Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Search.searchcompletion.com übernimmt Google Suchmaschine

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.08.2012, 12:48   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.08.2012, 11:03   #17
heisinho
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Ok, hier das Log:
Code:
ATTFilter
11:55:09.0077 5880	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:55:09.0186 5880	============================================================
11:55:09.0186 5880	Current date / time: 2012/08/05 11:55:09.0186
11:55:09.0186 5880	SystemInfo:
11:55:09.0186 5880	
11:55:09.0186 5880	OS Version: 6.0.6002 ServicePack: 2.0
11:55:09.0186 5880	Product type: Workstation
11:55:09.0186 5880	ComputerName: CLEMENS-PC
11:55:09.0186 5880	UserName: Clemens
11:55:09.0186 5880	Windows directory: C:\Windows
11:55:09.0186 5880	System windows directory: C:\Windows
11:55:09.0186 5880	Processor architecture: Intel x86
11:55:09.0186 5880	Number of processors: 2
11:55:09.0186 5880	Page size: 0x1000
11:55:09.0186 5880	Boot type: Normal boot
11:55:09.0186 5880	============================================================
11:55:09.0654 5880	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:55:09.0654 5880	Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:55:09.0654 5880	============================================================
11:55:09.0654 5880	\Device\Harddisk0\DR0:
11:55:09.0654 5880	MBR partitions:
11:55:09.0654 5880	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x1202E000
11:55:09.0654 5880	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1342E800, BlocksNum 0x11FFF800
11:55:09.0654 5880	\Device\Harddisk1\DR1:
11:55:09.0654 5880	MBR partitions:
11:55:09.0654 5880	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x74705981
11:55:09.0654 5880	============================================================
11:55:09.0685 5880	C: <-> \Device\Harddisk0\DR0\Partition0
11:55:09.0732 5880	D: <-> \Device\Harddisk0\DR0\Partition1
11:55:09.0732 5880	G: <-> \Device\Harddisk1\DR1\Partition0
11:55:09.0732 5880	============================================================
11:55:09.0732 5880	Initialize success
11:55:09.0732 5880	============================================================
11:56:09.0323 4384	============================================================
11:56:09.0323 4384	Scan started
11:56:09.0323 4384	Mode: Manual; SigCheck; TDLFS; 
11:56:09.0323 4384	============================================================
11:56:09.0791 4384	ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
11:56:09.0962 4384	ABBYY.Licensing.FineReader.Sprint.9.0 - ok
11:56:10.0149 4384	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:56:10.0181 4384	ACPI - ok
11:56:10.0290 4384	AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:56:10.0305 4384	AdobeFlashPlayerUpdateSvc - ok
11:56:10.0383 4384	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:56:10.0415 4384	adp94xx - ok
11:56:10.0446 4384	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:56:10.0477 4384	adpahci - ok
11:56:10.0508 4384	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:56:10.0524 4384	adpu160m - ok
11:56:10.0539 4384	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:56:10.0571 4384	adpu320 - ok
11:56:10.0586 4384	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:56:10.0711 4384	AeLookupSvc - ok
11:56:10.0789 4384	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:56:10.0883 4384	AFD - ok
11:56:11.0007 4384	AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
11:56:11.0117 4384	AgereSoftModem - ok
11:56:11.0163 4384	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:56:11.0195 4384	agp440 - ok
11:56:11.0210 4384	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:56:11.0241 4384	aic78xx - ok
11:56:11.0273 4384	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:56:11.0444 4384	ALG - ok
11:56:11.0444 4384	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:56:11.0475 4384	aliide - ok
11:56:11.0507 4384	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:56:11.0522 4384	amdagp - ok
11:56:11.0538 4384	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:56:11.0553 4384	amdide - ok
11:56:11.0569 4384	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:56:11.0631 4384	AmdK7 - ok
11:56:11.0647 4384	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:56:11.0725 4384	AmdK8 - ok
11:56:11.0834 4384	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:56:11.0850 4384	AntiVirSchedulerService - ok
11:56:11.0881 4384	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:56:11.0897 4384	AntiVirService - ok
11:56:11.0943 4384	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:56:12.0006 4384	Appinfo - ok
11:56:12.0099 4384	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:56:12.0115 4384	Apple Mobile Device - ok
11:56:12.0146 4384	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:56:12.0177 4384	arc - ok
11:56:12.0209 4384	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:56:12.0224 4384	arcsas - ok
11:56:12.0240 4384	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:56:12.0333 4384	AsyncMac - ok
11:56:12.0349 4384	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
11:56:12.0380 4384	atapi - ok
11:56:12.0505 4384	athr            (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
11:56:12.0614 4384	athr - ok
11:56:12.0677 4384	atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
11:56:12.0708 4384	atksgt - ok
11:56:12.0786 4384	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:56:12.0833 4384	AudioEndpointBuilder - ok
11:56:12.0848 4384	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:56:12.0879 4384	Audiosrv - ok
11:56:12.0926 4384	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
11:56:12.0942 4384	avgntflt - ok
11:56:12.0989 4384	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
11:56:13.0004 4384	avipbb - ok
11:56:13.0035 4384	avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS\avkmgr.sys
11:56:13.0051 4384	avkmgr - ok
11:56:13.0098 4384	bcm4sbxp        (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
11:56:13.0316 4384	bcm4sbxp - ok
11:56:13.0410 4384	BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:56:13.0441 4384	BcmSqlStartupSvc - ok
11:56:13.0457 4384	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:56:13.0519 4384	Beep - ok
11:56:13.0597 4384	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:56:13.0675 4384	BFE - ok
11:56:13.0784 4384	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:56:13.0925 4384	BITS - ok
11:56:13.0956 4384	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:56:14.0049 4384	blbdrive - ok
11:56:14.0143 4384	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:56:14.0205 4384	Bonjour Service - ok
11:56:14.0237 4384	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:56:14.0315 4384	bowser - ok
11:56:14.0361 4384	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:56:14.0424 4384	BrFiltLo - ok
11:56:14.0455 4384	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:56:14.0517 4384	BrFiltUp - ok
11:56:14.0549 4384	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:56:14.0658 4384	Browser - ok
11:56:14.0689 4384	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:56:14.0814 4384	Brserid - ok
11:56:14.0861 4384	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:56:14.0954 4384	BrSerWdm - ok
11:56:14.0970 4384	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:56:15.0063 4384	BrUsbMdm - ok
11:56:15.0063 4384	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:56:15.0157 4384	BrUsbSer - ok
11:56:15.0188 4384	BthEnum         (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys
11:56:15.0251 4384	BthEnum - ok
11:56:15.0282 4384	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:56:15.0375 4384	BTHMODEM - ok
11:56:15.0407 4384	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
11:56:15.0469 4384	BthPan - ok
11:56:15.0516 4384	BTHPORT         (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys
11:56:15.0547 4384	BTHPORT - ok
11:56:15.0578 4384	BthServ         (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
11:56:15.0656 4384	BthServ - ok
11:56:15.0687 4384	BTHUSB          (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys
11:56:15.0765 4384	BTHUSB - ok
11:56:15.0843 4384	btwaudio        (3ea1a20dc0ca1ad23e7aa8c37a91bcd1) C:\Windows\system32\drivers\btwaudio.sys
11:56:15.0859 4384	btwaudio - ok
11:56:15.0890 4384	btwavdt         (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
11:56:15.0921 4384	btwavdt - ok
11:56:15.0953 4384	btwrchid        (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
11:56:15.0984 4384	btwrchid - ok
11:56:16.0031 4384	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:56:16.0109 4384	cdfs - ok
11:56:16.0155 4384	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:56:16.0233 4384	cdrom - ok
11:56:16.0280 4384	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:56:16.0343 4384	CertPropSvc - ok
11:56:16.0374 4384	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:56:16.0452 4384	circlass - ok
11:56:16.0499 4384	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:56:16.0545 4384	CLFS - ok
11:56:16.0623 4384	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:56:16.0655 4384	clr_optimization_v2.0.50727_32 - ok
11:56:16.0748 4384	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:56:16.0795 4384	clr_optimization_v4.0.30319_32 - ok
11:56:16.0826 4384	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:56:16.0904 4384	CmBatt - ok
11:56:16.0935 4384	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:56:16.0967 4384	cmdide - ok
11:56:16.0998 4384	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:56:16.0998 4384	Compbatt - ok
11:56:17.0013 4384	COMSysApp - ok
11:56:17.0076 4384	cpuz132 - ok
11:56:17.0076 4384	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:56:17.0107 4384	crcdisk - ok
11:56:17.0107 4384	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:56:17.0138 4384	Crusoe - ok
11:56:17.0185 4384	CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
11:56:17.0247 4384	CryptSvc - ok
11:56:17.0325 4384	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:56:17.0450 4384	DcomLaunch - ok
11:56:17.0497 4384	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:56:17.0559 4384	DfsC - ok
11:56:17.0731 4384	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:56:17.0856 4384	DFSR - ok
11:56:17.0996 4384	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:56:18.0027 4384	Dhcp - ok
11:56:18.0090 4384	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:56:18.0121 4384	disk - ok
11:56:18.0152 4384	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:56:18.0215 4384	Dnscache - ok
11:56:18.0246 4384	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:56:18.0293 4384	dot3svc - ok
11:56:18.0339 4384	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:56:18.0386 4384	DPS - ok
11:56:18.0417 4384	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:56:18.0464 4384	drmkaud - ok
11:56:18.0527 4384	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:56:18.0573 4384	DXGKrnl - ok
11:56:18.0589 4384	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:56:18.0651 4384	E1G60 - ok
11:56:18.0683 4384	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:56:18.0729 4384	EapHost - ok
11:56:18.0776 4384	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:56:18.0807 4384	Ecache - ok
11:56:18.0885 4384	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
11:56:18.0948 4384	ehRecvr - ok
11:56:18.0979 4384	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
11:56:19.0057 4384	ehSched - ok
11:56:19.0057 4384	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
11:56:19.0119 4384	ehstart - ok
11:56:19.0197 4384	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:56:19.0244 4384	elxstor - ok
11:56:19.0322 4384	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:56:19.0416 4384	EMDMgmt - ok
11:56:19.0447 4384	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:56:19.0494 4384	ErrDev - ok
11:56:19.0541 4384	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:56:19.0603 4384	EventSystem - ok
11:56:19.0759 4384	EvtEng          (2d41d7250f73272946de04ff7a19761e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:56:19.0853 4384	EvtEng ( UnsignedFile.Multi.Generic ) - warning
11:56:19.0853 4384	EvtEng - detected UnsignedFile.Multi.Generic (1)
11:56:19.0915 4384	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:56:20.0009 4384	exfat - ok
11:56:20.0118 4384	Fabs - ok
11:56:20.0165 4384	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:56:20.0211 4384	fastfat - ok
11:56:20.0243 4384	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:56:20.0305 4384	fdc - ok
11:56:20.0352 4384	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:56:20.0399 4384	fdPHost - ok
11:56:20.0399 4384	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:56:20.0508 4384	FDResPub - ok
11:56:20.0523 4384	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:56:20.0555 4384	FileInfo - ok
