Computer Verschlüsselungstrojaner

cosinus · 21.06.2012, 19:47

Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.

magicfortune · 23.06.2012, 08:46

Habe den Pc im abgesicherten Modus mit und ohne Netzwerkfreigabe gestartet.

Bei beiden ist das System kurz nach dem Klick auf dem Fix-Button abgestürzt, wieder mit der Fehlermeldung.

Hätte ich beim OTL noch irgenwelche Häkchen o.ä machen müssen.
Habe nur alle Benutzer haken gemacht.

mfg
magicfortune

cosinus · 24.06.2012, 16:10

Probier es bitte mit diesem Sckript aus

Code:

ATTFilter

:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: ffext@webwebweb:1.0.0.449
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=CDS&o=16225&locale=en_US&apn_uid=6789FF94-1B5C-418F-AB67-D056611F19BA&apn_ptnrs=QQ&apn_sauid=B0654D97-0C66-4B09-B061-B47EE50BE6D3&apn_dtid=YYYYYYYYDE&&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
[2010.09.16 19:48:38 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.06.15 17:37:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.05.18 20:00:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.03.28 20:46:06 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.19 21:52:59 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.16 13:34:48 | 000,000,000 | ---D | M] (Webfetti) -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\7dffxtbr@Webfetti.com
[2012.05.24 22:42:22 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\toolbar@ask.com
[2012.06.14 21:48:04 | 000,002,572 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\askcom.xml
[2012.06.10 16:55:55 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-1.xml
[2011.12.18 20:03:20 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-10.xml
[2012.01.02 21:24:32 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-11.xml
[2012.01.18 23:27:21 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-12.xml
[2012.02.18 21:29:21 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-13.xml
[2012.02.26 11:15:12 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-14.xml
[2012.02.26 11:22:54 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-15.xml
[2012.03.28 20:46:12 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-16.xml
[2012.05.06 10:51:49 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-17.xml
[2012.05.13 13:48:01 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-18.xml
[2012.06.08 21:04:19 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-19.xml
[2011.06.16 10:34:03 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-2.xml
[2011.08.02 15:23:19 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-3.xml
[2011.08.26 18:29:56 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-4.xml
[2011.09.11 19:14:01 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-5.xml
[2011.09.15 10:34:20 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-6.xml
[2011.10.01 16:04:14 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-7.xml
[2011.10.11 19:50:07 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-8.xml
[2011.11.09 21:37:04 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-9.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin.xml
[2009.08.11 19:23:35 | 000,003,915 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\sweetim.xml
[2011.06.20 23:33:06 | 000,005,218 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\webwebweb.xml
[2009.08.30 16:24:26 | 000,001,201 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\winamp-search.xml
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (WebWebWeb) - {BBD43808-9D13-4B0B-B023-178FD1FAE442} - C:\Program Files\WebWebWeb\Plugin\Version_449\link64_plugin.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\Shell\AutoRun\command - "" = G:\autorun.exe
[2012.06.08 19:00:30 | 000,000,000 | ---D | C] -- C:\Users\Désirée\AppData\Roaming\Rhiycqnu
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6017A808
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6425A235
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:270A3983
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:5E9B629B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:7FCB9D0D
:Files
C:\Programme\ICQ6Toolbar
C:\Programme\Ask.com
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

magicfortune · 24.06.2012, 17:39

Habe es probiert aber wieder Systemabsturz im normalen und im abgesicherten Modus.

Hier die Fehlermeldung Windows.

Code:

ATTFilter

Problemsignatur:
  Problemereignisname:	BlueScreen
  Betriebsystemversion:	6.1.7601.2.1.0.768.3
  Gebietsschema-ID:	1031

Zusatzinformationen zum Problem:
  BCCode:	f4
  BCP1:	00000003
  BCP2:	88151C08
  BCP3:	88151D74
  BCP4:	82A19DF0
  OS Version:	6_1_7601
  Service Pack:	1_0
  Product:	768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
  C:\Windows\Minidump\062412-33836-01.dmp
  C:\Users\Désirée\AppData\Local\Temp\WER-61323-0.sysdata.xml

Lesen Sie unsere Datenschutzbestimmungen online:
  hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407

Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline:
  C:\Windows\system32\de-DE\erofflps.txt

vllt. hilft es.

Mfg

magicfortune

cosinus · 24.06.2012, 17:49

Neuer Versuch:

Code:

ATTFilter

:OTL
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (WebWebWeb) - {BBD43808-9D13-4B0B-B023-178FD1FAE442} - C:\Program Files\WebWebWeb\Plugin\Version_449\link64_plugin.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\Shell\AutoRun\command - "" = G:\autorun.exe
[2012.06.08 19:00:30 | 000,000,000 | ---D | C] -- C:\Users\Désirée\AppData\Roaming\Rhiycqnu
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6017A808
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6425A235
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:270A3983
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:5E9B629B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:7FCB9D0D
:Files
C:\Programme\ICQ6Toolbar
C:\Programme\Ask.com
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

magicfortune · 24.06.2012, 18:14

Hat funktioniert

Hier das Log

Code:

ATTFilter

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
C:\Programme\Winamp Toolbar\winamptb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBD43808-9D13-4B0B-B023-178FD1FAE442}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBD43808-9D13-4B0B-B023-178FD1FAE442}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE163F11-1919-4257-A280-FF5AF8DAEECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE163F11-1919-4257-A280-FF5AF8DAEECB}\ deleted successfully.
C:\Programme\icq\Internet Explorer\icq.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}\ deleted successfully.
C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-2186960431-4147355705-1044024285-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-2186960431-4147355705-1044024285-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2186960431-4147355705-1044024285-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4a250eb5-82ae-11de-87e0-002433d377d6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4a250eb5-82ae-11de-87e0-002433d377d6}\ not found.
File G:\autorun.exe not found.
C:\Users\Désirée\AppData\Roaming\Rhiycqnu folder moved successfully.
ADS C:\ProgramData\TEMP:6017A808 deleted successfully.
ADS C:\ProgramData\TEMP:6425A235 deleted successfully.
ADS C:\ProgramData\TEMP:270A3983 deleted successfully.
ADS C:\ProgramData\TEMP:5E9B629B deleted successfully.
ADS C:\ProgramData\TEMP:7FCB9D0D deleted successfully.
========== FILES ==========
File\Folder C:\Programme\ICQ6Toolbar not found.
File\Folder C:\Programme\Ask.com not found.
 
OTL by OldTimer - Version 3.2.49.0 log created on 06242012_191335

MfG

magicfortune

cosinus · 24.06.2012, 18:16

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

magicfortune · 24.06.2012, 18:37

Ok hier das TDSS Log

Code:

