Fenster steht.
• Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

N° 1

Code: Alles auswählenAufklappen

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-04-02 16:40:54
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HN-M500MBB rev.2AR10001
Running: pfnie2b7.exe; Driver: C:\Users\Isa\AppData\Local\Temp\uwldrpow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\fastfat \Fat  fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
         

N°2

Code: Alles auswählenAufklappen

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 17:16:08 on 02.04.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 5.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\Isa\AppData\Local\Temp\catchme.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"uwldrpow" (uwldrpow) - ? - C:\Users\Isa\AppData\Local\Temp\uwldrpow.sys  (Hidden registry entry, rootkit activity | File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{653DCCC2-13DB-45B2-A389-427885776CFE} "Activities Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplact.dll
{124597D8-850A-41AE-849C-017A4FA99CA2} "Buttons Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplbtn.dll
{3BEABCC1-BF31-42df-88D9-A2955D6B8528} "IntelliPoint Sensitivity Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplsens.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{C533AB49-9805-4972-8326-A084696B00F0} "Touch Mouse Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouchmouse.dll
{1184D0ED-DBCE-4170-8DBB-4D0C3905DA85} "Touch Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouch.dll
{7834E880-F0CC-4FA7-B4F3-FDB0F4E816A5} "Touch Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcpltouchstrip.dll
{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} "Wheel Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplwhl.dll
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{20082881-FC36-4E47-9A7A-644C95FF749F} "Wireless Property Page" - "Microsoft Corporation" - c:\Program Files\Microsoft IntelliPoint\ipcplwir.dll

[Internet Explorer]
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash11g.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"OpenOffice.org 3.3.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"IntelliPoint" - "Microsoft Corporation" - "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
         

N° 3

Code: Alles auswählenAufklappen

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-02 17:20:25
-----------------------------
17:20:25.108    OS Version: Windows 6.1.7601 Service Pack 1
17:20:25.109    Number of processors: 2 586 0xE0C
17:20:25.130    ComputerName: ISA-PC  UserName: Isa
17:20:27.118    Initialize success
17:22:48.664    AVAST engine defs: 12040200
17:24:01.947    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:24:01.953    Disk 0 Vendor: SAMSUNG_HN-M500MBB 2AR10001 Size: 476940MB BusType: 3
17:24:01.975    Disk 0 MBR read successfully
17:24:01.984    Disk 0 MBR scan
17:24:02.118    Disk 0 Windows 7 default MBR code
17:24:02.149    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
17:24:02.193    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       476838 MB offset 206848
17:24:02.230    Disk 0 scanning sectors +976771072
17:24:02.328    Disk 0 scanning C:\Windows\system32\drivers
17:24:20.176    Service scanning
17:24:47.670    Modules scanning
17:24:57.765    Disk 0 trace - called modules:
17:24:57.786    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 
17:24:57.809    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8502f030]
17:24:57.817    3 CLASSPNP.SYS[87e7d59e] -> nt!IofCallDriver -> [0x84f68918]
17:24:57.824    5 ACPI.sys[876243d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84f5f030]
17:24:58.424    AVAST engine scan C:\Windows
17:25:06.256    AVAST engine scan C:\Windows\system32
17:29:33.981    AVAST engine scan C:\Windows\system32\drivers
17:29:50.010    AVAST engine scan C:\Users\Isa
17:30:48.205    AVAST engine scan C:\ProgramData
17:31:03.506    Scan finished successfully
17:31:23.673    Disk 0 MBR has been saved successfully to "C:\Users\Isa\Desktop\MBR.dat"
17:31:23.685    The log file has been saved successfully to "C:\Users\Isa\Desktop\aswMBR.txt"