11:56:20.0555 4384	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:56:20.0617 4384	Filetrace - ok
11:56:20.0867 4384	FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:56:21.0194 4384	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
11:56:21.0194 4384	FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
11:56:21.0335 4384	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:56:21.0397 4384	flpydisk - ok
11:56:21.0459 4384	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:56:21.0522 4384	FltMgr - ok
11:56:21.0631 4384	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
11:56:21.0756 4384	FontCache - ok
11:56:21.0818 4384	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:56:21.0849 4384	FontCache3.0.0.0 - ok
11:56:21.0865 4384	Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
11:56:21.0943 4384	Fs_Rec - ok
11:56:21.0974 4384	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:56:22.0021 4384	gagp30kx - ok
11:56:22.0052 4384	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:56:22.0083 4384	GEARAspiWDM - ok
11:56:22.0161 4384	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:56:22.0255 4384	gpsvc - ok
11:56:22.0395 4384	gupdate         (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:56:22.0427 4384	gupdate - ok
11:56:22.0442 4384	gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:56:22.0473 4384	gupdatem - ok
11:56:22.0520 4384	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:56:22.0598 4384	HdAudAddService - ok
11:56:22.0661 4384	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:56:22.0739 4384	HDAudBus - ok
11:56:22.0754 4384	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:56:22.0801 4384	HidBth - ok
11:56:22.0817 4384	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:56:22.0895 4384	HidIr - ok
11:56:22.0926 4384	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
11:56:22.0957 4384	hidserv - ok
11:56:22.0973 4384	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:56:23.0019 4384	HidUsb - ok
11:56:23.0051 4384	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:56:23.0082 4384	hkmsvc - ok
11:56:23.0097 4384	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:56:23.0129 4384	HpCISSs - ok
11:56:23.0175 4384	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:56:23.0269 4384	HTTP - ok
11:56:23.0300 4384	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:56:23.0316 4384	i2omp - ok
11:56:23.0347 4384	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:56:23.0394 4384	i8042prt - ok
11:56:23.0503 4384	ialm            (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:56:23.0706 4384	ialm - ok
11:56:23.0862 4384	iaStor          (abfebc5f846c71afebd7f8f6ba740c03) C:\Windows\system32\DRIVERS\iaStor.sys
11:56:23.0877 4384	iaStor - ok
11:56:23.0924 4384	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:56:23.0955 4384	iaStorV - ok
11:56:24.0080 4384	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:56:24.0111 4384	IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:56:24.0111 4384	IDriverT - detected UnsignedFile.Multi.Generic (1)
11:56:24.0236 4384	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:56:24.0314 4384	idsvc - ok
11:56:24.0361 4384	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:56:24.0392 4384	iirsp - ok
11:56:24.0455 4384	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:56:24.0533 4384	IKEEXT - ok
11:56:24.0751 4384	IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
11:56:24.0938 4384	IntcAzAudAddService - ok
11:56:25.0079 4384	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:56:25.0125 4384	intelide - ok
11:56:25.0157 4384	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:56:25.0235 4384	intelppm - ok
11:56:25.0281 4384	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:56:25.0359 4384	IPBusEnum - ok
11:56:25.0375 4384	Scan interrupted by user!
11:56:25.0375 4384	Scan interrupted by user!
11:56:25.0375 4384	Scan interrupted by user!
11:56:25.0375 4384	============================================================
11:56:25.0375 4384	Scan finished
11:56:25.0375 4384	============================================================
11:56:25.0406 4968	Detected object count: 3
11:56:25.0406 4968	Actual detected object count: 3
11:56:31.0832 4968	EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
11:56:31.0832 4968	EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:56:31.0832 4968	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
11:56:31.0832 4968	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:56:31.0832 4968	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:56:31.0832 4968	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:57:11.0487 2952	============================================================
11:57:11.0487 2952	Scan started
11:57:11.0487 2952	Mode: Manual; SigCheck; TDLFS; 
11:57:11.0487 2952	============================================================
11:57:11.0893 2952	ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
11:57:11.0971 2952	ABBYY.Licensing.FineReader.Sprint.9.0 - ok
11:57:12.0049 2952	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:57:12.0096 2952	ACPI - ok
11:57:12.0205 2952	AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:57:12.0236 2952	AdobeFlashPlayerUpdateSvc - ok
11:57:12.0299 2952	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:57:12.0345 2952	adp94xx - ok
11:57:12.0377 2952	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:57:12.0423 2952	adpahci - ok
11:57:12.0455 2952	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:57:12.0486 2952	adpu160m - ok
11:57:12.0517 2952	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:57:12.0548 2952	adpu320 - ok
11:57:12.0579 2952	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:57:12.0595 2952	AeLookupSvc - ok
11:57:12.0657 2952	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:57:12.0673 2952	AFD - ok
11:57:12.0782 2952	AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
11:57:12.0845 2952	AgereSoftModem - ok
11:57:12.0860 2952	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:57:12.0876 2952	agp440 - ok
11:57:12.0876 2952	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:57:12.0891 2952	aic78xx - ok
11:57:12.0907 2952	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:57:12.0938 2952	ALG - ok
11:57:12.0954 2952	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:57:12.0969 2952	aliide - ok
11:57:12.0969 2952	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:57:12.0985 2952	amdagp - ok
11:57:13.0001 2952	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:57:13.0016 2952	amdide - ok
11:57:13.0032 2952	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:57:13.0047 2952	AmdK7 - ok
11:57:13.0063 2952	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:57:13.0094 2952	AmdK8 - ok
11:57:13.0188 2952	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:57:13.0203 2952	AntiVirSchedulerService - ok
11:57:13.0219 2952	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:57:13.0235 2952	AntiVirService - ok
11:57:13.0266 2952	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:57:13.0281 2952	Appinfo - ok
11:57:13.0359 2952	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:57:13.0359 2952	Apple Mobile Device - ok
11:57:13.0406 2952	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:57:13.0422 2952	arc - ok
11:57:13.0437 2952	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:57:13.0453 2952	arcsas - ok
11:57:13.0469 2952	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:57:13.0500 2952	AsyncMac - ok
11:57:13.0515 2952	atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
11:57:13.0531 2952	atapi - ok
11:57:13.0609 2952	athr            (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys
11:57:13.0671 2952	athr - ok
11:57:13.0718 2952	atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
11:57:13.0734 2952	atksgt - ok
11:57:13.0781 2952	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:57:13.0812 2952	AudioEndpointBuilder - ok
11:57:13.0827 2952	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:57:13.0859 2952	Audiosrv - ok
11:57:13.0905 2952	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
11:57:13.0921 2952	avgntflt - ok
11:57:13.0952 2952	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
11:57:13.0983 2952	avipbb - ok
11:57:13.0999 2952	avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS\avkmgr.sys
11:57:14.0015 2952	avkmgr - ok
11:57:14.0046 2952	bcm4sbxp        (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
11:57:14.0108 2952	bcm4sbxp - ok
11:57:14.0186 2952	BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:57:14.0217 2952	BcmSqlStartupSvc - ok
11:57:14.0233 2952	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:57:14.0264 2952	Beep - ok
11:57:14.0327 2952	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:57:14.0358 2952	BFE - ok
11:57:14.0451 2952	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:57:14.0498 2952	BITS - ok
11:57:14.0529 2952	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:57:14.0561 2952	blbdrive - ok
11:57:14.0639 2952	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:57:14.0654 2952	Bonjour Service - ok
11:57:14.0701 2952	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:57:14.0717 2952	bowser - ok
11:57:14.0732 2952	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:57:14.0763 2952	BrFiltLo - ok
11:57:14.0779 2952	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:57:14.0810 2952	BrFiltUp - ok
11:57:14.0841 2952	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:57:14.0873 2952	Browser - ok
11:57:14.0904 2952	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:57:14.0966 2952	Brserid - ok
11:57:14.0982 2952	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:57:15.0029 2952	BrSerWdm - ok
11:57:15.0029 2952	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:57:15.0075 2952	BrUsbMdm - ok
11:57:15.0075 2952	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:57:15.0122 2952	BrUsbSer - ok
11:57:15.0153 2952	BthEnum         (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys
11:57:15.0169 2952	BthEnum - ok
11:57:15.0185 2952	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:57:15.0231 2952	BTHMODEM - ok
11:57:15.0247 2952	BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
11:57:15.0278 2952	BthPan - ok
11:57:15.0325 2952	BTHPORT         (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys
11:57:15.0341 2952	BTHPORT - ok
11:57:15.0372 2952	BthServ         (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
11:57:15.0387 2952	BthServ - ok
11:57:15.0403 2952	BTHUSB          (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys
11:57:15.0419 2952	BTHUSB - ok
11:57:15.0465 2952	btwaudio        (3ea1a20dc0ca1ad23e7aa8c37a91bcd1) C:\Windows\system32\drivers\btwaudio.sys
11:57:15.0481 2952	btwaudio - ok
11:57:15.0497 2952	btwavdt         (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
11:57:15.0497 2952	btwavdt - ok
11:57:15.0512 2952	btwrchid        (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
11:57:15.0528 2952	btwrchid - ok
11:57:15.0559 2952	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:57:15.0590 2952	cdfs - ok
11:57:15.0606 2952	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:57:15.0637 2952	cdrom - ok
11:57:15.0668 2952	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:57:15.0699 2952	CertPropSvc - ok
11:57:15.0715 2952	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:57:15.0746 2952	circlass - ok
11:57:15.0793 2952	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:57:15.0809 2952	CLFS - ok
11:57:15.0887 2952	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:57:15.0902 2952	clr_optimization_v2.0.50727_32 - ok
11:57:15.0965 2952	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:57:15.0980 2952	clr_optimization_v4.0.30319_32 - ok
11:57:16.0011 2952	CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:57:16.0043 2952	CmBatt - ok
11:57:16.0074 2952	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:57:16.0089 2952	cmdide - ok
11:57:16.0105 2952	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:57:16.0121 2952	Compbatt - ok
11:57:16.0121 2952	COMSysApp - ok
11:57:16.0167 2952	cpuz132 - ok
11:57:16.0183 2952	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:57:16.0199 2952	crcdisk - ok
11:57:16.0214 2952	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:57:16.0261 2952	Crusoe - ok
11:57:16.0308 2952	CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
11:57:16.0323 2952	CryptSvc - ok
11:57:16.0401 2952	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:57:16.0433 2952	DcomLaunch - ok
11:57:16.0479 2952	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:57:16.0511 2952	DfsC - ok
11:57:16.0698 2952	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:57:16.0869 2952	DFSR - ok
11:57:17.0010 2952	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:57:17.0057 2952	Dhcp - ok
11:57:17.0103 2952	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:57:17.0135 2952	disk - ok