ATTFilter

19:32:52.0848 6056	TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
19:32:53.0051 6056	============================================================
19:32:53.0051 6056	Current date / time: 2012/06/24 19:32:53.0051
19:32:53.0051 6056	SystemInfo:
19:32:53.0051 6056	
19:32:53.0051 6056	OS Version: 6.1.7601 ServicePack: 1.0
19:32:53.0051 6056	Product type: Workstation
19:32:53.0051 6056	ComputerName: DÉSIRÉE-PC
19:32:53.0051 6056	UserName: Désirée
19:32:53.0051 6056	Windows directory: C:\Windows
19:32:53.0051 6056	System windows directory: C:\Windows
19:32:53.0051 6056	Processor architecture: Intel x86
19:32:53.0051 6056	Number of processors: 2
19:32:53.0051 6056	Page size: 0x1000
19:32:53.0051 6056	Boot type: Normal boot
19:32:53.0051 6056	============================================================
19:32:53.0659 6056	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:32:53.0659 6056	============================================================
19:32:53.0659 6056	\Device\Harddisk0\DR0:
19:32:53.0659 6056	MBR partitions:
19:32:53.0659 6056	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1462800, BlocksNum 0x23FCBAB0
19:32:53.0659 6056	============================================================
19:32:53.0722 6056	C: <-> \Device\Harddisk0\DR0\Partition0
19:32:53.0722 6056	============================================================
19:32:53.0722 6056	Initialize success
19:32:53.0722 6056	============================================================
19:33:27.0230 6020	============================================================
19:33:27.0230 6020	Scan started
19:33:27.0230 6020	Mode: Manual; SigCheck; TDLFS; 
19:33:27.0230 6020	============================================================
19:33:27.0666 6020	1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
19:33:27.0776 6020	1394ohci - ok
19:33:27.0932 6020	ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
19:33:27.0963 6020	ABBYY.Licensing.FineReader.Sprint.9.0 - ok
19:33:28.0056 6020	ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:33:28.0072 6020	ACDaemon - ok
19:33:28.0150 6020	ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
19:33:28.0166 6020	ACPI - ok
19:33:28.0228 6020	AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
19:33:28.0322 6020	AcpiPmi - ok
19:33:28.0431 6020	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:33:28.0446 6020	AdobeARMservice - ok
19:33:28.0571 6020	AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:33:28.0587 6020	AdobeFlashPlayerUpdateSvc - ok
19:33:28.0680 6020	adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:33:28.0712 6020	adp94xx - ok
19:33:28.0758 6020	adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:33:28.0790 6020	adpahci - ok
19:33:28.0836 6020	adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:33:28.0852 6020	adpu320 - ok
19:33:28.0899 6020	AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:33:28.0961 6020	AeLookupSvc - ok
19:33:29.0055 6020	AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
19:33:29.0180 6020	AFD - ok
19:33:29.0258 6020	agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
19:33:29.0273 6020	agp440 - ok
19:33:29.0351 6020	aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:33:29.0382 6020	aic78xx - ok
19:33:29.0445 6020	ALG             (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:33:29.0507 6020	ALG - ok
19:33:29.0554 6020	aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
19:33:29.0570 6020	aliide - ok
19:33:29.0648 6020	AMD External Events Utility (b19505648f033393e907e2e419fde8b3) C:\Windows\system32\atiesrxx.exe
19:33:29.0726 6020	AMD External Events Utility - ok
19:33:29.0788 6020	amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
19:33:29.0804 6020	amdagp - ok
19:33:29.0835 6020	amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
19:33:29.0866 6020	amdide - ok
19:33:29.0928 6020	AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:33:29.0991 6020	AmdK8 - ok
19:33:30.0038 6020	AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:33:30.0084 6020	AmdPPM - ok
19:33:30.0162 6020	amdsata         (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
19:33:30.0178 6020	amdsata - ok
19:33:30.0240 6020	amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:33:30.0256 6020	amdsbs - ok
19:33:30.0272 6020	amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
19:33:30.0287 6020	amdxata - ok
19:33:30.0396 6020	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:33:30.0412 6020	AntiVirSchedulerService - ok
19:33:30.0459 6020	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:33:30.0474 6020	AntiVirService - ok
19:33:30.0537 6020	ApfiltrService  (9159bd0b3f93f4a22264fb3895b4f3f9) C:\Windows\system32\DRIVERS\Apfiltr.sys
19:33:30.0552 6020	ApfiltrService - ok
19:33:30.0615 6020	AppID           (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
19:33:30.0771 6020	AppID - ok
19:33:30.0802 6020	AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:33:30.0880 6020	AppIDSvc - ok
19:33:30.0927 6020	Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
19:33:30.0974 6020	Appinfo - ok
19:33:31.0020 6020	arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:33:31.0036 6020	arc - ok
19:33:31.0052 6020	arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:33:31.0067 6020	arcsas - ok
19:33:31.0114 6020	ArcSoftKsUFilter (857b48965a0503b7ab795d4bfe7cbd8b) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:33:31.0130 6020	ArcSoftKsUFilter - ok
19:33:31.0145 6020	AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:33:31.0270 6020	AsyncMac - ok
19:33:31.0317 6020	atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
19:33:31.0332 6020	atapi - ok
19:33:31.0754 6020	atikmdag        (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
19:33:31.0910 6020	atikmdag - ok
19:33:32.0112 6020	AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:33:32.0175 6020	AudioEndpointBuilder - ok
19:33:32.0175 6020	Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:33:32.0206 6020	Audiosrv - ok
19:33:32.0315 6020	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
19:33:32.0346 6020	avgntflt - ok
19:33:32.0409 6020	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
19:33:32.0424 6020	avipbb - ok
19:33:32.0456 6020	avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS\avkmgr.sys
19:33:32.0471 6020	avkmgr - ok
19:33:32.0534 6020	AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
19:33:32.0612 6020	AxInstSV - ok
19:33:32.0690 6020	b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:33:32.0752 6020	b06bdrv - ok
19:33:32.0814 6020	b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:33:32.0846 6020	b57nd60x - ok
19:33:32.0908 6020	BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:33:32.0955 6020	BDESVC - ok
19:33:32.0970 6020	Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:33:33.0017 6020	Beep - ok
19:33:33.0080 6020	BFE             (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
19:33:33.0142 6020	BFE - ok
19:33:33.0204 6020	BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
19:33:33.0282 6020	BITS - ok
19:33:33.0329 6020	blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:33:33.0345 6020	blbdrive - ok
19:33:33.0407 6020	bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
19:33:33.0454 6020	bowser - ok
19:33:33.0470 6020	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:33:33.0548 6020	BrFiltLo - ok
19:33:33.0579 6020	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:33:33.0594 6020	BrFiltUp - ok
19:33:33.0641 6020	Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
19:33:33.0704 6020	Browser - ok
19:33:33.0750 6020	Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:33:33.0797 6020	Brserid - ok
19:33:33.0813 6020	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:33:33.0828 6020	BrSerWdm - ok
19:33:33.0844 6020	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:33:33.0875 6020	BrUsbMdm - ok
19:33:33.0891 6020	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:33:33.0906 6020	BrUsbSer - ok
19:33:33.0969 6020	BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
19:33:34.0031 6020	BthEnum - ok
19:33:34.0078 6020	BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:33:34.0125 6020	BTHMODEM - ok
19:33:34.0156 6020	BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
19:33:34.0187 6020	BthPan - ok
19:33:34.0250 6020	BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
19:33:34.0312 6020	BTHPORT - ok
19:33:34.0374 6020	bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:33:34.0421 6020	bthserv - ok
19:33:34.0437 6020	BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
19:33:34.0468 6020	BTHUSB - ok
19:33:34.0499 6020	btwaudio        (cd956dd816d9959748eb787a5121d1e4) C:\Windows\system32\drivers\btwaudio.sys
19:33:34.0499 6020	btwaudio - ok
19:33:34.0562 6020	btwavdt         (4ca1cc3d13466a3e2e9e9119d00aec78) C:\Windows\system32\DRIVERS\btwavdt.sys
19:33:34.0577 6020	btwavdt - ok
19:33:34.0686 6020	btwdins         (fe7fcace3678200ae202eb29c9b6a8e8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:33:34.0718 6020	btwdins - ok
19:33:34.0749 6020	btwl2cap        (54c2ee0a3cec586629035d771aacae67) C:\Windows\system32\DRIVERS\btwl2cap.sys
19:33:34.0749 6020	btwl2cap - ok
19:33:34.0780 6020	btwrchid        (f857ef2d941530772ae828ecd6d71b22) C:\Windows\system32\DRIVERS\btwrchid.sys
19:33:34.0780 6020	btwrchid - ok
19:33:34.0827 6020	camfilt2        (088c0978203d59425a12b2a53fccd02b) C:\Windows\system32\DRIVERS\camfilt2.sys
19:33:34.0858 6020	camfilt2 - ok
19:33:34.0889 6020	cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:33:34.0952 6020	cdfs - ok
19:33:35.0014 6020	cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
19:33:35.0045 6020	cdrom - ok
19:33:35.0108 6020	CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:33:35.0154 6020	CertPropSvc - ok
19:33:35.0186 6020	circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:33:35.0186 6020	circlass - ok
19:33:35.0248 6020	CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:33:35.0264 6020	CLFS - ok
19:33:35.0342 6020	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:33:35.0373 6020	clr_optimization_v2.0.50727_32 - ok
19:33:35.0435 6020	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:33:35.0482 6020	clr_optimization_v4.0.30319_32 - ok
19:33:35.0513 6020	CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:33:35.0544 6020	CmBatt - ok
19:33:35.0607 6020	cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
19:33:35.0622 6020	cmdide - ok
19:33:35.0700 6020	CNG             (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
19:33:35.0747 6020	CNG - ok
19:33:35.0778 6020	Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:33:35.0794 6020	Compbatt - ok
19:33:35.0856 6020	CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
19:33:35.0888 6020	CompositeBus - ok
19:33:35.0919 6020	COMSysApp - ok
19:33:35.0934 6020	crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:33:35.0950 6020	crcdisk - ok
