MyStart Incredibar in Firefox, IE und Chrome

hoochiecoo · 05.08.2012, 16:17

Code:

ATTFilter

17:10:39.0101 7460	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:10:39.0284 7460	============================================================
17:10:39.0284 7460	Current date / time: 2012/08/05 17:10:39.0284
17:10:39.0284 7460	SystemInfo:
17:10:39.0284 7460	
17:10:39.0284 7460	OS Version: 6.0.6002 ServicePack: 2.0
17:10:39.0284 7460	Product type: Workstation
17:10:39.0284 7460	ComputerName: +++
17:10:39.0284 7460	UserName: ***
17:10:39.0284 7460	Windows directory: C:\Windows
17:10:39.0284 7460	System windows directory: C:\Windows
17:10:39.0284 7460	Processor architecture: Intel x86
17:10:39.0284 7460	Number of processors: 2
17:10:39.0284 7460	Page size: 0x1000
17:10:39.0284 7460	Boot type: Normal boot
17:10:39.0284 7460	============================================================
17:10:39.0760 7460	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:10:39.0788 7460	============================================================
17:10:39.0788 7460	\Device\Harddisk0\DR0:
17:10:39.0793 7460	MBR partitions:
17:10:39.0793 7460	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37B8418F
17:10:39.0817 7460	\Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x37B8420D, BlocksNum 0x2800A34
17:10:39.0817 7460	============================================================
17:10:39.0859 7460	C: <-> \Device\Harddisk0\DR0\Partition0
17:10:39.0876 7460	D: <-> \Device\Harddisk0\DR0\Partition1
17:10:39.0876 7460	============================================================
17:10:39.0876 7460	Initialize success
17:10:39.0876 7460	============================================================
17:11:28.0187 6512	============================================================
17:11:28.0187 6512	Scan started
17:11:28.0187 6512	Mode: Manual; SigCheck; TDLFS; 
17:11:28.0187 6512	============================================================
17:11:31.0978 6512	3xHybrid        (55e1acba424e14af3523df741d86f60a) C:\Windows\system32\DRIVERS\3xHybrid.sys
17:11:32.0368 6512	3xHybrid - ok
17:11:32.0431 6512	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:11:32.0462 6512	ACPI - ok
17:11:32.0977 6512	ACPService      (41ee3d758bd1b7acd04136a58b753342) C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe
17:11:33.0008 6512	ACPService ( UnsignedFile.Multi.Generic ) - warning
17:11:33.0008 6512	ACPService - detected UnsignedFile.Multi.Generic (1)
17:11:33.0070 6512	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
17:11:33.0211 6512	adp94xx - ok
17:11:33.0242 6512	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
17:11:33.0273 6512	adpahci - ok
17:11:33.0289 6512	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
17:11:33.0304 6512	adpu160m - ok
17:11:33.0351 6512	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
17:11:33.0367 6512	adpu320 - ok
17:11:33.0413 6512	AeLookupSvc     (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
17:11:33.0554 6512	AeLookupSvc - ok
17:11:33.0616 6512	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
17:11:33.0694 6512	AFD - ok
17:11:33.0913 6512	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:11:33.0944 6512	aic78xx - ok
17:11:34.0084 6512	AlertService    (cf86f64a1aea27e5fa97e697bf70346d) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
17:11:34.0100 6512	AlertService - ok
17:11:34.0131 6512	ALG             (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
17:11:34.0256 6512	ALG - ok
17:11:34.0287 6512	aliide          (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys
17:11:34.0303 6512	aliide - ok
17:11:34.0349 6512	AMD External Events Utility (b90a4332cf4c6580c845266a656de4ab) C:\Windows\system32\atiesrxx.exe
17:11:34.0396 6512	AMD External Events Utility - ok
17:11:34.0443 6512	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
17:11:34.0459 6512	amdagp - ok
17:11:34.0474 6512	amdide          (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys
17:11:34.0490 6512	amdide - ok
17:11:34.0521 6512	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
17:11:34.0677 6512	AmdK7 - ok
17:11:34.0942 6512	AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
17:11:35.0036 6512	AmdK8 - ok
17:11:36.0611 6512	amdkmdag        (7844984a5e1e6f18d93af9e9bcc65436) C:\Windows\system32\DRIVERS\atikmdag.sys
17:11:38.0998 6512	amdkmdag - ok
17:11:39.0185 6512	amdkmdap        (202def509d76105b08741d36c3a7e4d7) C:\Windows\system32\DRIVERS\atikmpag.sys
17:11:39.0232 6512	amdkmdap - ok
17:11:39.0544 6512	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:11:39.0575 6512	AntiVirSchedulerService - ok
17:11:39.0622 6512	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:11:39.0622 6512	AntiVirService - ok
17:11:39.0669 6512	Appinfo         (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
17:11:39.0700 6512	Appinfo - ok