11:57:17.0197 2952	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:57:17.0244 2952	Dnscache - ok
11:57:17.0275 2952	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:57:17.0322 2952	dot3svc - ok
11:57:17.0369 2952	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:57:17.0384 2952	DPS - ok
11:57:17.0415 2952	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:57:17.0431 2952	drmkaud - ok
11:57:17.0493 2952	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:57:17.0509 2952	DXGKrnl - ok
11:57:17.0540 2952	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:57:17.0571 2952	E1G60 - ok
11:57:17.0587 2952	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:57:17.0603 2952	EapHost - ok
11:57:17.0618 2952	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:57:17.0649 2952	Ecache - ok
11:57:17.0712 2952	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
11:57:17.0727 2952	ehRecvr - ok
11:57:17.0743 2952	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
11:57:17.0759 2952	ehSched - ok
11:57:17.0790 2952	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
11:57:17.0790 2952	ehstart - ok
11:57:17.0821 2952	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:57:17.0837 2952	elxstor - ok
11:57:17.0899 2952	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:57:17.0946 2952	EMDMgmt - ok
11:57:17.0993 2952	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:57:18.0008 2952	ErrDev - ok
11:57:18.0071 2952	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:57:18.0086 2952	EventSystem - ok
11:57:18.0211 2952	EvtEng          (2d41d7250f73272946de04ff7a19761e) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:57:18.0242 2952	EvtEng ( UnsignedFile.Multi.Generic ) - warning
11:57:18.0242 2952	EvtEng - detected UnsignedFile.Multi.Generic (1)
11:57:18.0289 2952	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:57:18.0305 2952	exfat - ok
11:57:18.0383 2952	Fabs - ok
11:57:18.0414 2952	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:57:18.0445 2952	fastfat - ok
11:57:18.0461 2952	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:57:18.0507 2952	fdc - ok
11:57:18.0539 2952	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:57:18.0570 2952	fdPHost - ok
11:57:18.0585 2952	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:57:18.0663 2952	FDResPub - ok
11:57:18.0679 2952	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:57:18.0695 2952	FileInfo - ok
11:57:18.0695 2952	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:57:18.0726 2952	Filetrace - ok
11:57:18.0897 2952	FirebirdServerMAGIXInstance (fff1130f7c9fa01d093a1edfc5cce8fc) C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:57:19.0007 2952	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
11:57:19.0007 2952	FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
11:57:19.0116 2952	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:57:19.0147 2952	flpydisk - ok
11:57:19.0194 2952	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:57:19.0209 2952	FltMgr - ok
11:57:19.0303 2952	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
11:57:19.0334 2952	FontCache - ok
11:57:19.0397 2952	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:57:19.0412 2952	FontCache3.0.0.0 - ok
11:57:19.0428 2952	Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
11:57:19.0459 2952	Fs_Rec - ok
11:57:19.0475 2952	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:57:19.0506 2952	gagp30kx - ok
11:57:19.0537 2952	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:57:19.0553 2952	GEARAspiWDM - ok
11:57:19.0615 2952	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:57:19.0662 2952	gpsvc - ok
11:57:19.0755 2952	gupdate         (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:57:19.0771 2952	gupdate - ok
11:57:19.0771 2952	gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
11:57:19.0802 2952	gupdatem - ok
11:57:19.0833 2952	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:57:19.0896 2952	HdAudAddService - ok
11:57:19.0958 2952	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:57:20.0021 2952	HDAudBus - ok
11:57:20.0052 2952	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:57:20.0099 2952	HidBth - ok
11:57:20.0114 2952	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:57:20.0161 2952	HidIr - ok
11:57:20.0192 2952	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
11:57:20.0192 2952	hidserv - ok
11:57:20.0223 2952	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:57:20.0255 2952	HidUsb - ok
11:57:20.0286 2952	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:57:20.0301 2952	hkmsvc - ok
11:57:20.0317 2952	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:57:20.0333 2952	HpCISSs - ok
11:57:20.0379 2952	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:57:20.0411 2952	HTTP - ok
11:57:20.0426 2952	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:57:20.0442 2952	i2omp - ok
11:57:20.0473 2952	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:57:20.0504 2952	i8042prt - ok
11:57:20.0613 2952	ialm            (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:57:20.0723 2952	ialm - ok
11:57:20.0879 2952	iaStor          (abfebc5f846c71afebd7f8f6ba740c03) C:\Windows\system32\DRIVERS\iaStor.sys
11:57:20.0910 2952	iaStor - ok
11:57:20.0941 2952	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:57:20.0972 2952	iaStorV - ok
11:57:21.0081 2952	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:57:21.0097 2952	IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:57:21.0097 2952	IDriverT - detected UnsignedFile.Multi.Generic (1)
11:57:21.0222 2952	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:57:21.0315 2952	idsvc - ok
11:57:21.0331 2952	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:57:21.0362 2952	iirsp - ok
11:57:21.0440 2952	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:57:21.0503 2952	IKEEXT - ok
11:57:21.0705 2952	IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
11:57:21.0846 2952	IntcAzAudAddService - ok
11:57:21.0986 2952	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:57:22.0017 2952	intelide - ok
11:57:22.0033 2952	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:57:22.0095 2952	intelppm - ok
11:57:22.0127 2952	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:57:22.0173 2952	IPBusEnum - ok
11:57:22.0189 2952	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:57:22.0236 2952	IpFilterDriver - ok
11:57:22.0283 2952	iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
11:57:22.0314 2952	iphlpsvc - ok
11:57:22.0314 2952	IpInIp - ok
11:57:22.0329 2952	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
11:57:22.0376 2952	IPMIDRV - ok
11:57:22.0392 2952	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:57:22.0439 2952	IPNAT - ok
11:57:22.0548 2952	iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
11:57:22.0579 2952	iPod Service - ok
11:57:22.0610 2952	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:57:22.0657 2952	IRENUM - ok
11:57:22.0688 2952	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
11:57:22.0704 2952	isapnp - ok
11:57:22.0735 2952	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:57:22.0766 2952	iScsiPrt - ok
11:57:22.0782 2952	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:57:22.0797 2952	iteatapi - ok
11:57:22.0813 2952	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:57:22.0829 2952	iteraid - ok
11:57:22.0844 2952	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:57:22.0860 2952	kbdclass - ok
11:57:22.0875 2952	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:57:22.0922 2952	kbdhid - ok
11:57:22.0953 2952	KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:57:23.0016 2952	KeyIso - ok
11:57:23.0047 2952	KMDFMEMIO       (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys
11:57:23.0094 2952	KMDFMEMIO - ok
11:57:23.0141 2952	KSecDD          (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
11:57:23.0187 2952	KSecDD - ok
11:57:23.0234 2952	KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:57:23.0328 2952	KtmRm - ok
11:57:23.0359 2952	LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
11:57:23.0421 2952	LanmanServer - ok
11:57:23.0468 2952	LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
11:57:23.0499 2952	LanmanWorkstation - ok
11:57:23.0609 2952	LightScribeService (c215e09622118383b236dd56c2065183) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:57:23.0655 2952	LightScribeService ( UnsignedFile.Multi.Generic ) - warning
11:57:23.0655 2952	LightScribeService - detected UnsignedFile.Multi.Generic (1)
11:57:23.0687 2952	lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
11:57:23.0718 2952	lirsgt - ok
11:57:23.0749 2952	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:57:23.0811 2952	lltdio - ok
11:57:23.0843 2952	lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:57:23.0889 2952	lltdsvc - ok
11:57:23.0905 2952	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:57:23.0983 2952	lmhosts - ok
11:57:24.0014 2952	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
11:57:24.0030 2952	LSI_FC - ok
11:57:24.0045 2952	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
11:57:24.0061 2952	LSI_SAS - ok
11:57:24.0077 2952	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
11:57:24.0092 2952	LSI_SCSI - ok
11:57:24.0108 2952	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:57:24.0155 2952	luafv - ok
11:57:24.0170 2952	MBAMProtector   (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
11:57:24.0186 2952	MBAMProtector - ok
11:57:24.0264 2952	MBAMService     (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:57:24.0295 2952	MBAMService - ok
11:57:24.0311 2952	Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
11:57:24.0326 2952	Mcx2Svc - ok
11:57:24.0404 2952	mdf16 - ok
11:57:24.0435 2952	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
11:57:24.0451 2952	megasas - ok
11:57:24.0498 2952	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
11:57:24.0513 2952	MegaSR - ok
11:57:24.0623 2952	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
11:57:24.0638 2952	Microsoft Office Groove Audit Service - ok
11:57:24.0669 2952	MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:57:24.0716 2952	MMCSS - ok
11:57:24.0732 2952	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:57:24.0794 2952	Modem - ok
11:57:24.0825 2952	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:57:24.0872 2952	monitor - ok
11:57:24.0888 2952	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:57:24.0919 2952	mouclass - ok
11:57:24.0935 2952	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:57:24.0997 2952	mouhid - ok
11:57:25.0013 2952	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:57:25.0028 2952	MountMgr - ok
11:57:25.0091 2952	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:57:25.0106 2952	MozillaMaintenance - ok
11:57:25.0137 2952	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
11:57:25.0169 2952	mpio - ok
11:57:25.0184 2952	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:57:25.0231 2952	mpsdrv - ok
11:57:25.0278 2952	MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
11:57:25.0356 2952	MpsSvc - ok
11:57:25.0371 2952	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:57:25.0403 2952	Mraid35x - ok
11:57:25.0449 2952	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:57:25.0512 2952	MRxDAV - ok
11:57:25.0543 2952	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:57:25.0574 2952	mrxsmb - ok
11:57:25.0621 2952	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:57:25.0668 2952	mrxsmb10 - ok
11:57:25.0683 2952	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:57:25.0715 2952	mrxsmb20 - ok
11:57:25.0746 2952	msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
11:57:25.0761 2952	msahci - ok
11:57:25.0793 2952	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
11:57:25.0808 2952	msdsm - ok
11:57:25.0839 2952	MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:57:25.0902 2952	MSDTC - ok
11:57:25.0933 2952	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:57:25.0980 2952	Msfs - ok
11:57:26.0011 2952	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:57:26.0042 2952	msisadrv - ok
11:57:26.0073 2952	MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:57:26.0136 2952	MSiSCSI - ok
11:57:26.0136 2952	msiserver - ok
11:57:26.0167 2952	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:57:26.0198 2952	MSKSSRV - ok
11:57:26.0214 2952	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:57:26.0276 2952	MSPCLOCK - ok
11:57:26.0276 2952	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:57:26.0323 2952	MSPQM - ok
11:57:26.0370 2952	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:57:26.0401 2952	MsRPC - ok
11:57:26.0432 2952	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:57:26.0448 2952	mssmbios - ok
11:57:26.0557 2952	MSSQL$MSSMLBIZ - ok
11:57:26.0619 2952	MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:57:26.0619 2952	MSSQLServerADHelper - ok
11:57:26.0635 2952	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:57:26.0682 2952	MSTEE - ok
