Werbeanzeigen in Facebook Profil & AudioWerbung wenn Browser geöffnet (Trojan.BHO)(Rootkit.Agent)

wertzu56 · 08.07.2012, 22:15

Hallo,

Habe das Problem das im Facebookprofil vermehrt Werbeanzeigen mitten unter den Einträgen von Freunden standen. (hauptsächlich im oberen Teil)
Habe dieses Problem nur wenn ich mich von einem bestimmten Computer bei Facebook anmelde, bei einem anderen Computer erscheinen diese Anzeigen nicht

Außerdem wurde plötzlich eine Audio Abspielung mit Werbung gestartet wenn der Browser länger geöffnet war.

Avira-DE-Cleaner laufen gelassen,
Avira Free Antivirus hat nichts gefunden...
habe mir Malwarebytes runtergeladen und einige infizierte Dateien gefunden.

Infizierte Registrierungsschlüssel: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vfd-ob (Rootkit.Agent) -> Keine Aktion durchgeführt.
HKCR\bho_project.bho_object (Trojan.BHO) -> Keine Aktion durchgeführt.
HKCR\bho_project.bho_object.1 (Trojan.BHO) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Keine Aktion durchgeführt.
Infizierte Dateien: 3
C:\Program Files\Foto Mosaik Edda\SoftonicDownloader_fuer_foto-mosaik-edda.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\intellidownload\vfd.exe (Rootkit.Agent) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\OApps\vfd-ob_uninstall.exe (Rootkit.Agent) -> Keine Aktion durchgeführt.

habe die gefundenen Dateien dann in die Quarantäne verschoben.
habe ebenfalls defogger und OTL laufen lassen.

Wie soll ich nun weiter vorgehen bzw. welche Auswirkungen hatten die Dateien auf meinen Computer bzw. sollte ich sämtlich Passwörter ändern etc.?

Durch das Verschieben der Dateien in die Quaratäne besteht dass Problem mit den Werbeanzeigen noch immer, Audiabspielung könnte behoben sein?

Logs im Anhang

Vielen Dank im Voraus

markusg · 10.07.2012, 19:04

hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

wertzu56 · 10.07.2012, 20:05

Hallo

vielen dank für die Antwort

hier das Log

Code:

ATTFilter

20:50:43.0260 2340	TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
20:50:43.0410 2340	============================================================
20:50:43.0410 2340	Current date / time: 2012/07/10 20:50:43.0410
20:50:43.0410 2340	SystemInfo:
20:50:43.0410 2340	
20:50:43.0410 2340	OS Version: 6.1.7601 ServicePack: 1.0
20:50:43.0410 2340	Product type: Workstation
20:50:43.0420 2340	ComputerName: SCHLEPPDEPP
20:50:43.0420 2340	UserName: Eva
20:50:43.0420 2340	Windows directory: C:\Windows
20:50:43.0420 2340	System windows directory: C:\Windows
20:50:43.0420 2340	Running under WOW64
20:50:43.0420 2340	Processor architecture: Intel x64
20:50:43.0420 2340	Number of processors: 4
20:50:43.0420 2340	Page size: 0x1000
20:50:43.0420 2340	Boot type: Normal boot
20:50:43.0420 2340	============================================================
20:50:44.0090 2340	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:50:44.0100 2340	============================================================
20:50:44.0100 2340	\Device\Harddisk0\DR0:
20:50:44.0100 2340	MBR partitions:
20:50:44.0100 2340	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xEE1000, BlocksNum 0x32800
20:50:44.0100 2340	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF13800, BlocksNum 0x39472830
20:50:44.0100 2340	============================================================
20:50:44.0140 2340	C: <-> \Device\Harddisk0\DR0\Partition1
20:50:44.0140 2340	============================================================
20:50:44.0140 2340	Initialize success
20:50:44.0140 2340	============================================================
20:51:46.0865 4472	============================================================
20:51:46.0865 4472	Scan started
20:51:46.0865 4472	Mode: Manual; SigCheck; TDLFS; 
20:51:46.0865 4472	============================================================
20:51:48.0472 4472	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:51:48.0565 4472	1394ohci - ok
20:51:48.0643 4472	ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:51:48.0690 4472	ACDaemon - ok
20:51:48.0784 4472	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:51:48.0815 4472	ACPI - ok
20:51:48.0862 4472	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:51:48.0909 4472	AcpiPmi - ok
20:51:49.0033 4472	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:51:49.0065 4472	AdobeARMservice - ok
20:51:49.0143 4472	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:51:49.0189 4472	adp94xx - ok
20:51:49.0252 4472	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:51:49.0283 4472	adpahci - ok
20:51:49.0314 4472	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:51:49.0330 4472	adpu320 - ok
20:51:49.0361 4472	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:51:49.0423 4472	AeLookupSvc - ok
20:51:49.0501 4472	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:51:49.0548 4472	AFD - ok
20:51:49.0595 4472	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:51:49.0626 4472	agp440 - ok
20:51:49.0657 4472	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:51:49.0704 4472	ALG - ok
20:51:49.0767 4472	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:51:49.0782 4472	aliide - ok
20:51:49.0813 4472	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:51:49.0845 4472	amdide - ok
20:51:49.0891 4472	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:51:49.0985 4472	AmdK8 - ok
20:51:50.0016 4472	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:51:50.0032 4472	AmdPPM - ok
20:51:50.0079 4472	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:51:50.0110 4472	amdsata - ok
20:51:50.0157 4472	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:51:50.0188 4472	amdsbs - ok
20:51:50.0203 4472	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:51:50.0219 4472	amdxata - ok
20:51:50.0391 4472	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:51:50.0422 4472	AntiVirSchedulerService - ok
20:51:50.0437 4472	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:51:50.0469 4472	AntiVirService - ok
20:51:50.0515 4472	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:51:50.0578 4472	AppID - ok
20:51:50.0609 4472	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:51:50.0640 4472	AppIDSvc - ok
20:51:50.0703 4472	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:51:50.0749 4472	Appinfo - ok
20:51:50.0874 4472	Apple Mobile Device (018857ead9a077a56aedfc0e5ef7a24a) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:51:50.0890 4472	Apple Mobile Device - ok
20:51:50.0921 4472	AppMgmt         (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
20:51:50.0983 4472	AppMgmt - ok
20:51:51.0015 4472	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:51:51.0030 4472	arc - ok
20:51:51.0077 4472	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:51:51.0108 4472	arcsas - ok
20:51:51.0124 4472	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:51:51.0155 4472	AsyncMac - ok
20:51:51.0217 4472	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:51:51.0249 4472	atapi - ok
20:51:51.0373 4472	athr            (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
20:51:51.0483 4472	athr - ok
20:51:51.0732 4472	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:51:51.0826 4472	AudioEndpointBuilder - ok
20:51:51.0826 4472	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:51:51.0857 4472	AudioSrv - ok
20:51:51.0935 4472	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
20:51:51.0966 4472	avgntflt - ok
20:51:51.0982 4472	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
20:51:51.0997 4472	avipbb - ok
20:51:52.0013 4472	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
20:51:52.0044 4472	avkmgr - ok
20:51:52.0107 4472	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:51:52.0185 4472	AxInstSV - ok
20:51:52.0247 4472	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:51:52.0309 4472	b06bdrv - ok
20:51:52.0341 4472	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:51:52.0372 4472	b57nd60a - ok
20:51:52.0528 4472	BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
20:51:52.0559 4472	BcmSqlStartupSvc - ok
20:51:52.0590 4472	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:51:52.0637 4472	BDESVC - ok
20:51:52.0653 4472	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:51:52.0699 4472	Beep - ok
20:51:52.0809 4472	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:51:52.0887 4472	BFE - ok
20:51:52.0996 4472	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:51:53.0043 4472	BITS - ok
20:51:53.0105 4472	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
20:51:53.0136 4472	blbdrive - ok
20:51:53.0277 4472	Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:51:53.0308 4472	Bonjour Service - ok
20:51:53.0355 4472	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:51:53.0386 4472	bowser - ok
20:51:53.0417 4472	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:51:53.0448 4472	BrFiltLo - ok
20:51:53.0464 4472	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:51:53.0479 4472	BrFiltUp - ok
20:51:53.0542 4472	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:51:53.0620 4472	Browser - ok
20:51:53.0698 4472	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:51:53.0760 4472	Brserid - ok
20:51:53.0776 4472	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:51:53.0807 4472	BrSerWdm - ok
20:51:53.0838 4472	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:51:53.0885 4472	BrUsbMdm - ok
20:51:53.0916 4472	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:51:53.0947 4472	BrUsbSer - ok
20:51:53.0994 4472	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:51:54.0072 4472	BthEnum - ok
20:51:54.0103 4472	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:51:54.0228 4472	BTHMODEM - ok
20:51:54.0275 4472	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:51:54.0322 4472	BthPan - ok
20:51:54.0415 4472	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
20:51:54.0493 4472	BTHPORT - ok
20:51:54.0540 4472	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:51:54.0603 4472	bthserv - ok
20:51:54.0649 4472	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:51:54.0681 4472	BTHUSB - ok
20:51:54.0696 4472	btusbflt        (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
20:51:54.0727 4472	btusbflt - ok
20:51:54.0743 4472	btwaudio        (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
20:51:54.0759 4472	btwaudio - ok
20:51:54.0805 4472	btwavdt         (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
20:51:54.0837 4472	btwavdt - ok
20:51:54.0946 4472	btwdins         (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:51:54.0993 4472	btwdins - ok
20:51:55.0024 4472	btwl2cap        (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:51:55.0039 4472	btwl2cap - ok
20:51:55.0071 4472	btwrchid        (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
20:51:55.0086 4472	btwrchid - ok
20:51:55.0133 4472	CAXHWAZL        (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
20:51:55.0180 4472	CAXHWAZL - ok
20:51:55.0211 4472	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:51:55.0273 4472	cdfs - ok
20:51:55.0336 4472	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:51:55.0383 4472	cdrom - ok
20:51:55.0429 4472	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:51:55.0523 4472	CertPropSvc - ok
20:51:55.0554 4472	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:51:55.0585 4472	circlass - ok
20:51:55.0648 4472	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:51:55.0679 4472	CLFS - ok
20:51:55.0757 4472	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:51:55.0788 4472	clr_optimization_v2.0.50727_32 - ok
20:51:55.0835 4472	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:51:55.0851 4472	clr_optimization_v2.0.50727_64 - ok
20:51:55.0975 4472	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:51:56.0038 4472	clr_optimization_v4.0.30319_32 - ok
20:51:56.0085 4472	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:51:56.0100 4472	clr_optimization_v4.0.30319_64 - ok
20:51:56.0131 4472	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:51:56.0147 4472	CmBatt - ok
20:51:56.0209 4472	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:51:56.0241 4472	cmdide - ok
20:51:56.0319 4472	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:51:56.0381 4472	CNG - ok
20:51:56.0412 4472	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:51:56.0428 4472	Compbatt - ok
20:51:56.0475 4472	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:51:56.0506 4472	CompositeBus - ok
20:51:56.0521 4472	COMSysApp - ok
20:51:56.0553 4472	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:51:56.0568 4472	crcdisk - ok
20:51:56.0631 4472	CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