17:11:39.0763 6512	Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:11:39.0778 6512	Apple Mobile Device - ok
17:11:39.0794 6512	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
17:11:39.0809 6512	arc - ok
17:11:39.0841 6512	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
17:11:39.0841 6512	arcsas - ok
17:11:40.0277 6512	aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:11:40.0293 6512	aspnet_state - ok
17:11:40.0324 6512	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
17:11:40.0355 6512	AsyncMac - ok
17:11:40.0402 6512	atapi           (78620bda3ec87816e5d1fa86f920bc3a) C:\Windows\system32\drivers\atapi.sys
17:11:40.0418 6512	atapi - ok
17:11:40.0480 6512	AtiHDAudioService (35290682dbdb9cede934b73369f3cede) C:\Windows\system32\drivers\AtihdLH3.sys
17:11:40.0496 6512	AtiHDAudioService - ok
17:11:40.0558 6512	AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
17:11:40.0605 6512	AudioEndpointBuilder - ok
17:11:40.0605 6512	Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
17:11:40.0636 6512	Audiosrv - ok
17:11:40.0683 6512	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
17:11:40.0699 6512	avgntflt - ok
17:11:40.0745 6512	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
17:11:40.0761 6512	avipbb - ok
17:11:40.0777 6512	avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS\avkmgr.sys
17:11:40.0792 6512	avkmgr - ok
17:11:40.0823 6512	avmaudio        (728c4a6c722535c16d1025f51aa31e22) C:\Windows\system32\DRIVERS\avmaudio.sys
17:11:40.0979 6512	avmaudio - ok
17:11:41.0026 6512	avmaura         (728c4a6c722535c16d1025f51aa31e22) C:\Windows\system32\DRIVERS\avmaura.sys
17:11:41.0042 6512	avmaura - ok
17:11:41.0073 6512	AVMCOWAN        (5685e9f471135e6675d981d5d45c9935) C:\Windows\system32\DRIVERS\AVMCOWAN.sys
17:11:41.0135 6512	AVMCOWAN - ok
17:11:41.0182 6512	AVMPORT         (7b32c08ce3bea2efe7493353fd23e2be) C:\Windows\system32\drivers\avmport.sys
17:11:41.0198 6512	AVMPORT - ok
17:11:41.0229 6512	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
17:11:41.0260 6512	Beep - ok
17:11:41.0307 6512	BFE             (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
17:11:41.0338 6512	BFE - ok
17:11:41.0416 6512	BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
17:11:41.0525 6512	BITS - ok
17:11:41.0525 6512	blbdrive - ok
17:11:41.0681 6512	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
17:11:41.0697 6512	Bonjour Service - ok
17:11:41.0744 6512	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
17:11:41.0775 6512	bowser - ok
17:11:41.0822 6512	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
17:11:41.0837 6512	BrFiltLo - ok
17:11:41.0853 6512	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
17:11:41.0869 6512	BrFiltUp - ok
17:11:41.0900 6512	Browser         (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
17:11:41.0962 6512	Browser - ok
17:11:41.0993 6512	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:11:42.0040 6512	Brserid - ok
17:11:42.0056 6512	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:11:42.0103 6512	BrSerWdm - ok
17:11:42.0118 6512	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:11:42.0165 6512	BrUsbMdm - ok
17:11:42.0196 6512	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
17:11:42.0227 6512	BrUsbSer - ok
17:11:42.0259 6512	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
17:11:42.0290 6512	BTHMODEM - ok
17:11:42.0352 6512	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
17:11:42.0368 6512	cdfs - ok
17:11:42.0399 6512	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
17:11:42.0430 6512	cdrom - ok
17:11:42.0477 6512	CertPropSvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
17:11:42.0508 6512	CertPropSvc - ok
17:11:42.0555 6512	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
17:11:42.0602 6512	circlass - ok
17:11:42.0649 6512	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
17:11:42.0680 6512	CLFS - ok
17:11:42.0727 6512	clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:11:42.0742 6512	clr_optimization_v2.0.50727_32 - ok
17:11:42.0820 6512	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:11:42.0851 6512	clr_optimization_v4.0.30319_32 - ok
17:11:42.0867 6512	cmdide          (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys
17:11:42.0883 6512	cmdide - ok
17:11:42.0898 6512	Compbatt        (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
17:11:42.0914 6512	Compbatt - ok
17:11:42.0914 6512	COMSysApp - ok
17:11:42.0992 6512	cpudrv          (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
17:11:43.0007 6512	cpudrv - ok
17:11:43.0007 6512	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
17:11:43.0023 6512	crcdisk - ok
17:11:43.0039 6512	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
17:11:43.0070 6512	Crusoe - ok
17:11:43.0132 6512	CryptSvc        (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