11:57:26.0713 2952	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:57:26.0729 2952	Mup - ok
11:57:26.0775 2952	mvd23 - ok
11:57:26.0822 2952	napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
11:57:26.0853 2952	napagent - ok
11:57:26.0916 2952	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:57:26.0963 2952	NativeWifiP - ok
11:57:27.0025 2952	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:57:27.0056 2952	NDIS - ok
11:57:27.0087 2952	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:57:27.0134 2952	NdisTapi - ok
11:57:27.0150 2952	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:57:27.0181 2952	Ndisuio - ok
11:57:27.0228 2952	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:57:27.0290 2952	NdisWan - ok
11:57:27.0321 2952	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:57:27.0368 2952	NDProxy - ok
11:57:27.0384 2952	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:57:27.0415 2952	NetBIOS - ok
11:57:27.0462 2952	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:57:27.0477 2952	netbt - ok
11:57:27.0493 2952	Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:57:27.0509 2952	Netlogon - ok
11:57:27.0540 2952	Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:57:27.0587 2952	Netman - ok
11:57:27.0618 2952	netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:57:27.0649 2952	netprofm - ok
11:57:27.0727 2952	NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:57:27.0727 2952	NetTcpPortSharing - ok
11:57:27.0914 2952	NETw3v32        (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
11:57:28.0008 2952	NETw3v32 - ok
11:57:28.0117 2952	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:57:28.0133 2952	nfrd960 - ok
11:57:28.0179 2952	NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:57:28.0242 2952	NlaSvc - ok
11:57:28.0289 2952	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:57:28.0335 2952	Npfs - ok
11:57:28.0335 2952	nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:57:28.0398 2952	nsi - ok
11:57:28.0429 2952	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:57:28.0476 2952	nsiproxy - ok
11:57:28.0601 2952	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:57:28.0710 2952	Ntfs - ok
11:57:28.0741 2952	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:57:28.0835 2952	ntrigdigi - ok
11:57:28.0850 2952	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:57:28.0866 2952	Null - ok
11:57:28.0897 2952	NVHDA           (a103162c62c336c2cb3c5e1e2773d17b) C:\Windows\system32\drivers\nvhda32v.sys
11:57:28.0913 2952	NVHDA - ok
11:57:29.0427 2952	nvlddmkm        (c526b4a24ef951ef219c3bfa1534b152) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:57:29.0864 2952	nvlddmkm - ok
11:57:30.0005 2952	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
11:57:30.0020 2952	nvraid - ok
11:57:30.0036 2952	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
11:57:30.0067 2952	nvstor - ok
11:57:30.0114 2952	nvsvc           (df6315ce4ff30f706abf3802d7749e70) C:\Windows\system32\nvvsvc.exe
11:57:30.0145 2952	nvsvc - ok
11:57:30.0161 2952	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
11:57:30.0176 2952	nv_agp - ok
11:57:30.0192 2952	NwlnkFlt - ok
11:57:30.0207 2952	NwlnkFwd - ok
11:57:30.0301 2952	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:57:30.0332 2952	odserv - ok
11:57:30.0363 2952	ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
11:57:30.0410 2952	ohci1394 - ok
11:57:30.0473 2952	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:57:30.0488 2952	ose - ok
11:57:30.0566 2952	p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:57:30.0675 2952	p2pimsvc - ok
11:57:30.0691 2952	p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:57:30.0722 2952	p2psvc - ok
11:57:30.0769 2952	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:57:30.0847 2952	Parport - ok
11:57:30.0878 2952	partmgr         (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
11:57:30.0909 2952	partmgr - ok
11:57:30.0925 2952	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:57:31.0003 2952	Parvdm - ok
11:57:31.0034 2952	PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:57:31.0081 2952	PcaSvc - ok
11:57:31.0128 2952	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:57:31.0143 2952	pci - ok
11:57:31.0159 2952	pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
11:57:31.0190 2952	pciide - ok
11:57:31.0221 2952	pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
11:57:31.0237 2952	pcmcia - ok
11:57:31.0315 2952	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:57:31.0424 2952	PEAUTH - ok
11:57:31.0565 2952	pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:57:31.0689 2952	pla - ok
11:57:31.0830 2952	PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
11:57:31.0908 2952	PlugPlay - ok
11:57:31.0986 2952	PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:57:32.0064 2952	PNRPAutoReg - ok
11:57:32.0079 2952	PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:57:32.0142 2952	PNRPsvc - ok
11:57:32.0220 2952	PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
11:57:32.0298 2952	PolicyAgent - ok
11:57:32.0360 2952	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:57:32.0438 2952	PptpMiniport - ok
11:57:32.0469 2952	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
11:57:32.0547 2952	Processor - ok
11:57:32.0594 2952	ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
11:57:32.0672 2952	ProfSvc - ok
11:57:32.0703 2952	ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:57:32.0750 2952	ProtectedStorage - ok
11:57:32.0781 2952	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:57:32.0844 2952	PSched - ok
11:57:32.0969 2952	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
11:57:33.0062 2952	ql2300 - ok
11:57:33.0093 2952	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:57:33.0125 2952	ql40xx - ok
11:57:33.0171 2952	QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:57:33.0218 2952	QWAVE - ok
11:57:33.0249 2952	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:57:33.0296 2952	QWAVEdrv - ok
11:57:33.0327 2952	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:57:33.0359 2952	RasAcd - ok
11:57:33.0390 2952	RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:57:33.0421 2952	RasAuto - ok
11:57:33.0437 2952	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:57:33.0483 2952	Rasl2tp - ok
11:57:33.0546 2952	RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
11:57:33.0577 2952	RasMan - ok
11:57:33.0624 2952	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:57:33.0655 2952	RasPppoe - ok
11:57:33.0686 2952	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:57:33.0717 2952	RasSstp - ok
11:57:33.0764 2952	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:57:33.0811 2952	rdbss - ok
11:57:33.0842 2952	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:57:33.0889 2952	RDPCDD - ok
11:57:33.0936 2952	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
11:57:33.0967 2952	rdpdr - ok
11:57:33.0967 2952	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:57:34.0014 2952	RDPENCDD - ok
11:57:34.0061 2952	RDPWD           (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
11:57:34.0107 2952	RDPWD - ok
11:57:34.0217 2952	RegSrvc         (ed8c9f16e10c1e4c4c5d16cd04966e24) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:57:34.0279 2952	RegSrvc ( UnsignedFile.Multi.Generic ) - warning
11:57:34.0279 2952	RegSrvc - detected UnsignedFile.Multi.Generic (1)
11:57:34.0326 2952	RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:57:34.0388 2952	RemoteAccess - ok
11:57:34.0419 2952	RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
11:57:34.0466 2952	RemoteRegistry - ok
11:57:34.0497 2952	RFCOMM          (10536b0ad6f416fc7f1149977c28ccdc) C:\Windows\system32\DRIVERS\rfcomm.sys
11:57:34.0560 2952	RFCOMM - ok
11:57:34.0638 2952	RichVideo       (4d05898896ec49cf663dda61041ab096) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
11:57:34.0669 2952	RichVideo - ok
11:57:34.0700 2952	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:57:34.0778 2952	RpcLocator - ok
11:57:34.0841 2952	RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:57:34.0919 2952	RpcSs - ok
11:57:34.0950 2952	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:57:35.0028 2952	rspndr - ok
11:57:35.0059 2952	s0016bus        (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys
11:57:35.0090 2952	s0016bus - ok
11:57:35.0121 2952	s0016mdfl       (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys
11:57:35.0137 2952	s0016mdfl - ok
11:57:35.0184 2952	s0016mdm        (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys
11:57:35.0199 2952	s0016mdm - ok
11:57:35.0231 2952	s0016mgmt       (7a78bba97feb5e6d24c49e93a3bf7287) C:\Windows\system32\DRIVERS\s0016mgmt.sys
11:57:35.0246 2952	s0016mgmt - ok
11:57:35.0293 2952	s0016nd5        (34ef7b5f611957b73e7219dd5a222ad1) C:\Windows\system32\DRIVERS\s0016nd5.sys
11:57:35.0324 2952	s0016nd5 - ok
11:57:35.0387 2952	s0016obex       (36792935847143e4a3cda0dc87248487) C:\Windows\system32\DRIVERS\s0016obex.sys
11:57:35.0387 2952	s0016obex - ok
11:57:35.0433 2952	s0016unic       (927208754fb27fc3e7a659e77500c5d1) C:\Windows\system32\DRIVERS\s0016unic.sys
11:57:35.0433 2952	s0016unic - ok
11:57:35.0465 2952	s816bus         (8c156e6b568aa927eb5deadeb870bdd2) C:\Windows\system32\DRIVERS\s816bus.sys
11:57:35.0480 2952	s816bus - ok
11:57:35.0511 2952	s816mdfl        (d4ed429953a2b8b09c702805813a26c8) C:\Windows\system32\DRIVERS\s816mdfl.sys
11:57:35.0511 2952	s816mdfl - ok
11:57:35.0527 2952	s816mdm         (94306f371a6ff8b690bea81157111b3b) C:\Windows\system32\DRIVERS\s816mdm.sys
11:57:35.0543 2952	s816mdm - ok
11:57:35.0558 2952	s816mgmt        (fafdd00abad1b6029bf7f4067764ab41) C:\Windows\system32\DRIVERS\s816mgmt.sys
11:57:35.0574 2952	s816mgmt - ok
11:57:35.0589 2952	s816nd5         (fd0d1e39cb22558d79bff59b66a5874a) C:\Windows\system32\DRIVERS\s816nd5.sys
11:57:35.0589 2952	s816nd5 - ok
11:57:35.0621 2952	s816obex        (8eacd5e46764463e75f171d9bf305348) C:\Windows\system32\DRIVERS\s816obex.sys
11:57:35.0621 2952	s816obex - ok
11:57:35.0652 2952	s816unic        (e2090b041b935430abc8e184b7d6cd75) C:\Windows\system32\DRIVERS\s816unic.sys
11:57:35.0652 2952	s816unic - ok
11:57:35.0683 2952	SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:57:35.0699 2952	SamSs - ok
11:57:35.0714 2952	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:57:35.0730 2952	sbp2port - ok
11:57:35.0777 2952	SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
11:57:35.0792 2952	SCardSvr - ok
11:57:35.0855 2952	Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
11:57:35.0933 2952	Schedule - ok
11:57:35.0964 2952	SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:57:35.0995 2952	SCPolicySvc - ok
11:57:36.0026 2952	sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
11:57:36.0073 2952	sdbus - ok
11:57:36.0120 2952	SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:57:36.0182 2952	SDRSVC - ok
11:57:36.0198 2952	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:57:36.0276 2952	secdrv - ok
11:57:36.0291 2952	seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:57:36.0354 2952	seclogon - ok
11:57:36.0385 2952	seehcri         (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
11:57:36.0463 2952	seehcri - ok
11:57:36.0479 2952	SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
11:57:36.0541 2952	SENS - ok
11:57:36.0557 2952	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:57:36.0650 2952	Serenum - ok
11:57:36.0666 2952	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:57:36.0744 2952	Serial - ok
11:57:36.0759 2952	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:57:36.0806 2952	sermouse - ok
11:57:36.0822 2952	SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:57:36.0853 2952	SessionEnv - ok
11:57:36.0869 2952	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
11:57:36.0915 2952	sffdisk - ok
11:57:36.0931 2952	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
11:57:36.0962 2952	sffp_mmc - ok
11:57:36.0993 2952	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
11:57:37.0025 2952	sffp_sd - ok
11:57:37.0040 2952	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:57:37.0087 2952	sfloppy - ok
11:57:37.0134 2952	SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:57:37.0149 2952	SharedAccess - ok
11:57:37.0196 2952	ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
11:57:37.0243 2952	ShellHWDetection - ok
11:57:37.0259 2952	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
11:57:37.0274 2952	sisagp - ok
11:57:37.0290 2952	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
11:57:37.0305 2952	SiSRaid2 - ok
11:57:37.0321 2952	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
11:57:37.0352 2952	SiSRaid4 - ok
11:57:37.0446 2952	SkypeUpdate     (ea396139541706b4b433641d62ea53ce) C:\Program Files\Skype\Updater\Updater.exe
11:57:37.0461 2952	SkypeUpdate - ok
11:57:37.0711 2952	slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
11:57:37.0867 2952	slsvc - ok
11:57:37.0992 2952	SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