19:33:35.0997 6020	CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
19:33:36.0059 6020	CryptSvc - ok
19:33:36.0122 6020	DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:33:36.0168 6020	DcomLaunch - ok
19:33:36.0215 6020	defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:33:36.0293 6020	defragsvc - ok
19:33:36.0340 6020	DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
19:33:36.0402 6020	DfsC - ok
19:33:36.0465 6020	Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
19:33:36.0512 6020	Dhcp - ok
19:33:36.0558 6020	discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:33:36.0605 6020	discache - ok
19:33:36.0652 6020	Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:33:36.0668 6020	Disk - ok
19:33:36.0699 6020	DMICall         (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
19:33:36.0699 6020	DMICall - ok
19:33:36.0746 6020	Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
19:33:36.0792 6020	Dnscache - ok
19:33:36.0839 6020	dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
19:33:36.0917 6020	dot3svc - ok
19:33:36.0964 6020	Dot4            (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
19:33:37.0011 6020	Dot4 - ok
19:33:37.0058 6020	Dot4Print       (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
19:33:37.0104 6020	Dot4Print - ok
19:33:37.0120 6020	dot4usb         (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
19:33:37.0151 6020	dot4usb - ok
19:33:37.0198 6020	DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
19:33:37.0245 6020	DPS - ok
19:33:37.0292 6020	drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:33:37.0323 6020	drmkaud - ok
19:33:37.0416 6020	DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
19:33:37.0448 6020	DXGKrnl - ok
19:33:37.0494 6020	EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:33:37.0557 6020	EapHost - ok
19:33:37.0822 6020	ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:33:37.0916 6020	ebdrv - ok
19:33:38.0056 6020	EFS             (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
19:33:38.0103 6020	EFS - ok
19:33:38.0212 6020	ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
19:33:38.0290 6020	ehRecvr - ok
19:33:38.0321 6020	ehSched         (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:33:38.0368 6020	ehSched - ok
19:33:38.0493 6020	elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:33:38.0524 6020	elxstor - ok
19:33:38.0633 6020	EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
19:33:38.0633 6020	EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
19:33:38.0633 6020	EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
19:33:38.0696 6020	EPSON_EB_RPCV4_04 (b92f2b3247f0a99490c1298a1d3d7b4c) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
19:33:38.0742 6020	EPSON_EB_RPCV4_04 - ok
19:33:38.0758 6020	EPSON_PM_RPCV4_04 (651336b99c75fb54e4b5971cf458f9bd) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
19:33:38.0805 6020	EPSON_PM_RPCV4_04 - ok
19:33:38.0836 6020	ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
19:33:38.0867 6020	ErrDev - ok
19:33:38.0945 6020	EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:33:39.0008 6020	EventSystem - ok
19:33:39.0148 6020	EvtEng          (ba6063e3375f9bc11a9c8450a7f61e70) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:33:39.0195 6020	EvtEng ( UnsignedFile.Multi.Generic ) - warning
19:33:39.0195 6020	EvtEng - detected UnsignedFile.Multi.Generic (1)
19:33:39.0226 6020	exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:33:39.0288 6020	exfat - ok
19:33:39.0304 6020	fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:33:39.0351 6020	fastfat - ok
19:33:39.0460 6020	Fax             (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
19:33:39.0522 6020	Fax - ok
19:33:39.0538 6020	fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:33:39.0569 6020	fdc - ok
19:33:39.0600 6020	fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:33:39.0647 6020	fdPHost - ok
19:33:39.0663 6020	FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:33:39.0710 6020	FDResPub - ok
19:33:39.0725 6020	FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:33:39.0741 6020	FileInfo - ok
19:33:39.0756 6020	Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:33:39.0788 6020	Filetrace - ok
19:33:39.0803 6020	flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:33:39.0834 6020	flpydisk - ok
19:33:39.0897 6020	FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:33:39.0912 6020	FltMgr - ok
19:33:39.0990 6020	FontCache       (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
19:33:40.0068 6020	FontCache - ok
19:33:40.0178 6020	FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:33:40.0193 6020	FontCache3.0.0.0 - ok
19:33:40.0240 6020	FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:33:40.0256 6020	FsDepends - ok
19:33:40.0302 6020	fssfltr         (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
19:33:40.0318 6020	fssfltr - ok
19:33:40.0443 6020	fsssvc          (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:33:40.0474 6020	fsssvc - ok
19:33:40.0505 6020	Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
19:33:40.0521 6020	Fs_Rec - ok
19:33:40.0583 6020	fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
19:33:40.0614 6020	fvevol - ok
19:33:40.0646 6020	gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:33:40.0661 6020	gagp30kx - ok
19:33:40.0724 6020	GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
19:33:40.0739 6020	GoogleDesktopManager-051210-111108 - ok
19:33:40.0848 6020	gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
19:33:40.0895 6020	gpsvc - ok
19:33:40.0911 6020	hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:33:40.0973 6020	hcw85cir - ok
19:33:41.0036 6020	HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
19:33:41.0082 6020	HDAudBus - ok
19:33:41.0098 6020	HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:33:41.0129 6020	HidBatt - ok
19:33:41.0145 6020	HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:33:41.0192 6020	HidBth - ok
19:33:41.0223 6020	HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:33:41.0238 6020	HidIr - ok
19:33:41.0285 6020	hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
19:33:41.0316 6020	hidserv - ok
19:33:41.0332 6020	HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
19:33:41.0348 6020	HidUsb - ok
19:33:41.0394 6020	hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
19:33:41.0457 6020	hkmsvc - ok
19:33:41.0504 6020	HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
19:33:41.0550 6020	HomeGroupListener - ok
19:33:41.0613 6020	HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
19:33:41.0660 6020	HomeGroupProvider - ok
19:33:41.0784 6020	hpqcxs08        (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:33:41.0816 6020	hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
19:33:41.0816 6020	hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
19:33:41.0847 6020	hpqddsvc        (25e443e27165c652723a92d9bdfd4649) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:33:41.0862 6020	hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
19:33:41.0862 6020	hpqddsvc - detected UnsignedFile.Multi.Generic (1)
19:33:41.0925 6020	HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
19:33:41.0940 6020	HpSAMD - ok
19:33:41.0956 6020	HSF_DPV - ok
19:33:41.0956 6020	HSXHWAZL - ok
19:33:42.0034 6020	HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
19:33:42.0081 6020	HTTP - ok
19:33:42.0112 6020	hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
19:33:42.0128 6020	hwpolicy - ok
19:33:42.0159 6020	hxctlflt        (f02ea43ae8f936124debf5b87f12c795) C:\Windows\system32\DRIVERS\hxctlflt.sys
19:33:42.0206 6020	hxctlflt - ok
19:33:42.0268 6020	i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
19:33:42.0284 6020	i8042prt - ok
19:33:42.0346 6020	iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
19:33:42.0362 6020	iaStor - ok
19:33:42.0424 6020	iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
19:33:42.0440 6020	iaStorV - ok
19:33:42.0564 6020	ICQ Service     (7a95a3ad931b97fec5067e40636ce37f) C:\Program Files\ICQ6Toolbar\ICQ Service.exe
19:33:42.0596 6020	ICQ Service - ok
19:33:42.0767 6020	idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:33:42.0814 6020	idsvc - ok
19:33:42.0970 6020	iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:33:43.0001 6020	iirsp - ok
19:33:43.0110 6020	IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
19:33:43.0188 6020	IKEEXT - ok
19:33:43.0391 6020	IntcAzAudAddService (3aa1f82efa2b0454af163124c9920d16) C:\Windows\system32\drivers\RTKVHDA.sys
19:33:43.0438 6020	IntcAzAudAddService - ok
19:33:43.0641 6020	intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
19:33:43.0672 6020	intelide - ok
19:33:43.0703 6020	intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:33:43.0750 6020	intelppm - ok
19:33:43.0781 6020	IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:33:43.0828 6020	IPBusEnum - ok
19:33:43.0844 6020	IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:33:43.0906 6020	IpFilterDriver - ok
19:33:43.0984 6020	iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
19:33:44.0031 6020	iphlpsvc - ok
19:33:44.0062 6020	IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
19:33:44.0109 6020	IPMIDRV - ok
19:33:44.0140 6020	IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:33:44.0202 6020	IPNAT - ok
19:33:44.0234 6020	IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:33:44.0249 6020	IRENUM - ok
19:33:44.0280 6020	isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
19:33:44.0296 6020	isapnp - ok
19:33:44.0327 6020	iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
19:33:44.0358 6020	iScsiPrt - ok
19:33:44.0452 6020	IviRegMgr       (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
19:33:44.0468 6020	IviRegMgr - ok
19:33:44.0499 6020	kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
19:33:44.0514 6020	kbdclass - ok
19:33:44.0546 6020	kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
19:33:44.0592 6020	kbdhid - ok
19:33:44.0624 6020	KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:33:44.0639 6020	KeyIso - ok
19:33:44.0655 6020	KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
19:33:44.0670 6020	KSecDD - ok
19:33:44.0686 6020	KSecPkg         (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
19:33:44.0702 6020	KSecPkg - ok
19:33:44.0748 6020	KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:33:44.0780 6020	KtmRm - ok
19:33:44.0826 6020	LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
19:33:44.0873 6020	LanmanServer - ok
19:33:44.0920 6020	LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
19:33:44.0982 6020	LanmanWorkstation - ok
19:33:45.0045 6020	lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:33:45.0107 6020	lltdio - ok
19:33:45.0154 6020	lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:33:45.0185 6020	lltdsvc - ok
19:33:45.0185 6020	lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:33:45.0216 6020	lmhosts - ok