20:51:56.0677 4472	CryptSvc - ok
20:51:56.0755 4472	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:51:56.0802 4472	CSC - ok
20:51:56.0865 4472	CscService      (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
20:51:56.0896 4472	CscService - ok
20:51:57.0005 4472	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:51:57.0067 4472	DcomLaunch - ok
20:51:57.0114 4472	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:51:57.0255 4472	defragsvc - ok
20:51:57.0348 4472	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:51:57.0426 4472	DfsC - ok
20:51:57.0489 4472	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:51:57.0582 4472	Dhcp - ok
20:51:57.0613 4472	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:51:57.0660 4472	discache - ok
20:51:57.0676 4472	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:51:57.0691 4472	Disk - ok
20:51:57.0754 4472	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:51:57.0801 4472	Dnscache - ok
20:51:57.0879 4472	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:51:57.0941 4472	dot3svc - ok
20:51:58.0003 4472	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:51:58.0050 4472	DPS - ok
20:51:58.0081 4472	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:51:58.0144 4472	drmkaud - ok
20:51:58.0253 4472	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:51:58.0300 4472	DXGKrnl - ok
20:51:58.0347 4472	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:51:58.0393 4472	EapHost - ok
20:51:58.0674 4472	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:51:58.0861 4472	ebdrv - ok
20:51:59.0017 4472	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:51:59.0049 4472	EFS - ok
20:51:59.0173 4472	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:51:59.0251 4472	ehRecvr - ok
20:51:59.0283 4472	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:51:59.0329 4472	ehSched - ok
20:51:59.0423 4472	ElbyCDIO        (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
20:51:59.0439 4472	ElbyCDIO - ok
20:51:59.0501 4472	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:51:59.0548 4472	elxstor - ok
20:51:59.0595 4472	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:51:59.0610 4472	ErrDev - ok
20:51:59.0673 4472	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:51:59.0719 4472	EventSystem - ok
20:51:59.0875 4472	EvtEng          (51643ee2712d9212e1e53ca7e8d8eb4a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:51:59.0922 4472	EvtEng - ok
20:52:00.0078 4472	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:52:00.0141 4472	exfat - ok
20:52:00.0219 4472	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:52:00.0281 4472	fastfat - ok
20:52:00.0375 4472	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:52:00.0484 4472	Fax - ok
20:52:00.0515 4472	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:52:00.0531 4472	fdc - ok
20:52:00.0609 4472	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:52:00.0702 4472	fdPHost - ok
20:52:00.0733 4472	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:52:00.0796 4472	FDResPub - ok
20:52:00.0843 4472	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:52:00.0858 4472	FileInfo - ok
20:52:00.0874 4472	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:52:00.0905 4472	Filetrace - ok
20:52:00.0921 4472	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:52:00.0952 4472	flpydisk - ok
20:52:01.0061 4472	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:52:01.0108 4472	FltMgr - ok
20:52:01.0248 4472	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:52:01.0342 4472	FontCache - ok
20:52:01.0435 4472	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:52:01.0451 4472	FontCache3.0.0.0 - ok
20:52:01.0529 4472	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:52:01.0560 4472	FsDepends - ok
20:52:01.0607 4472	fssfltr         (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
20:52:01.0623 4472	fssfltr - ok
20:52:01.0747 4472	fsssvc          (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:52:01.0794 4472	fsssvc - ok
20:52:01.0841 4472	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:52:01.0872 4472	Fs_Rec - ok
20:52:01.0935 4472	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:52:01.0966 4472	fvevol - ok
20:52:01.0997 4472	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:52:02.0013 4472	gagp30kx - ok
20:52:02.0059 4472	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:52:02.0091 4472	GEARAspiWDM - ok
20:52:02.0184 4472	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:52:02.0247 4472	gpsvc - ok
20:52:02.0325 4472	gupdate         (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:52:02.0340 4472	gupdate - ok
20:52:02.0356 4472	gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:52:02.0371 4472	gupdatem - ok
20:52:02.0403 4472	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:52:02.0434 4472	hcw85cir - ok
20:52:02.0512 4472	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:52:02.0559 4472	HdAudAddService - ok
20:52:02.0574 4472	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:52:02.0590 4472	HDAudBus - ok
20:52:02.0637 4472	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
20:52:02.0652 4472	HECIx64 - ok
20:52:02.0683 4472	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:52:02.0715 4472	HidBatt - ok
20:52:02.0793 4472	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:52:02.0824 4472	HidBth - ok
20:52:02.0855 4472	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:52:02.0902 4472	HidIr - ok
20:52:02.0949 4472	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:52:03.0058 4472	hidserv - ok
20:52:03.0105 4472	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:52:03.0136 4472	HidUsb - ok
20:52:03.0183 4472	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:52:03.0229 4472	hkmsvc - ok
20:52:03.0292 4472	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:52:03.0323 4472	HomeGroupListener - ok
20:52:03.0448 4472	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:52:03.0479 4472	HomeGroupProvider - ok
20:52:03.0526 4472	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:52:03.0557 4472	HpSAMD - ok
20:52:03.0713 4472	HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
20:52:03.0760 4472	HsfXAudioService - ok
20:52:03.0931 4472	HSF_DPV         (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
20:52:04.0009 4472	HSF_DPV - ok
20:52:04.0197 4472	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:52:04.0259 4472	HTTP - ok
20:52:04.0306 4472	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:52:04.0321 4472	hwpolicy - ok
20:52:04.0384 4472	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:52:04.0415 4472	i8042prt - ok
20:52:04.0477 4472	iaStor          (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
20:52:04.0509 4472	iaStor - ok
20:52:04.0587 4472	IAStorDataMgrSvc (cc800d2d9fd467542bac7c186c4774ad) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:52:04.0602 4472	IAStorDataMgrSvc - ok
20:52:04.0680 4472	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:52:04.0727 4472	iaStorV - ok
20:52:04.0821 4472	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:52:04.0836 4472	IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:52:04.0836 4472	IDriverT - detected UnsignedFile.Multi.Generic (1)
20:52:04.0961 4472	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:52:05.0055 4472	idsvc - ok
20:52:05.0616 4472	igfx            (2835c0808ba40fa8bc141e6015eb2414) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:52:05.0866 4472	igfx - ok
20:52:05.0991 4472	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:52:06.0022 4472	iirsp - ok
20:52:06.0131 4472	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:52:06.0209 4472	IKEEXT - ok
20:52:06.0240 4472	Impcd           (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
20:52:06.0271 4472	Impcd - ok
20:52:06.0490 4472	IntcAzAudAddService (9526f32b8a76f8dc25a1587400e30084) C:\Windows\system32\drivers\RTKVHD64.sys
20:52:06.0568 4472	IntcAzAudAddService - ok
20:52:06.0693 4472	IntcDAud        (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:52:06.0724 4472	IntcDAud - ok
20:52:06.0817 4472	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:52:06.0849 4472	intelide - ok
20:52:06.0895 4472	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
20:52:06.0927 4472	intelppm - ok
20:52:06.0989 4472	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:52:07.0051 4472	IPBusEnum - ok
20:52:07.0098 4472	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:52:07.0207 4472	IpFilterDriver - ok
20:52:07.0301 4472	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:52:07.0348 4472	iphlpsvc - ok
20:52:07.0395 4472	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:52:07.0426 4472	IPMIDRV - ok
20:52:07.0504 4472	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:52:07.0551 4472	IPNAT - ok
20:52:07.0691 4472	iPod Service    (e94503089df8976f5c4c9d5168e9765f) C:\Program Files\iPod\bin\iPodService.exe
20:52:07.0738 4472	iPod Service - ok
20:52:07.0785 4472	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:52:07.0816 4472	IRENUM - ok
20:52:07.0878 4472	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:52:07.0894 4472	isapnp - ok
20:52:07.0956 4472	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:52:07.0987 4472	iScsiPrt - ok
20:52:08.0003 4472	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:52:08.0019 4472	kbdclass - ok
20:52:08.0081 4472	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:52:08.0128 4472	kbdhid - ok
20:52:08.0190 4472	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:52:08.0206 4472	KeyIso - ok
20:52:08.0268 4472	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:52:08.0299 4472	KSecDD - ok
20:52:08.0377 4472	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:52:08.0409 4472	KSecPkg - ok
20:52:08.0424 4472	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:52:08.0487 4472	ksthunk - ok
20:52:08.0565 4472	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:52:08.0658 4472	KtmRm - ok
20:52:08.0689 4472	L1C             (b4a3a05b0f9c81d098b96ab6aa915042) C:\Windows\system32\DRIVERS\L1C62x64.sys
20:52:08.0736 4472	L1C - ok
20:52:08.0814 4472	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:52:08.0877 4472	LanmanServer - ok
20:52:08.0939 4472	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:52:09.0001 4472	LanmanWorkstation - ok
20:52:09.0017 4472	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:52:09.0048 4472	lltdio - ok
20:52:09.0142 4472	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:52:09.0251 4472	lltdsvc - ok
20:52:09.0282 4472	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:52:09.0313 4472	lmhosts - ok