11:57:38.0039 2952	SLUINotify - ok
11:57:38.0101 2952	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:57:38.0163 2952	Smb - ok
11:57:38.0210 2952	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:57:38.0241 2952	SNMPTRAP - ok
11:57:38.0288 2952	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:57:38.0319 2952	spldr - ok
11:57:38.0351 2952	Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
11:57:38.0429 2952	Spooler - ok
11:57:38.0538 2952	SQLBrowser      (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:57:38.0569 2952	SQLBrowser - ok
11:57:38.0600 2952	SQLWriter       (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:57:38.0631 2952	SQLWriter - ok
11:57:38.0694 2952	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:57:38.0756 2952	srv - ok
11:57:38.0803 2952	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:57:38.0865 2952	srv2 - ok
11:57:38.0897 2952	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:57:38.0943 2952	srvnet - ok
11:57:38.0990 2952	SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:57:39.0053 2952	SSDPSRV - ok
11:57:39.0115 2952	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
11:57:39.0131 2952	ssmdrv - ok
11:57:39.0177 2952	SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:57:39.0224 2952	SstpSvc - ok
11:57:39.0302 2952	stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
11:57:39.0380 2952	stisvc - ok
11:57:39.0427 2952	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:57:39.0458 2952	swenum - ok
11:57:39.0505 2952	swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
11:57:39.0583 2952	swprv - ok
11:57:39.0614 2952	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:57:39.0645 2952	Symc8xx - ok
11:57:39.0661 2952	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:57:39.0692 2952	Sym_hi - ok
11:57:39.0708 2952	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:57:39.0739 2952	Sym_u3 - ok
11:57:39.0786 2952	SynTP           (451e8037e2eb6da6bdf0a66f65d1810b) C:\Windows\system32\DRIVERS\SynTP.sys
11:57:39.0801 2952	SynTP - ok
11:57:39.0864 2952	SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
11:57:39.0926 2952	SysMain - ok
11:57:40.0035 2952	SZDrvSvc        (53cd82185248b0549ee55321a7b03f3b) C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
11:57:40.0035 2952	SZDrvSvc ( UnsignedFile.Multi.Generic ) - warning
11:57:40.0035 2952	SZDrvSvc - detected UnsignedFile.Multi.Generic (1)
11:57:40.0067 2952	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:57:40.0098 2952	TabletInputService - ok
11:57:40.0160 2952	TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
11:57:40.0207 2952	TapiSrv - ok
11:57:40.0223 2952	TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:57:40.0269 2952	TBS - ok
11:57:40.0363 2952	Tcpip           (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
11:57:40.0425 2952	Tcpip - ok
11:57:40.0441 2952	Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
11:57:40.0488 2952	Tcpip6 - ok
11:57:40.0550 2952	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:57:40.0613 2952	tcpipreg - ok
11:57:40.0691 2952	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:57:40.0753 2952	TDPIPE - ok
11:57:40.0769 2952	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:57:40.0815 2952	TDTCP - ok
11:57:40.0862 2952	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:57:40.0893 2952	tdx - ok
11:57:40.0925 2952	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:57:40.0940 2952	TermDD - ok
11:57:41.0003 2952	TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
11:57:41.0034 2952	TermService - ok
11:57:41.0081 2952	Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
11:57:41.0096 2952	Themes - ok
11:57:41.0127 2952	THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:57:41.0159 2952	THREADORDER - ok
11:57:41.0205 2952	TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:57:41.0252 2952	TrkWks - ok
11:57:41.0299 2952	TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
11:57:41.0315 2952	TrustedInstaller - ok
11:57:41.0361 2952	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:57:41.0393 2952	tssecsrv - ok
11:57:41.0424 2952	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:57:41.0439 2952	tunmp - ok
11:57:41.0486 2952	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:57:41.0517 2952	tunnel - ok
11:57:41.0533 2952	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
11:57:41.0549 2952	uagp35 - ok
11:57:41.0611 2952	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:57:41.0642 2952	udfs - ok
11:57:41.0689 2952	UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:57:41.0736 2952	UI0Detect - ok
11:57:41.0783 2952	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
11:57:41.0798 2952	uliagpkx - ok
11:57:41.0829 2952	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
11:57:41.0845 2952	uliahci - ok
11:57:41.0876 2952	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:57:41.0892 2952	UlSata - ok
11:57:41.0923 2952	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:57:41.0939 2952	ulsata2 - ok
11:57:42.0048 2952	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:57:42.0095 2952	umbus - ok
11:57:42.0251 2952	upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:57:42.0313 2952	upnphost - ok
11:57:42.0360 2952	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:57:42.0407 2952	usbccgp - ok
11:57:42.0422 2952	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:57:42.0485 2952	usbcir - ok
11:57:42.0609 2952	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:57:42.0672 2952	usbehci - ok
11:57:42.0703 2952	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:57:42.0750 2952	usbhub - ok
11:57:42.0765 2952	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:57:42.0828 2952	usbohci - ok
11:57:42.0859 2952	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:57:42.0875 2952	usbprint - ok
11:57:42.0906 2952	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:57:42.0937 2952	usbscan - ok
11:57:42.0953 2952	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:57:42.0984 2952	USBSTOR - ok
11:57:43.0031 2952	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:57:43.0046 2952	usbuhci - ok
11:57:43.0077 2952	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:57:43.0109 2952	usbvideo - ok
11:57:43.0187 2952	UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
11:57:43.0249 2952	UxSms - ok
11:57:43.0327 2952	vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
11:57:43.0405 2952	vds - ok
11:57:43.0452 2952	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:57:43.0499 2952	vga - ok
11:57:43.0514 2952	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:57:43.0577 2952	VgaSave - ok
11:57:43.0608 2952	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
11:57:43.0623 2952	viaagp - ok
11:57:43.0655 2952	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
11:57:43.0686 2952	ViaC7 - ok
11:57:43.0701 2952	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
11:57:43.0717 2952	viaide - ok
11:57:43.0826 2952	VMC302          (c30a79cfee47f1a9633f403c5ace872f) C:\Windows\system32\Drivers\VMC302.sys
11:57:43.0857 2952	VMC302 - ok
11:57:43.0873 2952	VMC326 - ok
11:57:43.0904 2952	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:57:43.0920 2952	volmgr - ok
11:57:43.0982 2952	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:57:44.0013 2952	volmgrx - ok
11:57:44.0060 2952	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:57:44.0091 2952	volsnap - ok
11:57:44.0107 2952	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
11:57:44.0138 2952	vsmraid - ok
11:57:44.0263 2952	VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
11:57:44.0372 2952	VSS - ok
11:57:44.0435 2952	W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
11:57:44.0591 2952	W32Time - ok
11:57:44.0731 2952	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:57:44.0793 2952	WacomPen - ok
11:57:44.0825 2952	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:57:44.0840 2952	Wanarp - ok
11:57:44.0840 2952	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:57:44.0871 2952	Wanarpv6 - ok
11:57:44.0918 2952	wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
11:57:44.0965 2952	wcncsvc - ok
11:57:44.0996 2952	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:57:45.0012 2952	WcsPlugInService - ok
11:57:45.0043 2952	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
11:57:45.0059 2952	Wd - ok
11:57:45.0105 2952	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:57:45.0152 2952	Wdf01000 - ok
11:57:45.0230 2952	WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:57:45.0293 2952	WdiServiceHost - ok
11:57:45.0293 2952	WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:57:45.0339 2952	WdiSystemHost - ok
11:57:45.0449 2952	WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
11:57:45.0480 2952	WebClient - ok
11:57:45.0527 2952	Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:57:45.0573 2952	Wecsvc - ok
11:57:45.0605 2952	wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:57:45.0651 2952	wercplsupport - ok
11:57:45.0698 2952	WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
11:57:45.0745 2952	WerSvc - ok
11:57:45.0901 2952	WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:57:45.0932 2952	WinDefend - ok
11:57:45.0948 2952	WinHttpAutoProxySvc - ok
11:57:46.0010 2952	Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
11:57:46.0057 2952	Winmgmt - ok
11:57:46.0244 2952	WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:57:46.0353 2952	WinRM - ok
11:57:46.0431 2952	Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
11:57:46.0572 2952	Wlansvc - ok
11:57:46.0868 2952	wlidsvc         (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:57:46.0977 2952	wlidsvc - ok
11:57:47.0165 2952	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
11:57:47.0180 2952	WmiAcpi - ok
11:57:47.0336 2952	wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
11:57:47.0383 2952	wmiApSrv - ok
11:57:47.0539 2952	WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:57:47.0648 2952	WMPNetworkSvc - ok
11:57:47.0679 2952	WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
11:57:47.0757 2952	WPCSvc - ok
11:57:47.0789 2952	WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
11:57:47.0867 2952	WPDBusEnum - ok
11:57:48.0023 2952	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:57:48.0038 2952	WpdUsb - ok
11:57:48.0413 2952	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:57:48.0475 2952	WPFFontCache_v0400 - ok
11:57:48.0522 2952	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:57:48.0615 2952	ws2ifsl - ok
11:57:48.0662 2952	wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
11:57:48.0756 2952	wscsvc - ok
11:57:48.0756 2952	WSearch - ok
11:57:49.0021 2952	wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
11:57:49.0177 2952	wuauserv - ok
11:57:49.0863 2952	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:57:49.0973 2952	WUDFRd - ok
11:57:50.0066 2952	wudfsvc         (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:57:50.0160 2952	wudfsvc - ok
11:57:50.0238 2952	yukonwlh        (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
11:57:50.0394 2952	yukonwlh - ok
11:57:50.0456 2952	MBR (0x1B8)     (61a349592c4728853f4a90ff78f7628e) \Device\Harddisk0\DR0
11:57:51.0283 2952	\Device\Harddisk0\DR0 - ok
11:57:51.0283 2952	MBR (0x1B8)     (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk1\DR1
11:57:52.0157 2952	\Device\Harddisk1\DR1 - ok
11:57:52.0188 2952	Boot (0x1200)   (5d77ec23d5b9726d32bbdd410c52a16f) \Device\Harddisk0\DR0\Partition0
11:57:52.0188 2952	\Device\Harddisk0\DR0\Partition0 - ok
11:57:52.0500 2952	Boot (0x1200)   (8bdb7b4ea0226889323b8d2a05025a78) \Device\Harddisk0\DR0\Partition1
11:57:52.0500 2952	\Device\Harddisk0\DR0\Partition1 - ok
11:57:52.0515 2952	Boot (0x1200)   (0248d30cf0c1999d54dee2a8792ad245) \Device\Harddisk1\DR1\Partition0
11:57:52.0515 2952	\Device\Harddisk1\DR1\Partition0 - ok
11:57:52.0515 2952	============================================================
11:57:52.0515 2952	Scan finished
11:57:52.0515 2952	============================================================
11:57:52.0531 5336	Detected object count: 6
11:57:52.0531 5336	Actual detected object count: 6
11:58:32.0170 5336	EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0170 5336	EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:58:32.0170 5336	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0170 5336	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:58:32.0170 5336	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0170 5336	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:58:32.0185 5336	LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0185 5336	LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:58:32.0185 5336	RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0185 5336	RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:58:32.0185 5336	SZDrvSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:58:32.0185 5336	SZDrvSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Gruß Clemens
__________________