19:33:45.0248 6020	LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:33:45.0263 6020	LSI_FC - ok
19:33:45.0310 6020	LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:33:45.0326 6020	LSI_SAS - ok
19:33:45.0357 6020	LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:33:45.0388 6020	LSI_SAS2 - ok
19:33:45.0435 6020	LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:33:45.0466 6020	LSI_SCSI - ok
19:33:45.0497 6020	luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:33:45.0528 6020	luafv - ok
19:33:45.0591 6020	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
19:33:45.0606 6020	MBAMProtector - ok
19:33:45.0731 6020	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:33:45.0762 6020	MBAMService - ok
19:33:45.0794 6020	Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
19:33:45.0809 6020	Mcx2Svc - ok
19:33:45.0809 6020	mdmxsdk - ok
19:33:45.0825 6020	megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:33:45.0840 6020	megasas - ok
19:33:45.0872 6020	MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:33:45.0887 6020	MegaSR - ok
19:33:45.0934 6020	MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:33:45.0981 6020	MMCSS - ok
19:33:45.0996 6020	Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:33:46.0043 6020	Modem - ok
19:33:46.0074 6020	monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:33:46.0106 6020	monitor - ok
19:33:46.0152 6020	motccgp - ok
19:33:46.0152 6020	motccgpfl - ok
19:33:46.0168 6020	MotDev - ok
19:33:46.0199 6020	motmodem        (69814acd50a9d6d28296050ef6215d46) C:\Windows\system32\DRIVERS\motmodem.sys
19:33:46.0262 6020	motmodem - ok
19:33:46.0340 6020	MotoHelper      (98a10ac4257a3ba48c9611338544ee49) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
19:33:46.0371 6020	MotoHelper - ok
19:33:46.0418 6020	mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
19:33:46.0433 6020	mouclass - ok
19:33:46.0480 6020	mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:33:46.0511 6020	mouhid - ok
19:33:46.0542 6020	mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
19:33:46.0574 6020	mountmgr - ok
19:33:46.0636 6020	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:33:46.0667 6020	MozillaMaintenance - ok
19:33:46.0698 6020	mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
19:33:46.0714 6020	mpio - ok
19:33:46.0730 6020	mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:33:46.0761 6020	mpsdrv - ok
19:33:46.0823 6020	MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
19:33:46.0901 6020	MpsSvc - ok
19:33:46.0932 6020	MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
19:33:46.0948 6020	MRxDAV - ok
19:33:47.0010 6020	mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:33:47.0088 6020	mrxsmb - ok
19:33:47.0120 6020	mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:33:47.0166 6020	mrxsmb10 - ok
19:33:47.0198 6020	mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:33:47.0229 6020	mrxsmb20 - ok
19:33:47.0276 6020	msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
19:33:47.0291 6020	msahci - ok
19:33:47.0354 6020	msdsm           (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
19:33:47.0385 6020	msdsm - ok
19:33:47.0432 6020	MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:33:47.0463 6020	MSDTC - ok
19:33:47.0510 6020	Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:33:47.0541 6020	Msfs - ok
19:33:47.0556 6020	mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:33:47.0588 6020	mshidkmdf - ok
19:33:47.0603 6020	msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
19:33:47.0603 6020	msisadrv - ok
19:33:47.0650 6020	MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:33:47.0681 6020	MSiSCSI - ok
19:33:47.0681 6020	msiserver - ok
19:33:47.0712 6020	MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:33:47.0775 6020	MSKSSRV - ok
19:33:47.0806 6020	MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:33:47.0837 6020	MSPCLOCK - ok
19:33:47.0868 6020	MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:33:47.0915 6020	MSPQM - ok
19:33:47.0931 6020	MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:33:47.0978 6020	MsRPC - ok
19:33:48.0009 6020	mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
19:33:48.0040 6020	mssmbios - ok
19:33:48.0056 6020	MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:33:48.0071 6020	MSTEE - ok
19:33:48.0087 6020	MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:33:48.0102 6020	MTConfig - ok
19:33:48.0118 6020	Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:33:48.0118 6020	Mup - ok
19:33:48.0180 6020	napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
19:33:48.0227 6020	napagent - ok
19:33:48.0274 6020	NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:33:48.0321 6020	NativeWifiP - ok
19:33:48.0368 6020	NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
19:33:48.0399 6020	NDIS - ok
19:33:48.0430 6020	NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:33:48.0477 6020	NdisCap - ok
19:33:48.0492 6020	NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:33:48.0539 6020	NdisTapi - ok
19:33:48.0586 6020	Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
19:33:48.0648 6020	Ndisuio - ok
19:33:48.0680 6020	NdisWan         (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
19:33:48.0758 6020	NdisWan - ok
19:33:48.0804 6020	NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
19:33:48.0851 6020	NDProxy - ok
19:33:48.0851 6020	NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:33:48.0898 6020	NetBIOS - ok
19:33:48.0945 6020	NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
19:33:49.0007 6020	NetBT - ok
19:33:49.0038 6020	Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:33:49.0038 6020	Netlogon - ok
19:33:49.0101 6020	Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:33:49.0163 6020	Netman - ok
19:33:49.0226 6020	netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:33:49.0272 6020	netprofm - ok
19:33:49.0382 6020	NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:33:49.0397 6020	NetTcpPortSharing - ok
19:33:49.0756 6020	netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
19:33:49.0865 6020	netw5v32 - ok
19:33:50.0068 6020	nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:33:50.0084 6020	nfrd960 - ok
19:33:50.0146 6020	NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
19:33:50.0208 6020	NlaSvc - ok
19:33:50.0224 6020	Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:33:50.0302 6020	Npfs - ok
19:33:50.0333 6020	nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:33:50.0364 6020	nsi - ok
19:33:50.0380 6020	nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:33:50.0411 6020	nsiproxy - ok
19:33:50.0567 6020	NSUService      (276bff84ad77dd23e1085e191f5a591f) C:\Program Files\sony\Network Utility\NSUService.exe
19:33:50.0598 6020	NSUService ( UnsignedFile.Multi.Generic ) - warning
19:33:50.0598 6020	NSUService - detected UnsignedFile.Multi.Generic (1)
19:33:50.0739 6020	Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
19:33:50.0801 6020	Ntfs - ok
19:33:50.0817 6020	Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:33:50.0848 6020	Null - ok
19:33:50.0879 6020	nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
19:33:50.0895 6020	nvraid - ok
19:33:50.0957 6020	nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
19:33:50.0973 6020	nvstor - ok
19:33:51.0020 6020	nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
19:33:51.0035 6020	nv_agp - ok
19:33:51.0082 6020	ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
19:33:51.0113 6020	ohci1394 - ok
19:33:51.0176 6020	p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:33:51.0222 6020	p2pimsvc - ok
19:33:51.0285 6020	p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:33:51.0316 6020	p2psvc - ok
19:33:51.0425 6020	PACSPTISVR      (b8040c5c1fc1fbbbe5c78cb9eda343ec) C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
19:33:51.0456 6020	PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
19:33:51.0456 6020	PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
19:33:51.0488 6020	Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:33:51.0534 6020	Parport - ok
19:33:51.0566 6020	partmgr         (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
19:33:51.0597 6020	partmgr - ok
19:33:51.0597 6020	Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:33:51.0628 6020	Parvdm - ok
19:33:51.0659 6020	PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:33:51.0690 6020	PcaSvc - ok
19:33:51.0737 6020	pci             (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
19:33:51.0753 6020	pci - ok
19:33:51.0784 6020	pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
19:33:51.0800 6020	pciide - ok
19:33:51.0815 6020	pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:33:51.0831 6020	pcmcia - ok
19:33:51.0846 6020	pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:33:51.0862 6020	pcw - ok
19:33:51.0940 6020	PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:33:51.0987 6020	PEAUTH - ok
19:33:52.0127 6020	pla             (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
19:33:52.0205 6020	pla - ok
19:33:52.0377 6020	PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
19:33:52.0424 6020	PlugPlay - ok
19:33:52.0455 6020	PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:33:52.0502 6020	PNRPAutoReg - ok
19:33:52.0548 6020	PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:33:52.0580 6020	PNRPsvc - ok
19:33:52.0626 6020	PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
19:33:52.0673 6020	PolicyAgent - ok
19:33:52.0704 6020	Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
19:33:52.0736 6020	Power - ok
19:33:52.0814 6020	PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:33:52.0876 6020	PptpMiniport - ok
19:33:52.0907 6020	Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:33:52.0938 6020	Processor - ok
19:33:52.0970 6020	ProfSvc         (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
19:33:53.0016 6020	ProfSvc - ok
19:33:53.0063 6020	ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:33:53.0063 6020	ProtectedStorage - ok
19:33:53.0126 6020	Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:33:53.0141 6020	Psched - ok
19:33:53.0188 6020	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
19:33:53.0188 6020	PxHelp20 - ok
19:33:53.0313 6020	ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:33:53.0391 6020	ql2300 - ok
19:33:53.0562 6020	ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:33:53.0594 6020	ql40xx - ok
19:33:53.0625 6020	QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:33:53.0656 6020	QWAVE - ok
19:33:53.0687 6020	QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:33:53.0703 6020	QWAVEdrv - ok
19:33:53.0703 6020	RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:33:53.0750 6020	RasAcd - ok
19:33:53.0812 6020	RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:33:53.0859 6020	RasAgileVpn - ok
19:33:53.0890 6020	RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:33:53.0921 6020	RasAuto - ok