20:52:09.0391 4472	LMS             (d0e7ff91b52fe9fd2f9522b91f27cb09) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:52:09.0423 4472	LMS - ok
20:52:09.0469 4472	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:52:09.0501 4472	LSI_FC - ok
20:52:09.0516 4472	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:52:09.0532 4472	LSI_SAS - ok
20:52:09.0563 4472	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:52:09.0579 4472	LSI_SAS2 - ok
20:52:09.0594 4472	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:52:09.0610 4472	LSI_SCSI - ok
20:52:09.0641 4472	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:52:09.0766 4472	luafv - ok
20:52:09.0813 4472	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:52:09.0844 4472	Mcx2Svc - ok
20:52:09.0859 4472	mdmxsdk         (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:52:09.0875 4472	mdmxsdk - ok
20:52:09.0891 4472	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:52:09.0906 4472	megasas - ok
20:52:09.0953 4472	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:52:09.0984 4472	MegaSR - ok
20:52:10.0015 4472	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:52:10.0062 4472	MMCSS - ok
20:52:10.0093 4472	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:52:10.0218 4472	Modem - ok
20:52:10.0249 4472	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:52:10.0281 4472	monitor - ok
20:52:10.0343 4472	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:52:10.0359 4472	mouclass - ok
20:52:10.0405 4472	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:52:10.0421 4472	mouhid - ok
20:52:10.0468 4472	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:52:10.0483 4472	mountmgr - ok
20:52:10.0608 4472	MozillaMaintenance (6380ff81dd4d78b23398752d2f46ea43) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:52:10.0639 4472	MozillaMaintenance - ok
20:52:10.0702 4472	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:52:10.0733 4472	mpio - ok
20:52:10.0764 4472	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:52:10.0811 4472	mpsdrv - ok
20:52:10.0920 4472	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:52:10.0998 4472	MpsSvc - ok
20:52:11.0061 4472	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:52:11.0092 4472	MRxDAV - ok
20:52:11.0154 4472	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:52:11.0201 4472	mrxsmb - ok
20:52:11.0279 4472	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:52:11.0310 4472	mrxsmb10 - ok
20:52:11.0373 4472	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:52:11.0404 4472	mrxsmb20 - ok
20:52:11.0451 4472	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:52:11.0466 4472	msahci - ok
20:52:11.0529 4472	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:52:11.0560 4472	msdsm - ok
20:52:11.0591 4472	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:52:11.0622 4472	MSDTC - ok
20:52:11.0669 4472	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:52:11.0731 4472	Msfs - ok
20:52:11.0747 4472	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:52:11.0778 4472	mshidkmdf - ok
20:52:11.0841 4472	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:52:11.0872 4472	msisadrv - ok
20:52:11.0903 4472	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:52:11.0981 4472	MSiSCSI - ok
20:52:11.0981 4472	msiserver - ok
20:52:12.0012 4472	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:52:12.0043 4472	MSKSSRV - ok
20:52:12.0059 4472	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:52:12.0121 4472	MSPCLOCK - ok
20:52:12.0137 4472	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:52:12.0168 4472	MSPQM - ok
20:52:12.0246 4472	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:52:12.0277 4472	MsRPC - ok
20:52:12.0324 4472	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:52:12.0340 4472	mssmbios - ok
20:52:12.0449 4472	MSSQL$MSSMLBIZ - ok
20:52:12.0496 4472	MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:52:12.0527 4472	MSSQLServerADHelper - ok
20:52:12.0558 4472	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:52:12.0636 4472	MSTEE - ok
20:52:12.0652 4472	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:52:12.0699 4472	MTConfig - ok
20:52:12.0714 4472	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:52:12.0730 4472	Mup - ok
20:52:12.0808 4472	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:52:12.0886 4472	napagent - ok
20:52:12.0917 4472	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:52:12.0948 4472	NativeWifiP - ok
20:52:13.0104 4472	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:52:13.0167 4472	NDIS - ok
20:52:13.0213 4472	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:52:13.0276 4472	NdisCap - ok
20:52:13.0291 4472	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:52:13.0323 4472	NdisTapi - ok
20:52:13.0369 4472	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:52:13.0463 4472	Ndisuio - ok
20:52:13.0525 4472	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:52:13.0603 4472	NdisWan - ok
20:52:13.0666 4472	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:52:13.0728 4472	NDProxy - ok
20:52:13.0759 4472	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:52:13.0791 4472	NetBIOS - ok
20:52:13.0869 4472	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:52:13.0931 4472	NetBT - ok
20:52:13.0993 4472	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:52:14.0025 4472	Netlogon - ok
20:52:14.0071 4472	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:52:14.0134 4472	Netman - ok
20:52:14.0181 4472	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:52:14.0212 4472	netprofm - ok
20:52:14.0290 4472	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:52:14.0321 4472	NetTcpPortSharing - ok
20:52:14.0742 4472	NETw5s64        (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
20:52:14.0961 4472	NETw5s64 - ok
20:52:15.0101 4472	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:52:15.0117 4472	nfrd960 - ok
20:52:15.0210 4472	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:52:15.0288 4472	NlaSvc - ok
20:52:15.0460 4472	NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
20:52:15.0491 4472	NMIndexingService - ok
20:52:15.0522 4472	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:52:15.0600 4472	Npfs - ok
20:52:15.0631 4472	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:52:15.0678 4472	nsi - ok
20:52:15.0694 4472	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:52:15.0725 4472	nsiproxy - ok
20:52:15.0881 4472	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:52:15.0959 4472	Ntfs - ok
20:52:16.0084 4472	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:52:16.0131 4472	Null - ok
20:52:16.0209 4472	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:52:16.0240 4472	nvraid - ok
20:52:16.0271 4472	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:52:16.0287 4472	nvstor - ok
20:52:16.0349 4472	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:52:16.0380 4472	nv_agp - ok
20:52:16.0427 4472	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:52:16.0474 4472	ohci1394 - ok
20:52:16.0536 4472	ose64           (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:52:16.0583 4472	ose64 - ok
20:52:16.0942 4472	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:52:17.0145 4472	osppsvc - ok
20:52:17.0269 4472	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:52:17.0316 4472	p2pimsvc - ok
20:52:17.0363 4472	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:52:17.0394 4472	p2psvc - ok
20:52:17.0457 4472	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:52:17.0488 4472	Parport - ok
20:52:17.0550 4472	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:52:17.0566 4472	partmgr - ok
20:52:17.0597 4472	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:52:17.0644 4472	PcaSvc - ok
20:52:17.0706 4472	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:52:17.0737 4472	pci - ok
20:52:17.0784 4472	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:52:17.0800 4472	pciide - ok
20:52:17.0831 4472	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:52:17.0862 4472	pcmcia - ok
20:52:17.0893 4472	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:52:17.0909 4472	pcw - ok
20:52:17.0956 4472	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:52:18.0018 4472	PEAUTH - ok
20:52:18.0127 4472	PeerDistSvc     (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
20:52:18.0190 4472	PeerDistSvc - ok
20:52:18.0283 4472	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:52:18.0330 4472	PerfHost - ok
20:52:18.0517 4472	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:52:18.0611 4472	pla - ok
20:52:18.0673 4472	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:52:18.0736 4472	PlugPlay - ok
20:52:18.0767 4472	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:52:18.0814 4472	PNRPAutoReg - ok
20:52:18.0845 4472	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:52:18.0876 4472	PNRPsvc - ok
20:52:18.0985 4472	Polar Daemon    (c489d0c7d9684dcf98dc3f0272131419) C:\Program Files (x86)\Polar\Daemon\polard.exe
20:52:19.0017 4472	Polar Daemon ( UnsignedFile.Multi.Generic ) - warning
20:52:19.0017 4472	Polar Daemon - detected UnsignedFile.Multi.Generic (1)
20:52:19.0110 4472	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:52:19.0173 4472	PolicyAgent - ok
20:52:19.0251 4472	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:52:19.0313 4472	Power - ok
20:52:19.0391 4472	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:52:19.0453 4472	PptpMiniport - ok
20:52:19.0485 4472	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:52:19.0516 4472	Processor - ok
20:52:19.0594 4472	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:52:19.0641 4472	ProfSvc - ok
20:52:19.0703 4472	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:52:19.0719 4472	ProtectedStorage - ok
20:52:19.0781 4472	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:52:19.0828 4472	Psched - ok
20:52:19.0859 4472	PxHlpa64        (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
20:52:19.0875 4472	PxHlpa64 - ok
20:52:19.0999 4472	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:52:20.0046 4472	ql2300 - ok
20:52:20.0202 4472	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:52:20.0233 4472	ql40xx - ok
20:52:20.0265 4472	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:52:20.0311 4472	QWAVE - ok
20:52:20.0327 4472	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:52:20.0374 4472	QWAVEdrv - ok
20:52:20.0389 4472	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:52:20.0436 4472	RasAcd - ok
20:52:20.0452 4472	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:52:20.0499 4472	RasAgileVpn - ok
20:52:20.0530 4472	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:52:20.0561 4472	RasAuto - ok