Alt 05.08.2012, 15:45   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
__________________

Alt 11.08.2012, 05:33   #19
heisinho
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Hier die Logdatei:
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-08-09.01 - Clemens 11.08.2012   0:07.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3066.1543 [GMT 2:00]
ausgeführt von:: c:\users\Clemens\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\windows\unin0407.exe
D:\Documents.lnk
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-10 bis 2012-08-10  ))))))))))))))))))))))))))))))
.
.
2012-08-03 20:41 . 2012-08-03 20:41	--------	d-----w-	C:\_OTL
2012-08-03 20:14 . 2012-08-03 20:14	--------	d-----w-	c:\users\Clemens\AppData\Roaming\Canneverbe Limited
2012-08-03 20:14 . 2012-08-03 20:14	--------	d-----w-	c:\programdata\Canneverbe Limited
2012-08-03 20:14 . 2012-08-03 20:14	--------	d-----w-	c:\program files\CDBurnerXP
2012-07-24 17:42 . 2012-07-24 17:42	--------	d-----w-	c:\program files\Microsoft
2012-07-24 17:05 . 2012-07-24 17:05	--------	d-----w-	c:\users\Clemens\AppData\Roaming\Malwarebytes
2012-07-24 17:05 . 2012-07-24 17:05	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-24 17:05 . 2012-07-03 11:46	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-07-24 17:05 . 2012-07-26 10:49	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-07-13 21:03 . 2010-10-24 04:06	598528	----a-w-	c:\windows\system32\ztv7z.dll
2012-07-13 21:03 . 2010-10-24 04:06	178176	----a-w-	c:\windows\system32\ztvunrar39.dll
2012-07-13 21:03 . 2006-05-25 12:52	162304	----a-w-	c:\windows\system32\ztvunrar36.dll
2012-07-13 21:03 . 2005-08-25 22:50	77312	----a-w-	c:\windows\system32\ztvunace26.dll
2012-07-13 21:03 . 2006-06-19 10:01	69632	----a-w-	c:\windows\system32\ztvcabinet.dll
2012-07-13 21:03 . 2003-02-02 17:06	153088	----a-w-	c:\windows\system32\UNRAR3.dll
2012-07-13 21:03 . 2002-03-05 22:00	75264	----a-w-	c:\windows\system32\unacev2.dll
2012-07-13 21:03 . 2012-07-13 21:04	--------	d-----w-	c:\program files\Trojan Remover
2012-07-13 21:03 . 2012-07-13 21:03	--------	d-----w-	c:\users\Clemens\AppData\Roaming\Simply Super Software
2012-07-13 21:03 . 2012-07-13 21:03	--------	d-----w-	c:\programdata\Simply Super Software
2012-07-13 20:26 . 2012-07-13 20:26	--------	d-----w-	c:\program files\ESET
2012-07-12 05:03 . 2012-06-13 13:40	2047488	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 09:44 . 2012-04-17 20:51	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-03 09:44 . 2011-07-12 14:59	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-18 16:04 . 2012-02-09 12:49	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-06-22 14:32 . 2012-07-10 17:59	405144	----a-w-	c:\windows\system32\Newtonsoft.Json.Net20.dll
2012-06-05 16:47 . 2012-07-11 14:18	1401856	----a-w-	c:\windows\system32\msxml6.dll
2012-06-05 16:47 . 2012-07-11 14:18	1248768	----a-w-	c:\windows\system32\msxml3.dll
2012-06-04 15:26 . 2012-07-11 14:18	440704	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-06-02 22:19 . 2012-06-19 16:15	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 16:15	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 16:14	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 16:14	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-19 16:15	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-19 16:15	2422272	----a-w-	c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-19 16:14	88576	----a-w-	c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-19 16:14	171904	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-19 16:14	33792	----a-w-	c:\windows\system32\wuapp.exe
2012-06-02 00:04 . 2012-07-11 14:18	278528	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 00:03 . 2012-07-11 14:18	204288	----a-w-	c:\windows\system32\ncrypt.dll
2012-05-31 10:25 . 2011-07-26 04:56	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-05-13 18:34 . 2012-02-09 12:49	83392	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-05-13 18:34 . 2012-02-09 12:49	137928	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-06-14 22:19 . 2012-07-13 20:11	85472	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-03 17417392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-26 13548064]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-26 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2012-07-13 1240848]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Clemens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 08:56	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 09:44]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-01 19:58]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-01 19:58]
.
2009-12-28 c:\windows\Tasks\Install_NSS.job
- c:\program files\DivX\Symantec\scstubinstaller.exe [2009-11-14 00:49]
.
2012-08-10 c:\windows\Tasks\SupBackGroundTask.job
- c:\program files\Samsung\Samsung Update Plus\SUPBackGround.exe [2008-10-27 12:26]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\Clemens\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Clemens\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Clemens\AppData\Roaming\Mozilla\Firefox\Profiles\djaak315.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-FUSSBALL MANAGER 2002 - c:\windows\unin0407.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-FIFA 12 REAL PERFORMANCE OPTIMIZER V. 1.0 BY DOCTOR+ PRODUCTIONS - c:\program files\EA Sports\FIFA 12\Uninstal_RPO.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-11 00:34
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-08-11  00:37:13
ComboFix-quarantined-files.txt  2012-08-10 22:37
.
Vor Suchlauf: 7 Verzeichnis(se), 83.179.651.072 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 82.244.694.016 Bytes frei
.
- - End Of File - - 0E6EB922D3BA0D4142FAE9EE10AB7E49
         