19:33:53.0952 6020	Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:33:53.0984 6020	Rasl2tp - ok
19:33:54.0030 6020	RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
19:33:54.0108 6020	RasMan - ok
19:33:54.0140 6020	RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:33:54.0186 6020	RasPppoe - ok
19:33:54.0218 6020	RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:33:54.0264 6020	RasSstp - ok
19:33:54.0327 6020	rdbss           (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
19:33:54.0389 6020	rdbss - ok
19:33:54.0405 6020	rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:33:54.0420 6020	rdpbus - ok
19:33:54.0452 6020	RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:33:54.0483 6020	RDPCDD - ok
19:33:54.0514 6020	RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:33:54.0545 6020	RDPENCDD - ok
19:33:54.0576 6020	RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:33:54.0608 6020	RDPREFMP - ok
19:33:54.0654 6020	RDPWD           (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
19:33:54.0717 6020	RDPWD - ok
19:33:54.0764 6020	rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
19:33:54.0779 6020	rdyboost - ok
19:33:54.0826 6020	regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
19:33:54.0842 6020	regi - ok
19:33:54.0982 6020	RegSrvc         (7eeeec28a34516e66137f355dcc15bdb) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:33:54.0982 6020	RegSrvc ( UnsignedFile.Multi.Generic ) - warning
19:33:54.0998 6020	RegSrvc - detected UnsignedFile.Multi.Generic (1)
19:33:55.0029 6020	RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:33:55.0091 6020	RemoteAccess - ok
19:33:55.0122 6020	RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:33:55.0169 6020	RemoteRegistry - ok
19:33:55.0216 6020	RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
19:33:55.0278 6020	RFCOMM - ok
19:33:55.0325 6020	rimsptsk        (f7d9ecf41ebd3cf6c65944368150f66b) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:33:55.0388 6020	rimsptsk - ok
19:33:55.0419 6020	risdptsk        (1be6c42767a7c67ba31ae32b293b37a3) C:\Windows\system32\DRIVERS\risdptsk.sys
19:33:55.0450 6020	risdptsk - ok
19:33:55.0481 6020	RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:33:55.0528 6020	RpcEptMapper - ok
19:33:55.0559 6020	RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:33:55.0590 6020	RpcLocator - ok
19:33:55.0637 6020	RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:33:55.0684 6020	RpcSs - ok
19:33:55.0715 6020	rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:33:55.0762 6020	rspndr - ok
19:33:55.0824 6020	RTHDMIAzAudService (a95b16ff762ff217847b97e6f05778ee) C:\Windows\system32\drivers\RtHDMIV.sys
19:33:55.0840 6020	RTHDMIAzAudService - ok
19:33:55.0934 6020	RtkAudioService (4b3795ebecae570def38ba7924c2a3dc) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
19:33:55.0949 6020	RtkAudioService - ok
19:33:55.0980 6020	SamSs           (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:33:55.0996 6020	SamSs - ok
19:33:56.0058 6020	sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
19:33:56.0074 6020	sbp2port - ok
19:33:56.0121 6020	SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:33:56.0152 6020	SCardSvr - ok
19:33:56.0199 6020	scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
19:33:56.0246 6020	scfilter - ok
19:33:56.0339 6020	Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
19:33:56.0417 6020	Schedule - ok
19:33:56.0448 6020	SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:33:56.0480 6020	SCPolicySvc - ok
19:33:56.0542 6020	SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
19:33:56.0589 6020	SDRSVC - ok
19:33:56.0651 6020	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:33:56.0682 6020	secdrv - ok
19:33:56.0729 6020	seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:33:56.0776 6020	seclogon - ok
19:33:56.0792 6020	SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
19:33:56.0823 6020	SENS - ok
19:33:56.0870 6020	SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:33:56.0885 6020	SensrSvc - ok
19:33:56.0916 6020	Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:33:56.0948 6020	Serenum - ok
19:33:56.0979 6020	Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:33:57.0010 6020	Serial - ok
19:33:57.0057 6020	sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:33:57.0088 6020	sermouse - ok
19:33:57.0150 6020	SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
19:33:57.0182 6020	SessionEnv - ok
19:33:57.0228 6020	SFEP            (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
19:33:57.0275 6020	SFEP - ok
19:33:57.0338 6020	sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:33:57.0384 6020	sffdisk - ok
19:33:57.0416 6020	sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:33:57.0431 6020	sffp_mmc - ok
19:33:57.0462 6020	sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
19:33:57.0478 6020	sffp_sd - ok
19:33:57.0556 6020	sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:33:57.0587 6020	sfloppy - ok
19:33:57.0634 6020	SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:33:57.0681 6020	SharedAccess - ok
19:33:57.0743 6020	ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
19:33:57.0806 6020	ShellHWDetection - ok
19:33:57.0852 6020	sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
19:33:57.0868 6020	sisagp - ok
19:33:57.0899 6020	SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:33:57.0915 6020	SiSRaid2 - ok
19:33:57.0946 6020	SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:33:57.0962 6020	SiSRaid4 - ok
19:33:57.0993 6020	Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:33:58.0008 6020	Smb - ok
19:33:58.0071 6020	SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:33:58.0102 6020	SNMPTRAP - ok
19:33:58.0898 6020	SNPSTD3         (9cd6ffc9f5b999eb5df69b9177d9848f) C:\Windows\system32\DRIVERS\snpstd3.sys
19:33:59.0210 6020	SNPSTD3 - ok
19:33:59.0397 6020	SOHCImp         (7b24efa2a60ba7388fecda63ab24560a) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
19:33:59.0412 6020	SOHCImp - ok
19:33:59.0444 6020	SOHDBSvr        (140fcf5ffae4efba9740a9fd8b49e0bf) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
19:33:59.0459 6020	SOHDBSvr - ok
19:33:59.0490 6020	SOHDms          (d8c244121a06b581b097d9617d94cff1) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
19:33:59.0522 6020	SOHDms - ok
19:33:59.0537 6020	SOHDs           (2db561887ea122b946bbe2821473edd8) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
19:33:59.0553 6020	SOHDs - ok
19:33:59.0568 6020	SOHPlMgr        (ab9ee246a1eb2c3c7c6cb16e0b9462f7) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
19:33:59.0568 6020	SOHPlMgr - ok
19:33:59.0740 6020	spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:33:59.0771 6020	spldr - ok
19:33:59.0834 6020	Spooler         (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
19:33:59.0896 6020	Spooler - ok
19:34:00.0161 6020	sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
19:34:00.0286 6020	sppsvc - ok
19:34:00.0442 6020	sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
19:34:00.0473 6020	sppuinotify - ok
19:34:00.0582 6020	srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
19:34:00.0629 6020	srv - ok
19:34:00.0660 6020	srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
19:34:00.0707 6020	srv2 - ok
19:34:00.0754 6020	SrvHsfHDA       (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:34:00.0816 6020	SrvHsfHDA - ok
19:34:00.0926 6020	SrvHsfV92       (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:34:00.0972 6020	SrvHsfV92 - ok
19:34:01.0050 6020	SrvHsfWinac     (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:34:01.0082 6020	SrvHsfWinac - ok
19:34:01.0128 6020	srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
19:34:01.0144 6020	srvnet - ok
19:34:01.0191 6020	SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:34:01.0238 6020	SSDPSRV - ok
19:34:01.0284 6020	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:34:01.0300 6020	ssmdrv - ok
19:34:01.0331 6020	SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:34:01.0362 6020	SstpSvc - ok
19:34:01.0409 6020	stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:34:01.0425 6020	stexstor - ok
19:34:01.0503 6020	StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
19:34:01.0565 6020	StiSvc - ok
19:34:01.0596 6020	swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
19:34:01.0612 6020	swenum - ok
19:34:01.0643 6020	swprv           (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:34:01.0674 6020	swprv - ok
19:34:01.0799 6020	SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
19:34:01.0862 6020	SysMain - ok
19:34:01.0893 6020	TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
19:34:01.0908 6020	TabletInputService - ok
19:34:01.0955 6020	TapiSrv         (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
19:34:02.0002 6020	TapiSrv - ok
19:34:02.0033 6020	TBS             (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:34:02.0080 6020	TBS - ok
19:34:02.0283 6020	Tcpip           (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
19:34:02.0361 6020	Tcpip - ok
19:34:02.0392 6020	TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
19:34:02.0423 6020	TCPIP6 - ok
19:34:02.0486 6020	tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
19:34:02.0548 6020	tcpipreg - ok
19:34:02.0595 6020	TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
19:34:02.0642 6020	TDPIPE - ok
19:34:02.0688 6020	TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
19:34:02.0720 6020	TDTCP - ok
19:34:02.0751 6020	tdx             (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
19:34:02.0813 6020	tdx - ok
19:34:02.0844 6020	TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
19:34:02.0860 6020	TermDD - ok
19:34:02.0922 6020	TermService     (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
19:34:02.0969 6020	TermService - ok
19:34:03.0000 6020	Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:34:03.0032 6020	Themes - ok
19:34:03.0063 6020	THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:34:03.0094 6020	THREADORDER - ok
19:34:03.0125 6020	TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:34:03.0172 6020	TrkWks - ok
19:34:03.0234 6020	TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
19:34:03.0297 6020	TrustedInstaller - ok
19:34:03.0312 6020	tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:34:03.0344 6020	tssecsrv - ok
19:34:03.0390 6020	TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
19:34:03.0453 6020	TsUsbFlt - ok
19:34:03.0515 6020	tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
19:34:03.0562 6020	tunnel - ok
19:34:03.0609 6020	uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:34:03.0609 6020	uagp35 - ok
19:34:03.0718 6020	uCamMonitor     (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
19:34:03.0734 6020	uCamMonitor - ok
19:34:03.0796 6020	udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