20:52:20.0623 4472	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:52:20.0686 4472	Rasl2tp - ok
20:52:20.0748 4472	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:52:20.0826 4472	RasMan - ok
20:52:20.0873 4472	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:52:20.0920 4472	RasPppoe - ok
20:52:20.0951 4472	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:52:21.0013 4472	RasSstp - ok
20:52:21.0076 4472	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:52:21.0154 4472	rdbss - ok
20:52:21.0169 4472	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:52:21.0185 4472	rdpbus - ok
20:52:21.0201 4472	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:52:21.0247 4472	RDPCDD - ok
20:52:21.0325 4472	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:52:21.0357 4472	RDPDR - ok
20:52:21.0388 4472	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:52:21.0435 4472	RDPENCDD - ok
20:52:21.0450 4472	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:52:21.0481 4472	RDPREFMP - ok
20:52:21.0544 4472	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:52:21.0606 4472	RDPWD - ok
20:52:21.0684 4472	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:52:21.0715 4472	rdyboost - ok
20:52:21.0840 4472	RegSrvc         (3b71b5b91e7dca93585d5a86c897adc4) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:52:21.0887 4472	RegSrvc - ok
20:52:21.0934 4472	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:52:21.0981 4472	RemoteAccess - ok
20:52:22.0012 4472	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:52:22.0074 4472	RemoteRegistry - ok
20:52:22.0137 4472	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:52:22.0183 4472	RFCOMM - ok
20:52:22.0215 4472	rimspci         (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
20:52:22.0230 4472	rimspci - ok
20:52:22.0277 4472	risdsnpe        (aa7b4ac7cb1281349cd61de067f00d5d) C:\Windows\system32\drivers\risdsne64.sys
20:52:22.0293 4472	risdsnpe - ok
20:52:22.0386 4472	Roxio UPnP Renderer 10 (d151224bc11078895a60fa970728ff59) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
20:52:22.0433 4472	Roxio UPnP Renderer 10 - ok
20:52:22.0464 4472	Roxio Upnp Server 10 (5022a927944878bd750960bd21e751af) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
20:52:22.0495 4472	Roxio Upnp Server 10 - ok
20:52:22.0527 4472	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:52:22.0605 4472	RpcEptMapper - ok
20:52:22.0651 4472	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:52:22.0667 4472	RpcLocator - ok
20:52:22.0745 4472	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:52:22.0807 4472	RpcSs - ok
20:52:22.0854 4472	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:52:22.0932 4472	rspndr - ok
20:52:22.0979 4472	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
20:52:23.0026 4472	s3cap - ok
20:52:23.0135 4472	SampleCollector (6b318f9443740a907d1c8f3460c19009) C:\Program Files\Sony\VAIO Care\collsvc.exe
20:52:23.0151 4472	SampleCollector ( UnsignedFile.Multi.Generic ) - warning
20:52:23.0151 4472	SampleCollector - detected UnsignedFile.Multi.Generic (1)
20:52:23.0213 4472	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:52:23.0229 4472	SamSs - ok
20:52:23.0291 4472	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:52:23.0322 4472	sbp2port - ok
20:52:23.0369 4472	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:52:23.0416 4472	SCardSvr - ok
20:52:23.0463 4472	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:52:23.0525 4472	scfilter - ok
20:52:23.0650 4472	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:52:23.0728 4472	Schedule - ok
20:52:23.0806 4472	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:52:23.0853 4472	SCPolicySvc - ok
20:52:23.0915 4472	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
20:52:23.0962 4472	sdbus - ok
20:52:24.0024 4472	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:52:24.0071 4472	SDRSVC - ok
20:52:24.0102 4472	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:52:24.0165 4472	secdrv - ok
20:52:24.0227 4472	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:52:24.0289 4472	seclogon - ok
20:52:24.0305 4472	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:52:24.0383 4472	SENS - ok
20:52:24.0414 4472	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:52:24.0445 4472	SensrSvc - ok
20:52:24.0477 4472	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
20:52:24.0508 4472	Serenum - ok
20:52:24.0539 4472	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
20:52:24.0570 4472	Serial - ok
20:52:24.0633 4472	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:52:24.0664 4472	sermouse - ok
20:52:24.0726 4472	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:52:24.0804 4472	SessionEnv - ok
20:52:24.0820 4472	SFEP            (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
20:52:24.0851 4472	SFEP - ok
20:52:24.0913 4472	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:52:24.0960 4472	sffdisk - ok
20:52:25.0007 4472	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:52:25.0054 4472	sffp_mmc - ok
20:52:25.0085 4472	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:52:25.0101 4472	sffp_sd - ok
20:52:25.0132 4472	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:52:25.0132 4472	sfloppy - ok
20:52:25.0210 4472	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:52:25.0288 4472	SharedAccess - ok
20:52:25.0366 4472	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:52:25.0428 4472	ShellHWDetection - ok
20:52:25.0459 4472	shpf            (c06ccd29f5c15b610237e86f82085e77) C:\Windows\system32\DRIVERS\shpf.sys
20:52:25.0475 4472	shpf - ok
20:52:25.0522 4472	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:52:25.0537 4472	SiSRaid2 - ok
20:52:25.0569 4472	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:52:25.0584 4472	SiSRaid4 - ok
20:52:25.0662 4472	SkypeUpdate     (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
20:52:25.0740 4472	SkypeUpdate - ok
20:52:25.0771 4472	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:52:25.0818 4472	Smb - ok
20:52:25.0849 4472	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:52:25.0881 4472	SNMPTRAP - ok
20:52:25.0896 4472	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:52:25.0912 4472	spldr - ok
20:52:26.0005 4472	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:52:26.0068 4472	Spooler - ok
20:52:26.0317 4472	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:52:26.0473 4472	sppsvc - ok
20:52:26.0567 4472	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:52:26.0629 4472	sppuinotify - ok
20:52:26.0739 4472	SQLBrowser      (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:52:26.0770 4472	SQLBrowser - ok
20:52:26.0848 4472	SQLWriter       (3c432a96363097870995e2a3c8b66abd) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:52:26.0879 4472	SQLWriter - ok
20:52:26.0988 4472	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:52:27.0035 4472	srv - ok
20:52:27.0066 4472	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:52:27.0097 4472	srv2 - ok
20:52:27.0129 4472	SrvHsfHDA       (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:52:27.0160 4472	SrvHsfHDA - ok
20:52:27.0269 4472	SrvHsfV92       (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:52:27.0347 4472	SrvHsfV92 - ok
20:52:27.0534 4472	SrvHsfWinac     (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:52:27.0581 4472	SrvHsfWinac - ok
20:52:27.0628 4472	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:52:27.0659 4472	srvnet - ok
20:52:27.0706 4472	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:52:27.0784 4472	SSDPSRV - ok
20:52:27.0815 4472	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:52:27.0846 4472	SstpSvc - ok
20:52:27.0940 4472	Steam Client Service - ok
20:52:27.0987 4472	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:52:28.0002 4472	stexstor - ok
20:52:28.0065 4472	StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
20:52:28.0096 4472	StillCam - ok
20:52:28.0205 4472	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:52:28.0236 4472	stisvc - ok
20:52:28.0299 4472	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
20:52:28.0330 4472	storflt - ok
20:52:28.0361 4472	StorSvc         (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
20:52:28.0392 4472	StorSvc - ok
20:52:28.0455 4472	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
20:52:28.0486 4472	storvsc - ok
20:52:28.0501 4472	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:52:28.0517 4472	swenum - ok
20:52:28.0673 4472	SwitchBoard     (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:52:28.0720 4472	SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
20:52:28.0720 4472	SwitchBoard - detected UnsignedFile.Multi.Generic (1)
20:52:28.0782 4472	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:52:28.0845 4472	swprv - ok
20:52:28.0891 4472	SynTP           (639b57dc871be4b86283027faf1f4e30) C:\Windows\system32\drivers\SynTP.sys
20:52:28.0923 4472	SynTP - ok
20:52:29.0063 4472	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:52:29.0141 4472	SysMain - ok
20:52:29.0266 4472	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:52:29.0297 4472	TabletInputService - ok
20:52:29.0328 4472	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:52:29.0391 4472	TapiSrv - ok
20:52:29.0422 4472	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:52:29.0453 4472	TBS - ok
20:52:29.0656 4472	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:52:29.0781 4472	Tcpip - ok
20:52:30.0046 4472	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:52:30.0108 4472	TCPIP6 - ok
20:52:30.0280 4472	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:52:30.0327 4472	tcpipreg - ok
20:52:30.0373 4472	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:52:30.0405 4472	TDPIPE - ok
20:52:30.0451 4472	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:52:30.0483 4472	TDTCP - ok
20:52:30.0545 4472	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:52:30.0607 4472	tdx - ok
20:52:30.0670 4472	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:52:30.0701 4472	TermDD - ok
20:52:30.0763 4472	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:52:30.0857 4472	TermService - ok
20:52:30.0888 4472	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:52:30.0919 4472	Themes - ok
20:52:30.0935 4472	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:52:30.0966 4472	THREADORDER - ok
20:52:30.0997 4472	TPM             (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
20:52:31.0044 4472	TPM - ok
20:52:31.0075 4472	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:52:31.0138 4472	TrkWks - ok
20:52:31.0231 4472	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:52:31.0294 4472	TrustedInstaller - ok