--- --- ---

gruß clemens

Alt 11.08.2012, 17:58   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Code:
ATTFilter
FIFA 12 REAL PERFORMANCE OPTIMIZER V. 1.0 BY DOCTOR+ PRODUCTIONS
         
Was ist das denn?!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.08.2012, 08:14   #21
heisinho
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Sorry war im Urlaub. Keine Ahnung. Hab ich mal runter geladen weil des Spiel net ruckelfrei lief. Das müsste aber virenfrei gewesen sein...

Alt 17.08.2012, 20:04   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.08.2012, 21:18   #23
heisinho
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:14:59 on 20.08.2012

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 13.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"SupBackGroundTask.job" - ? - C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe  (File found, but it contains no detailed information)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"iproset.cpl" - "Intel(R) Corporation" - C:\Windows\system32\iproset.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"PROSet Tools" - "Intel(R) Corporation" - C:\Windows\System32\iPROSet.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\Clemens\AppData\Local\Temp\catchme.sys  (File not found)
"cpuz132" (cpuz132) - ? - C:\Users\Clemens\AppData\Local\Temp\cpuz132\cpuz132_x32.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"mdf16" (mdf16) - ? - C:\Users\Clemens\AppData\Local\Temp\mdf16.sys  (File not found)
"mvd23" (mvd23) - ? - C:\Users\Clemens\AppData\Local\Temp\mvd23.sys  (File not found)
"Sony Ericsson Device 0016 driver (WDM)" (s0016bus) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016bus.sys
"Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)" (s0016nd5) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016nd5.sys
"Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)" (s0016unic) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016unic.sys
"Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)" (s0016mgmt) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016mgmt.sys
"Sony Ericsson Device 0016 USB WMC Modem Driver" (s0016mdm) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016mdm.sys
"Sony Ericsson Device 0016 USB WMC Modem Filter" (s0016mdfl) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016mdfl.sys
"Sony Ericsson Device 0016 USB WMC OBEX Interface" (s0016obex) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s0016obex.sys
"Sony Ericsson Device 816 driver (WDM)" (s816bus) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816bus.sys
"Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS)" (s816nd5) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816nd5.sys
"Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM)" (s816unic) - "MCCI" - C:\Windows\System32\DRIVERS\s816unic.sys
"Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM)" (s816mgmt) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816mgmt.sys
"Sony Ericsson Device 816 USB WMC Modem Driver" (s816mdm) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816mdm.sys
"Sony Ericsson Device 816 USB WMC Modem Filter" (s816mdfl) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816mdfl.sys
"Sony Ericsson Device 816 USB WMC OBEX Interface" (s816obex) - "MCCI Corporation" - C:\Windows\System32\DRIVERS\s816obex.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"uxtiafoc" (uxtiafoc) - ? - C:\Users\Clemens\AppData\Local\Temp\uxtiafoc.sys  (Hidden registry entry, rootkit activity | File not found)
"Vimicro Camera Service VMC326" (VMC326) - ? - C:\Windows\System32\Drivers\VMC326.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{79BC0345-1015-11D2-A299-006008312725} "///FAST project settings" - ? - C:\Program Files\Pinnacle\VideoSpin\Programs\BlueShellExt.dll  (File not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson Datei-Manager" - ? -   (File not found | COM-object registry key not found)
{6F5C0F40-1419-4DC8-8D2F-D5EC5FCF07AB} "Sprint.ExplorerIntegration.9" - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Integration\SprintIntegration.dll
{52B87208-9CCF-42C9-B88E-069281105805} "Trojan Remover Shell Extension" - "Simply Super Software" - C:\PROGRA~1\TROJAN~1\Trshlex.dll
{DBD8E168-244D-448C-9922-25508950D1DC} "Ulead UDF Driver" - ? -   (File not found | COM-object registry key not found)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_11_3_300_271.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
{0B4350D1-055F-47A3-B112-5F2F2B0D6F08} "ClsidExtension" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - ? - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - ? - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll  (File not found)
{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} "Google Gears Helper" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"TrojanScanner" - "Simply Super Software" - C:\Program Files\Trojan Remover\Trjscan.exe /boot

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"EPSON SX125 Series 32MonitorBE" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\E_FLBGGE.DLL
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"ABBYY FineReader 9.0 Sprint Licensing Service" (ABBYY.Licensing.FineReader.Sprint.9.0) - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
"Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
"Intel® PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
"Intel® PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
"iPod Service" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Samsung Drive Manager Service" (SZDrvSvc) - "Clarus, Inc." - C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe
"SQL Server (MSSMLBIZ)" (MSSQL$MSSMLBIZ) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
"SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
"SQL Server-Browser" (SQLBrowser) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
"SQL Server-Startdienst für Business Contact Manager" (BcmSqlStartupSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/code]

gmer log:
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-08-20 22:17:33
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0
Running: mymnwch0.exe; Driver: C:\Users\Clemens\AppData\Local\Temp\uxtiafoc.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0  Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1  Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
         
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-20 22:21:29
-----------------------------
22:21:29.836    OS Version: Windows 6.0.6002 Service Pack 2
22:21:29.836    Number of processors: 2 586 0xF0D
22:21:29.852    ComputerName: CLEMENS-PC  UserName: Clemens
22:22:17.328    Initialize success
22:24:40.639    AVAST engine defs: 12082000
22:25:15.905    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:25:15.905    Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
22:25:15.983    Disk 0 MBR read successfully
22:25:15.983    Disk 0 MBR scan
22:25:15.983    Disk 0 unknown MBR code
22:25:15.998    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10240 MB offset 2048
22:25:16.030    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       147548 MB offset 20973568
22:25:16.061    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       147455 MB offset 323151872
22:25:16.076    Disk 0 scanning sectors +625139712
22:25:16.154    Disk 0 scanning C:\Windows\system32\drivers
22:25:27.602    Service scanning
22:25:54.694    Modules scanning
22:25:59.482    Disk 0 trace - called modules:
22:25:59.513    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
22:25:59.513    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ca7ac8]
22:25:59.513    3 CLASSPNP.SYS[8b6a58b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85c43028]
22:26:00.886    AVAST engine scan C:\Windows
22:26:05.347    AVAST engine scan C:\Windows\system32
22:29:42.283    AVAST engine scan C:\Windows\system32\drivers
22:29:56.398    AVAST engine scan C:\Users\Clemens
22:33:40.056    AVAST engine scan C:\ProgramData
22:35:55.156    Scan finished successfully
22:37:30.344    Disk 0 MBR has been saved successfully to "C:\Users\Clemens\Desktop\MBR.dat"
22:37:30.344    The log file has been saved successfully to "C:\Users\Clemens\Desktop\aswMBR.txt"
         

Alt 21.08.2012, 12:41   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.

Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar.
Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast


Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

Anschließend Windows neu starten und ein neues Log mit aswMBR machen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.08.2012, 10:34   #25
heisinho
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Hab den Fix und im Anschluss nochmal einen Scan durchgeführt.
Hier die Logdatei:
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-28 10:30:17
-----------------------------
10:30:17.216    OS Version: Windows 6.0.6002 Service Pack 2
10:30:17.216    Number of processors: 2 586 0xF0D
10:30:17.216    ComputerName: CLEMENS-PC  UserName: Clemens
10:30:18.355    Initialize success
10:30:28.698    AVAST engine defs: 12082700
10:30:54.001    The log file has been saved successfully to "C:\Users\Clemens\Desktop\aswMBR2.txt"


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-28 10:30:17
-----------------------------
10:30:17.216    OS Version: Windows 6.0.6002 Service Pack 2
10:30:17.216    Number of processors: 2 586 0xF0D
10:30:17.216    ComputerName: CLEMENS-PC  UserName: Clemens
10:30:18.355    Initialize success
10:30:28.698    AVAST engine defs: 12082700
10:30:54.001    The log file has been saved successfully to "C:\Users\Clemens\Desktop\aswMBR2.txt"
10:31:24.099    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:31:24.099    Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
10:31:24.114    Disk 0 MBR read successfully
10:31:24.114    Disk 0 MBR scan
10:31:24.114    Disk 0 Windows VISTA default MBR code
10:31:24.130    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10240 MB offset 2048
10:31:24.146    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       147548 MB offset 20973568
10:31:24.161    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       147455 MB offset 323151872
10:31:24.177    Disk 0 scanning sectors +625139712
10:31:24.302    Disk 0 scanning C:\Windows\system32\drivers
10:32:17.572    Service scanning
10:34:19.579    Modules scanning
10:34:52.573    Disk 0 trace - called modules:
10:34:52.698    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
10:34:52.698    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86c275f8]
10:34:52.698    3 CLASSPNP.SYS[8b6a88b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85c07028]
10:35:02.588    AVAST engine scan C:\Windows
10:35:17.096    AVAST engine scan C:\Windows\system32
10:43:39.849    AVAST engine scan C:\Windows\system32\drivers
10:44:16.119    AVAST engine scan C:\Users\Clemens
11:03:05.403    AVAST engine scan C:\ProgramData
11:06:19.124    Scan finished successfully
11:29:30.644    Disk 0 MBR has been saved successfully to "C:\Users\Clemens\Desktop\MBR.dat"
11:29:30.660    The log file has been saved successfully to "C:\Users\Clemens\Desktop\aswMBR2.txt"
         
war das so richtig?