19:34:03.0843 6020	udfs - ok
19:34:03.0890 6020	UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:34:03.0936 6020	UI0Detect - ok
19:34:03.0983 6020	uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
19:34:03.0999 6020	uliagpkx - ok
19:34:04.0092 6020	umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
19:34:04.0124 6020	umbus - ok
19:34:04.0155 6020	UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:34:04.0202 6020	UmPass - ok
19:34:04.0233 6020	upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:34:04.0280 6020	upnphost - ok
19:34:04.0311 6020	usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
19:34:04.0342 6020	usbaudio - ok
19:34:04.0373 6020	usbccgp         (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
19:34:04.0420 6020	usbccgp - ok
19:34:04.0451 6020	usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
19:34:04.0467 6020	usbcir - ok
19:34:04.0529 6020	usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
19:34:04.0545 6020	usbehci - ok
19:34:04.0592 6020	usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
19:34:04.0623 6020	usbhub - ok
19:34:04.0654 6020	usbohci         (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
19:34:04.0670 6020	usbohci - ok
19:34:04.0701 6020	usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:34:04.0716 6020	usbprint - ok
19:34:04.0748 6020	usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
19:34:04.0779 6020	usbscan - ok
19:34:04.0810 6020	USBSTOR         (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:34:04.0857 6020	USBSTOR - ok
19:34:04.0919 6020	usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
19:34:04.0935 6020	usbuhci - ok
19:34:04.0997 6020	usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
19:34:05.0044 6020	usbvideo - ok
19:34:05.0075 6020	UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:34:05.0122 6020	UxSms - ok
19:34:05.0262 6020	VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
19:34:05.0278 6020	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
19:34:05.0278 6020	VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
19:34:05.0387 6020	VAIO Event Service (73328c784ecfe7072bd102f370076b50) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
19:34:05.0403 6020	VAIO Event Service - ok
19:34:05.0481 6020	VAIO Power Management (45a9ae4768840830d0239b52dfdc806a) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
19:34:05.0496 6020	VAIO Power Management - ok
19:34:05.0528 6020	VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:34:05.0543 6020	VaultSvc - ok
19:34:05.0980 6020	VCFw            (0ed1d51dcec67f96cc313d02a1741cf3) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
19:34:06.0120 6020	VCFw - ok
19:34:06.0276 6020	VcmIAlzMgr      (7295a2b5795e7b8aa128e5df5a29b656) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
19:34:06.0292 6020	VcmIAlzMgr - ok
19:34:06.0370 6020	VcmXmlIfHelper  (69c36d2a7b2169c336d9ce193c9b655e) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
19:34:06.0386 6020	VcmXmlIfHelper - ok
19:34:06.0417 6020	Vcsw - ok
19:34:06.0635 6020	vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
19:34:06.0666 6020	vdrvroot - ok
19:34:06.0729 6020	vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
19:34:06.0776 6020	vds - ok
19:34:06.0822 6020	vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:34:06.0854 6020	vga - ok
19:34:06.0885 6020	VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:34:06.0916 6020	VgaSave - ok
19:34:06.0947 6020	vhdmp           (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
19:34:06.0963 6020	vhdmp - ok
19:34:06.0978 6020	viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
19:34:06.0994 6020	viaagp - ok
19:34:07.0010 6020	ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:34:07.0041 6020	ViaC7 - ok
19:34:07.0056 6020	viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
19:34:07.0072 6020	viaide - ok
19:34:07.0119 6020	volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
19:34:07.0134 6020	volmgr - ok
19:34:07.0166 6020	volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:34:07.0197 6020	volmgrx - ok
19:34:07.0244 6020	volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
19:34:07.0259 6020	volsnap - ok
19:34:07.0306 6020	vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:34:07.0322 6020	vsmraid - ok
19:34:07.0446 6020	VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
19:34:07.0571 6020	VSS - ok
19:34:07.0587 6020	vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:34:07.0618 6020	vwifibus - ok
19:34:07.0774 6020	VzCdbSvc        (79eb419f4a694b4514249e0d3db16ecf) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
19:34:07.0805 6020	VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
19:34:07.0805 6020	VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
19:34:07.0868 6020	W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:34:07.0930 6020	W32Time - ok
19:34:07.0961 6020	WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:34:07.0992 6020	WacomPen - ok
19:34:08.0055 6020	WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:34:08.0117 6020	WANARP - ok
19:34:08.0117 6020	Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:34:08.0133 6020	Wanarpv6 - ok
19:34:08.0258 6020	wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
19:34:08.0336 6020	wbengine - ok
19:34:08.0382 6020	WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:34:08.0429 6020	WbioSrvc - ok
19:34:08.0492 6020	wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
19:34:08.0538 6020	wcncsvc - ok
19:34:08.0570 6020	WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:34:08.0616 6020	WcsPlugInService - ok
19:34:08.0694 6020	Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:34:08.0710 6020	Wd - ok
19:34:08.0757 6020	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:34:08.0772 6020	Wdf01000 - ok
19:34:08.0804 6020	WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:34:08.0882 6020	WdiServiceHost - ok
19:34:08.0897 6020	WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:34:08.0913 6020	WdiSystemHost - ok
19:34:08.0960 6020	WebClient       (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
19:34:08.0991 6020	WebClient - ok
19:34:09.0100 6020	WebfettiService (98a64d4207d5957a57b3aa8e510a5bfb) C:\PROGRA~1\Webfetti\bar\2.bin\7dbarsvc.exe
19:34:09.0116 6020	WebfettiService ( UnsignedFile.Multi.Generic ) - warning
19:34:09.0116 6020	WebfettiService - detected UnsignedFile.Multi.Generic (1)
19:34:09.0178 6020	Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:34:09.0225 6020	Wecsvc - ok
19:34:09.0240 6020	wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:34:09.0287 6020	wercplsupport - ok
19:34:09.0334 6020	WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:34:09.0365 6020	WerSvc - ok
19:34:09.0412 6020	WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:34:09.0443 6020	WfpLwf - ok
19:34:09.0490 6020	WimFltr         (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:34:09.0506 6020	WimFltr - ok
19:34:09.0521 6020	WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:34:09.0537 6020	WIMMount - ok
19:34:09.0537 6020	winachsf - ok
19:34:09.0677 6020	WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:34:09.0724 6020	WinDefend - ok
19:34:09.0740 6020	WinHttpAutoProxySvc - ok
19:34:09.0818 6020	Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:34:09.0880 6020	Winmgmt - ok
19:34:09.0989 6020	WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
19:34:10.0083 6020	WinRM - ok
19:34:10.0192 6020	WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
19:34:10.0239 6020	WinUsb - ok
19:34:10.0332 6020	Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:34:10.0364 6020	Wlansvc - ok
19:34:10.0395 6020	WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
19:34:10.0410 6020	WmiAcpi - ok
19:34:10.0488 6020	wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:34:10.0535 6020	wmiApSrv - ok
19:34:10.0722 6020	WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:34:10.0769 6020	WMPNetworkSvc - ok
19:34:10.0800 6020	WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:34:10.0832 6020	WPCSvc - ok
19:34:10.0863 6020	WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
19:34:10.0894 6020	WPDBusEnum - ok
19:34:10.0941 6020	ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:34:10.0988 6020	ws2ifsl - ok
19:34:11.0019 6020	wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
19:34:11.0066 6020	wscsvc - ok
19:34:11.0066 6020	WSearch - ok
19:34:11.0237 6020	wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
19:34:11.0331 6020	wuauserv - ok
19:34:11.0487 6020	WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
19:34:11.0534 6020	WudfPf - ok
19:34:11.0565 6020	WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:34:11.0596 6020	WUDFRd - ok
19:34:11.0643 6020	wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
19:34:11.0674 6020	wudfsvc - ok
19:34:11.0721 6020	WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:34:11.0768 6020	WwanSvc - ok
19:34:11.0846 6020	yukonw7         (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys
19:34:11.0861 6020	yukonw7 - ok
19:34:11.0892 6020	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:34:12.0298 6020	\Device\Harddisk0\DR0 - ok
19:34:12.0314 6020	Boot (0x1200)   (2b905d939a30e773cfb21b98b962b1bb) \Device\Harddisk0\DR0\Partition0
19:34:12.0314 6020	\Device\Harddisk0\DR0\Partition0 - ok
19:34:12.0314 6020	============================================================
19:34:12.0314 6020	Scan finished
19:34:12.0314 6020	============================================================
19:34:12.0392 2244	Detected object count: 10
19:34:12.0392 2244	Actual detected object count: 10
19:34:35.0604 2244	EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0604 2244	EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0604 2244	EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0604 2244	EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0604 2244	hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0604 2244	hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0620 2244	hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244	hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0620 2244	NSUService ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244	NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0620 2244	PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244	PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0620 2244	RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244	RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0620 2244	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244	VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0620 2244	VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244	VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:34:35.0620 2244	WebfettiService ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244	WebfettiService ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 25.06.2012, 07:52