20:52:31.0356 4472	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:52:31.0403 4472	tssecsrv - ok
20:52:31.0465 4472	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:52:31.0512 4472	TsUsbFlt - ok
20:52:31.0575 4472	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:52:31.0637 4472	tunnel - ok
20:52:31.0668 4472	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:52:31.0699 4472	uagp35 - ok
20:52:31.0777 4472	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:52:31.0824 4472	udfs - ok
20:52:31.0887 4472	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:52:31.0902 4472	UI0Detect - ok
20:52:31.0949 4472	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:52:31.0980 4472	uliagpkx - ok
20:52:32.0043 4472	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:52:32.0074 4472	umbus - ok
20:52:32.0121 4472	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:52:32.0167 4472	UmPass - ok
20:52:32.0245 4472	UmRdpService    (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
20:52:32.0292 4472	UmRdpService - ok
20:52:32.0495 4472	UNS             (a7377410bc0d28c5a72135a4be1a1068) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:52:32.0557 4472	UNS - ok
20:52:32.0682 4472	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:52:32.0745 4472	upnphost - ok
20:52:32.0869 4472	USB Access Restriction (0b04c5b5f0c2ac03b1494f9a31f77b85) C:\Program Files (x86)\Sony\USB Access Restriction Setting\USB Access Restriction.exe
20:52:32.0901 4472	USB Access Restriction - ok
20:52:32.0994 4472	USBAAPL64       (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
20:52:33.0041 4472	USBAAPL64 - ok
20:52:33.0072 4472	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:52:33.0119 4472	usbccgp - ok
20:52:33.0166 4472	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:52:33.0213 4472	usbcir - ok
20:52:33.0244 4472	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:52:33.0291 4472	usbehci - ok
20:52:33.0353 4472	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:52:33.0384 4472	usbhub - ok
20:52:33.0415 4472	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:52:33.0431 4472	usbohci - ok
20:52:33.0462 4472	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
20:52:33.0493 4472	usbprint - ok
20:52:33.0540 4472	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:52:33.0571 4472	USBSTOR - ok
20:52:33.0603 4472	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:52:33.0634 4472	usbuhci - ok
20:52:33.0696 4472	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:52:33.0743 4472	usbvideo - ok
20:52:33.0759 4472	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:52:33.0805 4472	UxSms - ok
20:52:33.0899 4472	VAIO Event Service (6b31c9cb94927dbeeb62e15275f4cc54) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
20:52:33.0930 4472	VAIO Event Service - ok
20:52:34.0039 4472	VAIO Power Management (b8c9a7010afd5cbbe194cb9ef7c4fd14) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:52:34.0071 4472	VAIO Power Management - ok
20:52:34.0133 4472	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:52:34.0149 4472	VaultSvc - ok
20:52:34.0211 4472	VClone          (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
20:52:34.0258 4472	VClone - ok
20:52:34.0305 4472	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:52:34.0336 4472	vdrvroot - ok
20:52:34.0429 4472	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:52:34.0507 4472	vds - ok
20:52:34.0539 4472	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:52:34.0554 4472	vga - ok
20:52:34.0570 4472	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:52:34.0601 4472	VgaSave - ok
20:52:34.0663 4472	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:52:34.0695 4472	vhdmp - ok
20:52:34.0757 4472	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:52:34.0773 4472	viaide - ok
20:52:34.0851 4472	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
20:52:34.0882 4472	vmbus - ok
20:52:34.0897 4472	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
20:52:34.0913 4472	VMBusHID - ok
20:52:34.0929 4472	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:52:34.0960 4472	volmgr - ok
20:52:35.0022 4472	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:52:35.0053 4472	volmgrx - ok
20:52:35.0116 4472	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:52:35.0147 4472	volsnap - ok
20:52:35.0194 4472	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:52:35.0225 4472	vsmraid - ok
20:52:35.0381 4472	VSNService      (047f22bdfdae6df6f1e47e747a1237a2) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
20:52:35.0412 4472	VSNService ( UnsignedFile.Multi.Generic ) - warning
20:52:35.0412 4472	VSNService - detected UnsignedFile.Multi.Generic (1)
20:52:35.0568 4472	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:52:35.0646 4472	VSS - ok
20:52:35.0802 4472	VUAgent         (0260e5f1790f90e8d7ec0588227aa42c) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
20:52:35.0849 4472	VUAgent - ok
20:52:35.0974 4472	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:52:35.0989 4472	vwifibus - ok
20:52:36.0021 4472	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:52:36.0036 4472	vwififlt - ok
20:52:36.0052 4472	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
20:52:36.0067 4472	vwifimp - ok
20:52:36.0130 4472	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:52:36.0192 4472	W32Time - ok
20:52:36.0239 4472	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:52:36.0255 4472	WacomPen - ok
20:52:36.0317 4472	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:52:36.0364 4472	WANARP - ok
20:52:36.0364 4472	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:52:36.0395 4472	Wanarpv6 - ok
20:52:36.0520 4472	WatAdminSvc     (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:52:36.0582 4472	WatAdminSvc - ok
20:52:36.0723 4472	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:52:36.0801 4472	wbengine - ok
20:52:36.0925 4472	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:52:36.0957 4472	WbioSrvc - ok
20:52:37.0035 4472	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:52:37.0097 4472	wcncsvc - ok
20:52:37.0128 4472	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:52:37.0159 4472	WcsPlugInService - ok
20:52:37.0222 4472	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:52:37.0237 4472	Wd - ok
20:52:37.0315 4472	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:52:37.0362 4472	Wdf01000 - ok
20:52:37.0393 4472	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:52:37.0487 4472	WdiServiceHost - ok
20:52:37.0487 4472	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:52:37.0518 4472	WdiSystemHost - ok
20:52:37.0581 4472	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:52:37.0627 4472	WebClient - ok
20:52:37.0659 4472	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:52:37.0721 4472	Wecsvc - ok
20:52:37.0737 4472	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:52:37.0768 4472	wercplsupport - ok
20:52:37.0799 4472	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:52:37.0830 4472	WerSvc - ok
20:52:37.0893 4472	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:52:37.0939 4472	WfpLwf - ok
20:52:37.0955 4472	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:52:37.0971 4472	WIMMount - ok
20:52:38.0033 4472	winachsf        (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
20:52:38.0080 4472	winachsf - ok
20:52:38.0111 4472	WinDefend - ok
20:52:38.0111 4472	WinHttpAutoProxySvc - ok
20:52:38.0189 4472	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:52:38.0251 4472	Winmgmt - ok
20:52:38.0407 4472	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:52:38.0517 4472	WinRM - ok
20:52:38.0673 4472	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
20:52:38.0719 4472	WinUsb - ok
20:52:38.0797 4472	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:52:38.0860 4472	Wlansvc - ok
20:52:38.0922 4472	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:52:38.0953 4472	WmiAcpi - ok
20:52:39.0031 4472	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:52:39.0063 4472	wmiApSrv - ok
20:52:39.0109 4472	WMPNetworkSvc - ok
20:52:39.0156 4472	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:52:39.0203 4472	WPCSvc - ok
20:52:39.0265 4472	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:52:39.0297 4472	WPDBusEnum - ok
20:52:39.0328 4472	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:52:39.0359 4472	ws2ifsl - ok
20:52:39.0390 4472	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:52:39.0406 4472	wscsvc - ok
20:52:39.0421 4472	WSDPrintDevice  (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
20:52:39.0437 4472	WSDPrintDevice - ok
20:52:39.0453 4472	WSearch - ok
20:52:39.0624 4472	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:52:39.0687 4472	wuauserv - ok
20:52:39.0905 4472	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:52:39.0952 4472	WudfPf - ok
20:52:39.0983 4472	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:52:40.0030 4472	WUDFRd - ok
20:52:40.0092 4472	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:52:40.0139 4472	wudfsvc - ok
20:52:40.0186 4472	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:52:40.0201 4472	WwanSvc - ok
20:52:40.0233 4472	XAudio          (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
20:52:40.0248 4472	XAudio - ok
20:52:40.0295 4472	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:52:41.0309 4472	\Device\Harddisk0\DR0 - ok
20:52:41.0340 4472	Boot (0x1200)   (b98153ea356fe4e624853a293f441cc5) \Device\Harddisk0\DR0\Partition0
20:52:41.0340 4472	\Device\Harddisk0\DR0\Partition0 - ok
20:52:41.0356 4472	Boot (0x1200)   (cbcb6deae1a453f45d5966f74a22b7d7) \Device\Harddisk0\DR0\Partition1
20:52:41.0356 4472	\Device\Harddisk0\DR0\Partition1 - ok
20:52:41.0356 4472	============================================================
20:52:41.0356 4472	Scan finished
20:52:41.0356 4472	============================================================
20:52:41.0371 4964	Detected object count: 5
20:52:41.0371 4964	Actual detected object count: 5
20:53:43.0756 4964	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:43.0756 4964	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:53:43.0756 4964	Polar Daemon ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:43.0756 4964	Polar Daemon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:53:43.0756 4964	SampleCollector ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:43.0756 4964	SampleCollector ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:53:43.0756 4964	SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:43.0756 4964	SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:53:43.0756 4964	VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:43.0756 4964	VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip

habe noch zusätzliche nachforschungen angestellt und vermute das der Virus von drei gedownloadeten Exe dateien kam die meine Freundin runtergeladen hat.
Pdf2id_Professional_V3_0_Full_Download.exe
Verified_Pdf2id_Professional_V3_0 (1).exe
Verified_Pdf2id_Professional_V3_0.exe

dies war am 26.06.2012 um ca 18.00, dies würde sich auch mit den 2 fundorten von Malwarebytes gleichen da die Ordner "intellidownload" und "OApps" nicht von mir installiert wurden.
(weis nicht ob diese Infos noch wichtig sind...
hatte bis jetzt noch keine virenprobleme)

kann man schon sagen wie schlimm der momentane zustand ist?

markusg · 11.07.2012, 23:25

sehe noch nichts.
sind das legitime downloads aus legalen quellen?

wertzu56 · 12.07.2012, 20:56

Weis jetzt nicht genau von welcher Seite diese Dateien downgeloadet wurden, meine Freundin kann mir das auch nicht mehr sagen.
Es war eine Seite wo man sich für den Download nicht anmelden musste, also eher zweifelhaft...

markusg · 13.07.2012, 18:59

ok

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

wertzu56 · 14.07.2012, 14:09

Hallo,

hier die Log von Combo fix

[code]
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-07-13.03 - Eva 14.07.2012  14:09:30.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.3767.2147 [GMT 2:00]
ausgeführt von:: c:\users\Eva\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\intellidownload\gunzip.exe
c:\program files (x86)\OApps\bhO_project.dll
c:\programdata\ntuser.dat
c:\users\Andreas\AppData\Roaming\.#
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-14 bis 2012-07-14  ))))))))))))))))))))))))))))))
.
.
2012-07-14 12:15 . 2012-07-14 12:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-14 12:15 . 2012-07-14 12:15	--------	d-----w-	c:\users\Andreas\AppData\Local\temp
2012-07-11 19:02 . 2012-06-12 03:08	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-07-10 18:43 . 2012-06-06 06:06	2004480	----a-w-	c:\windows\system32\msxml6.dll
2012-07-08 21:44 . 2012-07-08 21:44	955840	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-07-08 21:44 . 2012-07-08 21:44	839096	----a-w-	c:\windows\system32\deployJava1.dll
2012-07-08 21:32 . 2012-07-08 21:32	770384	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-07-08 21:32 . 2012-07-08 21:32	421200	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-07-08 13:34 . 2012-07-08 13:34	--------	d-----w-	c:\users\Eva\AppData\Roaming\Malwarebytes
2012-07-08 13:33 . 2012-07-08 13:33	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-08 13:33 . 2012-07-08 13:34	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-08 13:33 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-06-26 16:08 . 2012-07-14 12:15	--------	d-----w-	c:\program files (x86)\OApps
2012-06-26 16:08 . 2012-06-26 16:09	--------	d-----w-	c:\program files (x86)\TorrentSearch
2012-06-26 16:08 . 2012-07-14 12:15	--------	d-----w-	c:\program files (x86)\intellidownload
2012-06-21 16:28 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-21 16:28 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-21 16:28 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-21 16:28 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-21 16:28 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-21 16:28 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-21 16:28 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-21 16:27 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-21 16:27 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-14 15:52 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-14 15:52 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-14 15:52 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-14 15:52 . 2012-05-04 11:06	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-06-14 15:52 . 2012-05-04 10:03	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-06-14 15:52 . 2012-05-04 10:03	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-06-14 15:52 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-09 05:48 . 2012-04-03 17:12	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-09 05:48 . 2011-05-20 17:38	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-08 16:28 . 2011-10-22 10:30	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-05-08 16:28 . 2011-10-22 10:30	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 09:08	2393184	----a-w-	c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"LaCie Ethernet Agent Startup"="c:\program files (x86)\LaCie\Network Assistant\LaCie Network Assistant.exe" [2009-12-14 5849088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-01-13 26624]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-17 421160]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"Nikon Transfer Monitor"="c:\program files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-12-16 479232]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
c:\users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-11-30 18:20	98304	----a-w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\Protector Suite\psqlpwd.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 133104]
R2 Polar Daemon;Polar Daemon;c:\program files (x86)\Polar\Daemon\polard.exe [2011-10-19 411136]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 133104]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-08 113120]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-16 167424]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 1021840]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-03 1255736]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys [2009-05-28 25120]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-10-29 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-10-29 76800]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S2 USB Access Restriction;USB Access Restriction;c:\program files (x86)\Sony\USB Access Restriction Setting\USB Access Restriction.exe [2009-08-31 431400]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2009-08-12 292864]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-11-26 151936]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-19 244736]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-10-08 62464]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 04:01]
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 04:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-10-29 18:08	5948168	----a-w-	c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-10-29 18:08	5948168	----a-w-	c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-15 8321568]
"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-10-29 84744]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-19 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-19 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-19 410136]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.at/ig?hl=de
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to Mp3 Converter - c:\users\Eva\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: Interfaces\{82B98B87-739C-444A-863B-63F183E22E60}: NameServer = 192.168.1.1
TCP: Interfaces\{9496E489-6C69-4B8E-9E68-7590B1E48F78}: NameServer = 10.0.0.138
FF - ProfilePath - c:\users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\9zd0hof2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre7\bin\jusched.exe
AddRemove-{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-14  14:21:13
ComboFix-quarantined-files.txt  2012-07-14 12:21
.
Vor Suchlauf: 12 Verzeichnis(se), 133.250.076.672 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 142.524.235.776 Bytes frei
.
- - End Of File - - 286C8DD78A3DA7A02D25734BC8065EE1

--- --- ---

markusg · 15.07.2012, 18:47

lade den CCleaner standard:
CCleaner Download - CCleaner 3.20.1750
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

wertzu56 · 15.07.2012, 20:00

Hallo,

Hier die Liste der Installierten Programme

Code:

ATTFilter

Adobe AIR	Adobe Systems Inc.	10.07.2010		1.5.3.9120 notwendig
Adobe Community Help	Adobe Systems Incorporated	28.12.2010		3.0.0.400 notwendig
Adobe Creative Suite 5 Master Collection	Adobe Systems Incorporated	28.05.2011	4,04GB	5.0 notwendig
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	09.06.2012	6,00MB	11.3.300.257 notwendig
Adobe Flash Player 11 Plugin 64-bit	Adobe Systems Incorporated	16.04.2012	6,00MB	11.2.202.233 notwendig
Adobe Media Player	Adobe Systems Incorporated	10.07.2010		1.8 unnötig
Adobe Reader X (10.1.2) - Deutsch	Adobe Systems Incorporated	16.03.2012	121MB	10.1.2 notwendig
Apple Application Support	Apple Inc.	02.12.2010	52,8MB	1.4.1 notwendig
Apple Mobile Device Support	Apple Inc.	02.12.2010	22,3MB	3.3.0.69 notwendig
Apple Software Update	Apple Inc.	28.08.2011	2,38MB	2.1.3.127 notwendig
ArcSoft WebCam Companion 3	ArcSoft	13.04.2010		3.0.21.193 unbekannt
Avira Free Antivirus	Avira	08.05.2012	104MB	12.0.0.1125 notwendig
Bonjour	Apple Inc.	02.12.2010	1,78MB	2.0.4.0 unbekannt
Business Contact Manager für Outlook 2007 SP2	Microsoft Corporation	25.06.2012		3.0.8619.1 unnötig
Canon Inkjet Printer Driver Add-On Module V2.00		25.04.2010 notwendig		
Canon MP Navigator EX 2.0		25.04.2010	 notwendig	
Canon MP620 series MP Drivers		25.04.2010	 notwendig	
CCleaner	Piriform	22.06.2012		3.20 notwendig
DVDVideoSoftTB Toolbar		13.02.2011		unbekannt
Einstellung für die USB-Zugriffsbeschränkung	Sony Corporation	13.01.2010		1.4.0.08310 unbekannt
File Uploader	Nikon	04.02.2012	1,64MB	1.2.0 notwendig
Foto-Mosaik-Edda Standard V5.8.0	Steffen Schirmer	28.05.2011	3,50MB	unnötig
Free Audio CD Burner version 1.4	DVDVideoSoft Limited.	19.09.2010	8,11MB	unnötig
Free Video to MP3 Converter version 4.1	DVDVideoSoft Limited.	19.09.2010	25,6MB	unnötig
Free YouTube to MP3 Converter version 3.8	DVDVideoSoft Limited.	19.09.2010	32,0MB	unnötig
Google Chrome	Google Inc.	13.01.2010		3.0.195.21 unnötig
Google Earth Plug-in	Google	13.11.2011	40,8MB	6.1.0.5001 unnötig
HDAUDIO SoftV92 Data Fax Modem with SmartCP	Conexant Systems	08.12.2009		7.80.4.50 unbekannt
ImgBurn	LIGHTNING UK!	27.08.2011		2.5.5.0 unnötig
Intel(R) Control Center	Intel Corporation	13.01.2010		1.2.1.1007 notwendig
Intel(R) Graphics Media Accelerator Driver	Intel Corporation	19.06.2010		8.15.10.2040 notwendig
Intel(R) Management Engine Components	Intel Corporation	13.01.2010		6.0.0.1179 notwendig
Intel(R) PROSet/Wireless WiFi-Software	Intel Corporation	13.01.2010	109MB	13.00.0000 notwendig
Intel(R) Rapid Storage Technology	Intel Corporation	13.01.2010		9.5.4.1001 notwendig
iTunes	Apple Inc.	02.12.2010	145MB	10.1.0.56 notwendig
Java(TM) 7 Update 5 (64-bit)	Oracle	08.07.2012	95,0MB	7.0.50 notwendig
JDownloader	AppWork UG (haftungsbeschränkt)	19.06.2010		0.89 unnötig
LaCie Network Assistant 1.4.1.34	LaCie SA	26.08.2011		1.4.1.34 notwendig
Malwarebytes Anti-Malware Version 1.61.0.1400	Malwarebytes Corporation	08.07.2012	18,0MB	1.61.0.1400 notwendig
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	26.06.2012	38,8MB	4.0.30319 unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	26.06.2012	2,93MB	4.0.30319 unbekannt
Microsoft Office Home and Student 2010	Microsoft Corporation	05.06.2012		14.0.6029.1000 notwendig
Microsoft Office Small Business Connectivity Components	Microsoft Corporation	13.01.2010	159KB	2.0.7024.0 unbekannt
Microsoft Silverlight	Microsoft Corporation	11.05.2012	40,4MB	4.1.10329.0 notwendig
Microsoft SQL Server 2005	Microsoft Corporation	25.06.2012	notwendig
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	13.01.2010	1,72MB	3.1.0000 notwendig
Microsoft SQL Server Native Client	Microsoft Corporation	25.06.2012	5,89MB	9.00.5000.00 notwendig
Microsoft SQL Server VSS Writer	Microsoft Corporation	25.06.2012	1,12MB	9.00.5000.00 notwendig
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	25.06.2012	300KB	8.0.61001 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022	Microsoft Corporation	19.09.2010	2,52MB	9.0.21022 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	25.06.2012	788KB	9.0.30729.6161 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	10.10.2010	238KB	9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	13.06.2010	596KB	9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	25.06.2012	600KB	9.0.30729.6161 notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	25.06.2012	12,2MB	10.0.40219 notwendig
Mozilla Firefox 13.0 (x86 de)	Mozilla	08.07.2012	37,5MB	13.0 notwendig
Mozilla Maintenance Service	Mozilla	08.07.2012	309KB	13.0 unbekannt
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	16.04.2010	1,27MB	4.20.9870.0 unbekannt
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	16.04.2010	1,33MB	4.20.9876.0 unbekannt
Nero 8 Ultra Edition HD	Nero AG	21.06.2010	766MB	8.3.314 notwendig
NetSetMan 3.0.2	Ilja Herlein	02.06.2010	5,25MB	3.0.2 notwendig
Nikon Message Center	Nikon	04.02.2012	204KB	0.92.000 notwendig
Nikon Message Center 2	Nikon	04.02.2012	5,20MB	2.0.1 notwendig
Nikon Movie Editor	Nikon	04.02.2012	26,9MB	2.2.4 notwendig
Nikon Transfer	Nikon	04.02.2012	47,0MB	1.4.0 notwendig
OpenOffice.org 3.2	OpenOffice.org	19.09.2010	364MB	3.2.9502 notwendig
Picture Control Utility	Nikon	04.02.2012	26,0MB	1.4.1 notwendig
Polar Daemon	Polar Electro Oy	26.10.2011	3,59MB	2.2.00003 unnötig
Polar WebSync	Polar Electro Oy	26.10.2011	21,3MB	2.4.00004 unnötig
Portal 2	Valve	12.03.2012 unnötig		
Protector Suite 2009	UPEK Inc.	13.01.2010	120MB	5.9.2.5974 unbekannt
QuickTime	Apple Inc.	02.12.2010	73,7MB	7.68.75.0 notwendig
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	13.01.2010		6.0.1.5977 notwendig
Roxio Easy Media Creator 10 LJ	Roxio	13.04.2010	125MB	10.3 unnötig
Scratch Live 2.2.0 (22033)	Serato Audio Research	13.02.2011	29,8MB	2.2.0 unbekannt
Setting Utility Series	Sony Corporation	13.01.2010		5.1.0.11200 unbekannt
Skype™ 5.8	Skype Technologies S.A.	07.03.2012	19,0MB	5.8.158 notwendig
Steam	Valve Corporation	12.03.2012	1,59MB	1.0.0.0 unnötig
Synaptics Pointing Device Driver	Synaptics Incorporated	13.01.2010		14.0.2.0 notwendig
TOPP Vorlagen-Druckstudio (3488)	frechverlag GmbH	14.11.2010 unnötig		
Uninstall 1.0.0.1		19.09.2010	10,5MB	 unbekannt
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)	Microsoft Corporation	25.06.2012	30,5MB	9.00.5000.00 unbekannt
VAIO BZ screensaver	Sony Europe	13.04.2010		1.0.0.0 unnötig
VAIO Care	Sony Corporation	13.01.2010		5.0.3.11130 unnötig
VAIO Control Center	Sony Corporation	19.06.2010		4.1.1.03100 notwendig
VAIO Data Restore Tool	Sony Corporation	13.01.2010		1.2.0.09150 notwendig
VAIO Energie Verwaltung	Sony Corporation	13.01.2010		5.0.0.11300 unnötig
VAIO Event Service	Sony Corporation	13.01.2010		5.1.0.11300 unnötig
VAIO Gate	Sony Corporation	06.01.2011		2.2.1.09131 unnötig
VAIO Gate Default	Sony Corporation	13.01.2010		1.0.0.10290 unnötig
VAIO Marketing Tools	Sony Corporation	13.04.2010 unnötig
VAIO Premium Partners	Sony Europe	13.04.2010		1.0 unnötig
VAIO Smart Network	Sony Corporation	06.01.2011		3.3.1.08110 notwendig
VAIO Update	Sony Corporation	01.08.2011		5.4.1.04200 notwendig
VAIO Wallpaper Contents	Sony Corporation	13.01.2010		2.0.0.06010 unnötig
VAIO Window Organizer	Sony Corporation	13.01.2010		2.0.0.08280 unnötig
VAIO-Support für Übertragungen	Sony Corporation	06.01.2011		1.1.2.06030 unnötig
ViewNX 2	Nikon	04.02.2012	51,5MB	2.2.5 notwendig
VirtualCloneDrive	Elaborate Bytes	01.10.2010	 notwendig	
WIDCOMM Bluetooth Software	Broadcom Corporation	08.12.2009	144MB	6.2.1.500 notwendig
Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)	Broadcom	13.04.2010		09/09/2009 6.2.0.9405 notwendig
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)	Broadcom	13.04.2010		07/28/2009 6.2.0.9800 notwendig
Windows Live Anmelde-Assistent	Microsoft Corporation	13.01.2010	1,93MB	5.000.818.5 unbekannt
Windows Live Essentials	Microsoft Corporation	13.01.2010		14.0.8089.0726 unbekannt
Windows Live Sync	Microsoft Corporation	13.01.2010	2,79MB	14.0.8089.726 unbekannt
Windows Live-Uploadtool	Microsoft Corporation	13.01.2010	224KB	14.0.8014.1029 unbekannt
WinRAR		21.06.2010		 notwendig 
Zeitungen selbst gemacht 2		05.06.2010 unnötig

Zur INFO:
mit Internet Explorer erscheint im Facebookprofil momentan keine Werbung mehr, mit Firefox jedoch noch selbe Probleme,
seitdem Combofix ausgeführt wurde.

markusg · 17.07.2012, 22:25

hi
grad noch mal die logs durchgesehen, warum sind adobe seiten, bzw deren aktivierungen geblockt?

wertzu56 · 20.07.2012, 16:35

Hy,

die seiten sind geblockt um Indesign oder Photoshop verwenden zu könnnen, Einträge kamen von mir. Wird für Private Zwecke öfters verwendet.

Gab es sonst noch wo auffälligkeiten ?
über Firefox hab ich Probleme mit Werbung im Profil noch immer.

Was könnte man hier noch machen?

markusg · 25.07.2012, 20:08

also illegale verwendung dieser programme.
damit ist der suport zu ende und es gibt nur hilfe beim formatieren und neu aufsetzen:
der pc muss neu aufgesetzt und dann abgesichert werden
1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

Werbeanzeigen in Facebook Profil & AudioWerbung wenn Browser geöffnet (Trojan.BHO)(Rootkit.Agent)

Plagegeister aller Art und deren Bekämpfung: Werbeanzeigen in Facebook Profil & AudioWerbung wenn Browser geöffnet (Trojan.BHO)(Rootkit.Agent)