Gruß Clemens

Alt 30.08.2012, 19:05   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.08.2012, 17:56   #27
heisinho
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Code:
ATTFilter
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.31.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Clemens :: CLEMENS-PC [Administrator]

Schutz: Aktiviert

31.08.2012 11:41:12
mbam-log-2012-08-31 (11-41-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 408884
Laufzeit: 2 Stunde(n), 58 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
und...
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 08/31/2012 at 06:51 PM

Application Version : 5.5.1012

Core Rules Database Version : 9158
Trace Rules Database Version: 6970

Scan type       : Complete Scan
Total Scan Time : 04:09:31

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned      : 839
Memory threats detected   : 0
Registry items scanned    : 37005
Registry threats detected : 0
File items scanned        : 186224
File threats detected     : 127

Adware.Tracking Cookie
	C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\NQ2GXI2P.txt [ /mediaplex.com ]
	C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\KQWIVIKU.txt [ /doubleclick.net ]
	C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\BKO1KXCS.txt [ /atdmt.com ]
	C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\POFA9GIK.txt [ /apmebf.com ]
	C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\A8SZ723C.txt [ /ad1.adfarm1.adition.com ]
	C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\9Y652VEW.txt [ /ad.zanox.com ]
	C:\Users\Clemens\AppData\Roaming\Microsoft\Windows\Cookies\OGHUGUDC.txt [ /adfarm1.adition.com ]
	C:\USERS\CLEMENS\Cookies\NQ2GXI2P.txt [ Cookie:clemens@mediaplex.com/ ]
	C:\USERS\CLEMENS\Cookies\KQWIVIKU.txt [ Cookie:clemens@doubleclick.net/ ]
	C:\USERS\CLEMENS\Cookies\BKO1KXCS.txt [ Cookie:clemens@atdmt.com/ ]
	C:\USERS\CLEMENS\Cookies\POFA9GIK.txt [ Cookie:clemens@apmebf.com/ ]
	C:\USERS\CLEMENS\Cookies\A8SZ723C.txt [ Cookie:clemens@ad1.adfarm1.adition.com/ ]
	C:\USERS\CLEMENS\Cookies\9Y652VEW.txt [ Cookie:clemens@ad.zanox.com/ ]
	C:\USERS\CLEMENS\Cookies\OGHUGUDC.txt [ Cookie:clemens@adfarm1.adition.com/ ]
	.doubleclick.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.apmebf.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediaplex.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	eas.apm.emediate.eu [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	eas.apm.emediate.eu [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zanox-affiliate.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.xm.xtendmedia.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	eas.apm.emediate.eu [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ad.adnet.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ad.adnet.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.bs.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediaplex.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.etracker.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.etracker.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.traffictrack.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.zanox.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.webmasterplan.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.googleadservices.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.googleadservices.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.zanox.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.effiliation.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.effiliation.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.effiliation.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.effiliation.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.im.banner.t-online.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.bluestreak.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	rotator.adjuggler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	rotator.adjuggler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	rotator.adjuggler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	adsrv.admediate.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	adsrv.admediate.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	adsrv.admediate.net [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	tracking.mlsat02.de [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adfarm1.adition.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.statcounter.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.content.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.content.yieldmanager.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	rts.pgmediaserve.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	rts.pgmediaserve.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	rts.pgmediaserve.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	rts.pgmediaserve.com [ D:\USERS\CLEMENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	bc.youporn.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	files.youporn.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	ia.media-imdb.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	media.mtvnservices.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	media1.break.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	mediadb.kicker.de [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	objects.tremormedia.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	secure-us.imrworldwide.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	static.youporn.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	www.ardmediathek.de [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	www.naiadsystems.com [ D:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5DH2JU6C ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@FASTCLICK[1].TXT [ /FASTCLICK ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\CLEMENS@APMEBF[1].TXT [ /APMEBF ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@TRAFFICTRACK[1].TXT [ /TRAFFICTRACK ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@COLLECTIVE-MEDIA[2].TXT [ /COLLECTIVE-MEDIA ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@IM.BANNER.T-ONLINE[1].TXT [ /IM.BANNER.T-ONLINE ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ADS.CREATIVE-SERVING[1].TXT [ /ADS.CREATIVE-SERVING ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ADVIVA[1].TXT [ /ADVIVA ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@TRACKING.MLSAT02[1].TXT [ /TRACKING.MLSAT02 ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ZANOX-AFFILIATE[1].TXT [ /ZANOX-AFFILIATE ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@REVSCI[2].TXT [ /REVSCI ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ZANOX[1].TXT [ /ZANOX ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@ADFARM1.ADITION[1].TXT [ /ADFARM1.ADITION ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@2O7[2].TXT [ /2O7 ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@AD2.ADFARM1.ADITION[2].TXT [ /AD2.ADFARM1.ADITION ]
	D:\USERS\CLEMENS\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\CLEMENS@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
	.ice.112.2o7.net [ D:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ D:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ D:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	secure-uk.imrworldwide.com [ C:\USERS\CLEMENS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\D244CGX7 ]
	.imrworldwide.com [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	.premiumtv.122.2o7.net [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	.skydeutschland.122.2o7.net [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	tracking.sim-technik.de [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	www.etracker.de [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]
	.olympiaverlag.122.2o7.net [ C:\USERS\CLEMENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJAAK315.DEFAULT\COOKIES.SQLITE ]

Trojan.VXGame-Variant/D
	D:\USERS\CLEMENS\DOCUMENTS\SEMINAR TRAUNSTEIN\MATHEMATIK\STOFF\5. KLASSE\4.GEOMETRISCHE GRUNDFORMEN UND GEOMETRISCHE GRUNDBEGRIFFE\PC PROGRAMM KöRPER\SETUP.EXE
	C:\USERS\CLEMENS\DOCUMENTS\SEMINAR TRAUNSTEIN\MATHEMATIK\STOFF\5. KLASSE\4.GEOMETRISCHE GRUNDFORMEN UND GEOMETRISCHE GRUNDBEGRIFFE\PC PROGRAMM KöRPER\SETUP.EXE

Trojan.Agent/Gen-FakeAV
	C:\PROGRAM FILES\WINRAR\DEFAULT.SFX
         
soll ich die gefundenen threats nun löschen?

Geändert von heisinho (31.08.2012 um 18:09 Uhr)

Alt 31.08.2012, 20:18   #28
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Sieht ok aus, da wurden nur Cookies gefunden, der angebliche Fund bei WinRAR ist ein Fehalarm, die anderen zwei Funde sind auch Fehlalarme.
Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )


Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.09.2012, 15:58   #29
heisinho
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



VIELEN DANK!

Mein System ist wohl wieder in Ordnung! Danke auch für deine Tipps. Jetzt hätte ich noch ein paar Fragen.
Welches der ganzen installierten Programme zur Virenabwehr etc. sollte ich denn dauerhaft auf meinem Rechner lassen bzw. aktualisieren?
Mein WIndows-Sicherheitscenter zeigt mir an, dass keine Antivirussoftware auf dem Rechner ist, obwohl Avira installiert und aktiviert ist!? Warum?
Würdest du mir als Computerlaien zu linux ubuntu o.ä. raten?

Gruß Clemens

Alt 11.09.2012, 21:35   #30
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Search.searchcompletion.com übernimmt Google Suchmaschine - Standard

Search.searchcompletion.com übernimmt Google Suchmaschine



Zitat:
Würdest du mir als Computerlaien zu linux ubuntu o.ä. raten?
Auf jeden Fall! Allerdings musst du eine große Lernbereitschaft und Ausdauer mitbringen auch wenn sowas wie Ubuntu eine sehr einsteigerfreundliche Distro ist. Linux ist etwas völlig anderes als Windows. Aber wenn du es beherrscht, hast du das Heft in der Hand

Mehr dazu hier => Linux ist nicht Windows
Lies diesen langen Artikel aber später, erstmal solltest du dich um die Updates kümmern und Deinstallation unserer Tools kümmern.

Dann wären wir durch!

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.


Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.


Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks => Adobe Flash Player Distribution | Adobe

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Search.searchcompletion.com übernimmt Google Suchmaschine
.com, antivir, avira, bho, black, bonjour, converter, desktop, dringend, error, excel, firefox, flash player, google, google earth, home, iexplore.exe, install.exe, logfile, microsoft office 2003, mp3, office 2007, problem, realtek, safer networking, searchscopes, security, sketchup, software, suchmaschine, super, trojaner, videospin, vista



Ähnliche Themen: Search.searchcompletion.com übernimmt Google Suchmaschine


  1. Google Suchmaschine funktioniert nicht mehr Win32?
    Plagegeister aller Art und deren Bekämpfung - 20.11.2014 (4)
  2. isearch.searchcompletion.com (Search Completion) entfernen
    Anleitungen, FAQs & Links - 03.08.2014 (2)
  3. Windows 7: Snap.do und Search-Gol wird je nach User unter Firefox als Suchmaschine vorgeschlagen
    Log-Analyse und Auswertung - 14.10.2013 (9)
  4. Delta Search verändert Suchmaschine in Chrome
    Log-Analyse und Auswertung - 11.08.2013 (15)
  5. search.b1.org Suchmaschine / Hijacked?
    Log-Analyse und Auswertung - 27.04.2013 (9)
  6. Babylon Search Suchmaschine / PC lahmt / Malware?
    Plagegeister aller Art und deren Bekämpfung - 20.03.2013 (15)
  7. Chatzum als Suchmaschine in Google Chrome
    Plagegeister aller Art und deren Bekämpfung - 01.03.2013 (15)
  8. Startpins Suchmaschine anstatt Google
    Plagegeister aller Art und deren Bekämpfung - 24.02.2013 (17)
  9. StartPins.com als Suchmaschine statt Google bei Öffnen von neuem Tab
    Plagegeister aller Art und deren Bekämpfung - 23.12.2012 (3)
  10. U-Search und Startsear - in der Suchmaschine
    Plagegeister aller Art und deren Bekämpfung - 25.10.2012 (19)
  11. StartPins.com statt Google. Suchmaschine ausgetrickst.
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (9)
  12. AOL-Suchmaschine hängt sich in Google- und Yahoo-Suche ein
    Plagegeister aller Art und deren Bekämpfung - 01.10.2012 (64)
  13. search.searchcompletion.com hat meinen Firefox
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (27)
  14. Trojaner - 50 € zahlen + http://search.searchcompletion.com
    Log-Analyse und Auswertung - 15.01.2012 (3)
  15. Google wurde durch searchcompletion ersetzt
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (26)
  16. Searchcompletion.com hat mein Google übernommen
    Plagegeister aller Art und deren Bekämpfung - 24.09.2011 (34)
  17. Google übernimmt deutsches Unternehmen Zynamics
    Nachrichten - 02.03.2011 (0)

Zum Thema Search.searchcompletion.com übernimmt Google Suchmaschine - Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis : Bitte den Virenscanner abstellen bevor du den - Search.searchcompletion.com übernimmt Google Suchmaschine...
Archiv
Du betrachtest: Search.searchcompletion.com übernimmt Google Suchmaschine auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.