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

magicfortune · 25.06.2012, 10:10

So hier ist der Combofix log

Code:

ATTFilter

ComboFix 12-06-25.02 - Désirée 25.06.2012  10:55:55.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3039.1682 [GMT 2:00]
ausgeführt von:: c:\users\DÚsirÚe\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Webfetti\bar\2.bin\7dBAr.dll
c:\programdata\Roaming
c:\users\Désirée\Kq1vga41c.exe
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
c:\windows\system32\SET560C.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-05-25 bis 2012-06-25  ))))))))))))))))))))))))))))))
.
.
2012-06-25 09:04 . 2012-06-25 09:04	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-06-25 08:47 . 2012-06-25 08:47	--------	d-----w-	C:\c30a2a61f5015bb8fe48004e
2012-06-23 17:24 . 2012-06-25 08:59	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C4BD307-405B-41EF-9691-60466410D2AE}\offreg.dll
2012-06-23 17:06 . 2012-06-23 17:06	476936	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-06-23 07:45 . 2012-05-31 03:41	6762896	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C4BD307-405B-41EF-9691-60466410D2AE}\mpengine.dll
2012-06-23 07:27 . 2012-06-23 07:27	--------	d-----w-	C:\fe76a9076969f8e450ab0fd38fee7b
2012-06-23 07:27 . 2012-06-23 07:27	--------	d-----w-	c:\windows\CheckSur
2012-06-21 18:04 . 2012-06-21 18:04	770384	----a-w-	c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-21 18:04 . 2012-06-21 18:04	421200	----a-w-	c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-21 17:58 . 2012-06-02 22:19	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-21 17:58 . 2012-06-02 22:19	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-21 17:58 . 2012-06-02 22:19	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-21 17:58 . 2012-06-02 22:12	2422272	----a-w-	c:\windows\system32\wucltux.dll
2012-06-21 17:57 . 2012-06-02 13:19	171904	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-21 17:57 . 2012-06-02 13:12	33792	----a-w-	c:\windows\system32\wuapp.exe
2012-06-20 15:08 . 2012-06-20 15:08	--------	d-----w-	C:\found.000
2012-06-20 14:29 . 2012-06-20 14:29	--------	d-----w-	C:\_OTL
2012-06-14 19:48 . 2012-06-14 19:48	--------	d-----w-	c:\users\Désirée\AppData\Local\Macromedia
2012-06-13 18:01 . 2012-04-28 03:17	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-12 15:59 . 2012-06-12 15:59	--------	d-----w-	c:\program files\ESET
2012-06-10 18:23 . 2012-06-10 18:23	--------	d-----w-	c:\users\Désirée\AppData\Roaming\Avira
2012-06-10 18:17 . 2012-04-16 19:17	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-06-10 18:17 . 2012-04-27 08:20	137928	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-06-10 18:17 . 2012-04-24 22:32	83392	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-06-10 18:17 . 2012-06-10 18:17	--------	d-----w-	c:\programdata\Avira
2012-06-10 18:17 . 2012-06-10 18:17	--------	d-----w-	c:\program files\Avira
2012-06-10 14:56 . 2012-06-10 14:56	--------	d-----w-	c:\users\Désirée\AppData\Roaming\Malwarebytes
2012-06-10 14:56 . 2012-06-10 14:56	--------	d-----w-	c:\programdata\Malwarebytes
2012-06-10 14:56 . 2012-06-10 14:56	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-06-10 14:56 . 2012-04-04 13:56	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 17:06 . 2010-05-02 19:13	472840	----a-w-	c:\windows\system32\deployJava1.dll
2012-06-23 17:04 . 2012-04-12 19:44	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-06-23 17:04 . 2011-06-15 21:42	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-31 04:39 . 2012-05-12 08:55	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-12 08:55	3913072	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-30 10:23 . 2012-05-12 08:55	1291632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-03-08 18:50 . 2012-03-08 18:50	8862099	----a-w-	c:\program files\Setup_MHRemake.exe
2012-06-21 18:05 . 2011-04-09 18:24	85472	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-30 20:10 . 2010-07-30 20:10	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-12-21 274432]
"DriverScanner"="c:\program files\Uniblue\DriverScanner\launcher.exe" [2011-05-16 338296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2009-04-13 155648]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-06 6703648]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-06 1833504]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-12-18 317288]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-06-17 26624]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752]
"mumservice"="c:\program files\Motorola\Software Update\mumservice.exe" [2011-02-02 1066304]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Désirée\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-3-1 789032]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-01-19 10:49	98304	------w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
.
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-12-19 415592]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [2007-08-06 94720]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-30 30192]
R3 hxctlflt;hxctlflt;c:\windows\system32\DRIVERS\hxctlflt.sys [2009-02-09 99968]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-21 113120]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-02-05 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-02-05 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-02-05 390440]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-02-05 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-02-05 91432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-01-16 83240]
R4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [2009-09-14 153600]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2009-09-14 121856]
S2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [2011-08-10 227184]
S2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2008-12-21 303104]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2009-01-06 109088]
S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-01-19 394536]
S2 WebfettiService;Webfetti Service;c:\progra~1\Webfetti\bar\2.bin\7dbarsvc.exe [2011-04-02 36864]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-10 29736]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-11-19 9344]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 yukonw7;NDIS6.2-Miniporttreiber für Marvell Yukon-Ethernet-Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 24769774
*Deregistered* - 24769774
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 17:04]
.
2012-06-24 c:\windows\Tasks\DriverScanner.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2011-08-03 09:22]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://home.sweetim.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Désirée\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
Handler: webwebweb - {879506D7-73DF-8D45-BBDD-123467926D12} - 
FF - ProfilePath - c:\users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=CDS&o=16225&locale=en_US&apn_uid=6789FF94-1B5C-418F-AB67-D056611F19BA&apn_ptnrs=QQ&apn_sauid=B0654D97-0C66-4B09-B061-B47EE50BE6D3&apn_dtid=YYYYYYYYDE&&q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll
URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - c:\program files\Winamp Toolbar\winamptb.dll
URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000004
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-06-25  11:07:21
ComboFix-quarantined-files.txt  2012-06-25 09:07
.
Vor Suchlauf: 15 Verzeichnis(se), 219.246.903.296 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 219.706.195.968 Bytes frei
.
- - End Of File - - 03A80E941127607E1C65280131679266

mfg
magicfortune

cosinus · 25.06.2012, 12:09

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

magicfortune · 25.06.2012, 13:26

So hier erstmal das GMER Log

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-06-25 14:23:14
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0
Running: 6jb2pnmk.exe; Driver: C:\Users\DSIRE~1\AppData\Local\Temp\kxdiifod.sys


---- System - GMER 1.0.15 ----

SSDT   905D4DBE                                                                                           ZwCreateSection
SSDT   905D4DC8                                                                                           ZwRequestWaitReplyPort
SSDT   905D4DC3                                                                                           ZwSetContextThread
SSDT   905D4DCD                                                                                           ZwSetSecurityObject
SSDT   905D4DD2                                                                                           ZwSystemDebugControl
SSDT   905D4D5F                                                                                           ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 140D                                                           834403C9 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                             83479D52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11F7                                                                83480EAC 4 Bytes  [BE, 4D, 5D, 90]
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1553                                                                83481208 4 Bytes  [C8, 4D, 5D, 90] {ENTER 0x5d4d, 0x90}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1597                                                                8348124C 4 Bytes  [C3, 4D, 5D, 90] {RET ; DEC EBP; POP EBP; NOP }
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1613                                                                834812C8 4 Bytes  [CD, 4D, 5D, 90] {INT 0x4d; POP EBP; NOP }
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1667                                                                8348131C 4 Bytes  [D2, 4D, 5D, 90] {ROR BYTE [EBP+0x5d], CL; NOP }
.text  ...                                                                                                
.text  C:\Windows\system32\DRIVERS\atikmdag.sys                                                           section is writeable [0x91E1A000, 0x2D5378, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                    [741424CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]               [7412562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]              [741256EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                     [74142546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]           [741385AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]             [74134D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]            [74135105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]           [741351DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]  [74136707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]            [74138301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]       [74138850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]     [741390B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]           [7413E254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]               [74134C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002433d377d6                        
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002433d377d6@0017e6f42513           0xDB 0xB4 0x05 0xC5 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings                          
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002433d377d6 (not active ControlSet)    
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002433d377d6@0017e6f42513               0xDB 0xB4 0x05 0xC5 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)      

---- EOF - GMER 1.0.15 ----

So und hier das osam log

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 14:40:35 on 25.06.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 13.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - c:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"DriverScanner.job" - "Uniblue Systems Limited" - C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"iproset.cpl" - "Intel(R) Corporation" - C:\Windows\system32\iproset.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"PROSet Tools" - "Intel(R) Corporation" - C:\Windows\System32\iPROSet.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\DSIRE~1\AppData\Local\Temp\catchme.sys  (File not found)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"HSF_DPV" (HSF_DPV) - ? - C:\Windows\System32\DRIVERS\HSX_DPV.sys  (File not found)
"HSXHWAZL" (HSXHWAZL) - ? - C:\Windows\System32\DRIVERS\HSXHWAZL.sys  (File not found)
"kxdiifod" (kxdiifod) - ? - C:\Users\DSIRE~1\AppData\Local\Temp\kxdiifod.sys  (Hidden registry entry, rootkit activity | File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"mdmxsdk" (mdmxsdk) - ? - C:\Windows\System32\DRIVERS\mdmxsdk.sys  (File not found)
"MotCcgpFlService" (motccgpfl) - ? - C:\Windows\System32\DRIVERS\motccgpfl.sys  (File not found)
"Motorola Inc. USB Device" (MotDev) - ? - C:\Windows\System32\DRIVERS\motodrv.sys  (File not found)
"Motorola USB Composite Device Driver" (motccgp) - ? - C:\Windows\System32\DRIVERS\motccgp.sys  (File not found)
"regi" (regi) - "InterVideo" - C:\Windows\System32\drivers\regi.sys
"Sony DMI Call service" (DMICall) - "Sony Corporation" - C:\Windows\System32\DRIVERS\DMICall.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys
"winachsf" (winachsf) - ? - C:\Windows\System32\DRIVERS\HSX_CNXT.sys  (File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{0561EC90-CE54-4f0c-9C55-E226110A740C} "{0561EC90-CE54-4f0c-9C55-E226110A740C}" - ? -   (File not found | COM-object registry key not found)
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{B658800C-F66E-4EF3-AB85-6C0C227862A9} "ViProtocolOLE Class" - ? - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
{879506D7-73DF-8D45-BBDD-123467926D12} "Webwebweb Pluggable Protocol" - ? - C:\Program Files\WebWebWeb\Plugin\Version_449\link64_plugin.dll  (File not found)
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Exctractor" - ? -   (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{6F5C0F40-1419-4DC8-8D2F-D5EC5FCF07AB} "Sprint.ExplorerIntegration.9" - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Integration\SprintIntegration.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
 "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? -   (File not found | COM-object registry key not found)
{855F3B16-6D32-4fe6-8A56-BBB695989046} "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_33.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
"PokerStars.net" - "PokerStars" - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "AVG Security Toolbar" - ? - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{95B7759C-8C7F-4BF1-B163-73684A933233} "AVG Security Toolbar" - ? - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} "FastestTubeBHO Class" - "Kwizzu" - C:\Program Files\FastestTube\1.2.12\WombatBHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" - ? -   (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Désirée\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"OpenOffice.org 3.3.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
"Bluetooth.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"DriverScanner" - "Uniblue Systems Limited" - "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 
"NSUFloatingUI" - "Sony Corporation" - "C:\Program Files\Sony\Network Utility\LANUtil.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"EEventManager" - "SEIKO EPSON CORPORATION" - "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"HP Software Update" - "Hewlett-Packard Co." - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
"ISBMgr.exe" - ? - "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools" - "Sony Corporation" - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
"mumservice" - "Motorola" - C:\Program Files\Motorola\Software Update\mumservice.exe
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SweetIM" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Messenger\SweetIM.exe
"vProt" - ? - "C:\Program Files\AVG Secure Search\vprot.exe"
"WinampAgent" - "Nullsoft, Inc." - "C:\Program Files\Winamp\winampa.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"EpsonNet Print Port" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\enppmon.dll
"LIDIL hpzlllhn" - "Hewlett-Packard Company" - C:\Windows\system32\hpzlllhn.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ABBYY FineReader 9.0 Sprint Licensing Service" (ABBYY.Licensing.FineReader.Sprint.9.0) - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
"CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
"EpsonBidirectionalService" (EpsonBidirectionalService) - "SEIKO EPSON CORPORATION" - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
"Intel® PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
"Intel® PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
"IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"MotoHelper Service" (MotoHelper) - ? - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"NSUService" (NSUService) - "Sony Corporation" - C:\Program Files\sony\Network Utility\NSUService.exe
"PACSPTISVR" (PACSPTISVR) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
"VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
"VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
"VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
"VAIO Entertainment Database Service" (VzCdbSvc) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
"VAIO Entertainment TV Device Arbitration Service" (VAIO Entertainment TV Device Arbitration Service) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
"VAIO Entertainment UPnP Client Adapter" (Vcsw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
"VAIO Media plus Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
"VAIO Media plus Database Manager" (SOHDBSvr) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
"VAIO Media plus Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
"VAIO Media plus Digital Media Server" (SOHDms) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
"VAIO Media plus Playlist Manager" (SOHPlMgr) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
"VAIO Power Management" (VAIO Power Management) - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
"vToolbarUpdater11.1.0" (vToolbarUpdater11.1.0) - ? - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
"Webfetti Service" (WebfettiService) - "Webfetti" - C:\PROGRA~1\Webfetti\bar\2.bin\7dbarsvc.exe
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"VESWinlogon" - "Sony Corporation" - C:\Windows\system32\VESWinlogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus · 25.06.2012, 14:48

ok fehlt noch aswMBR

magicfortune · 25.06.2012, 15:24

Und hier endlich das aswlog

Code:

ATTFilter

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-25 14:43:04
-----------------------------
14:43:04.440    OS Version: Windows 6.1.7601 Service Pack 1
14:43:04.440    Number of processors: 2 586 0x170A
14:43:04.440    ComputerName: DÉSIRÉE-PC  UserName: Désirée
14:43:05.750    Initialize success
14:44:09.392    AVAST engine defs: 12062500
14:46:05.391    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:46:05.395    Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
14:46:05.398    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000069
14:46:05.401    Disk 1 Vendor: RICOH 01 Size: 305245MB BusType: 0
14:46:05.404    Disk 2  \Device\Harddisk2\DR2 -> \Device\0000006a
14:46:05.407    Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
14:46:05.504    Disk 0 MBR read successfully
14:46:05.511    Disk 0 MBR scan
14:46:05.581    Disk 0 Windows 7 default MBR code
14:46:05.696    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10436 MB offset 2048
14:46:05.766    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       294807 MB offset 21374976
14:46:05.827    Disk 0 scanning sectors +625140400
14:46:06.252    Disk 0 scanning C:\Windows\system32\drivers
14:47:34.663    Service scanning
14:48:19.384    Modules scanning
14:50:06.320    Disk 0 trace - called modules:
14:50:06.367    
14:50:07.724    AVAST engine scan C:\Windows
14:51:50.778    AVAST engine scan C:\Windows\system32
15:14:44.033    AVAST engine scan C:\Windows\system32\drivers
15:16:52.405    AVAST engine scan C:\Users\Désirée
15:56:40.568    AVAST engine scan C:\ProgramData
15:59:00.326    Scan finished successfully
16:22:56.608    Disk 0 MBR has been saved successfully to "C:\Users\Désirée\Desktop\MBR.dat"
16:22:56.616    The log file has been saved successfully to "C:\Users\Désirée\Desktop\aswMBR.txt"

cosinus · 25.06.2012, 16:13

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

21.06.2012, 19:47	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Computer Verschlüsselungstrojaner Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus. __________________ Logfiles bitte immer in CODE-Tags posten

25.06.2012, 14:48	#28
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Computer Verschlüsselungstrojaner ok fehlt noch aswMBR __________________ Logfiles bitte immer in CODE-Tags posten

25.06.2012, 16:13	#30
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Computer Verschlüsselungstrojaner Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

Computer Verschlüsselungstrojaner

Plagegeister aller Art und deren Bekämpfung: Computer Verschlüsselungstrojaner