17:11:43.0163 6512	CryptSvc - ok
17:11:43.0241 6512	DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
17:11:43.0366 6512	DcomLaunch - ok
17:11:43.0397 6512	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
17:11:43.0444 6512	DfsC - ok
17:11:43.0553 6512	DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
17:11:43.0709 6512	DFSR - ok
17:11:43.0819 6512	Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
17:11:43.0850 6512	Dhcp - ok
17:11:43.0897 6512	DHTRACE         (2c56880d37785cf2c07b0309cebb0a7d) C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
17:11:43.0912 6512	DHTRACE - ok
17:11:43.0975 6512	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
17:11:43.0990 6512	disk - ok
17:11:44.0037 6512	Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
17:11:44.0053 6512	Dnscache - ok
17:11:44.0099 6512	dot3svc         (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
17:11:44.0131 6512	dot3svc - ok
17:11:44.0177 6512	Dot4            (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
17:11:44.0209 6512	Dot4 - ok
17:11:44.0240 6512	Dot4Print       (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:11:44.0271 6512	Dot4Print - ok
17:11:44.0318 6512	dot4usb         (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
17:11:44.0333 6512	dot4usb - ok
17:11:44.0380 6512	DPS             (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
17:11:44.0411 6512	DPS - ok
17:11:44.0474 6512	DQLWinService   (28b42d80ce943a98c6bcea67263cbdff) C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
17:11:44.0489 6512	DQLWinService ( UnsignedFile.Multi.Generic ) - warning
17:11:44.0489 6512	DQLWinService - detected UnsignedFile.Multi.Generic (1)
17:11:44.0505 6512	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
17:11:44.0536 6512	drmkaud - ok
17:11:44.0848 6512	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
17:11:44.0895 6512	DXGKrnl - ok
17:11:44.0957 6512	e1express       (2269390a8af6e2c1c381cc15afccf0ac) C:\Windows\system32\DRIVERS\e1e6032.sys
17:11:44.0973 6512	e1express - ok
17:11:45.0004 6512	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:11:45.0067 6512	E1G60 - ok
17:11:45.0113 6512	EapHost         (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
17:11:45.0129 6512	EapHost - ok
17:11:45.0191 6512	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
17:11:45.0207 6512	Ecache - ok
17:11:45.0441 6512	ehRecvr         (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
17:11:45.0488 6512	ehRecvr - ok
17:11:45.0519 6512	ehSched         (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
17:11:45.0566 6512	ehSched - ok
17:11:45.0581 6512	ehstart         (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
17:11:45.0597 6512	ehstart - ok
17:11:45.0644 6512	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
17:11:45.0659 6512	elxstor - ok
17:11:45.0722 6512	EMDMgmt         (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
17:11:45.0784 6512	EMDMgmt - ok
17:11:46.0268 6512	EventSystem     (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
17:11:46.0283 6512	EventSystem - ok
17:11:46.0346 6512	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
17:11:46.0408 6512	exfat - ok
17:11:46.0439 6512	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
17:11:46.0455 6512	fastfat - ok
17:11:46.0471 6512	fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
17:11:46.0517 6512	fdc - ok
17:11:46.0595 6512	fdPHost         (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
17:11:46.0627 6512	fdPHost - ok
17:11:46.0642 6512	FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
17:11:46.0751 6512	FDResPub - ok
17:11:46.0783 6512	FETNDIS         (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
17:11:46.0829 6512	FETNDIS - ok
17:11:46.0861 6512	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
17:11:46.0876 6512	FileInfo - ok
17:11:46.0985 6512	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
17:11:47.0032 6512	Filetrace - ok
17:11:47.0266 6512	FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\ALDI Foto Service Nord\Common\Database\bin\fbserver.exe
17:11:47.0344 6512	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
17:11:47.0344 6512	FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
17:11:47.0625 6512	flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
17:11:47.0672 6512	flpydisk - ok
17:11:47.0719 6512	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
17:11:47.0765 6512	FltMgr - ok
17:11:47.0875 6512	FontCache       (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
17:11:48.0124 6512	FontCache - ok
17:11:48.0311 6512	FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:11:48.0327 6512	FontCache3.0.0.0 - ok
17:11:49.0013 6512	FPCIBASE        (25baa9e7e21ca204b3202637c4f0d44e) C:\Windows\system32\DRIVERS\fpcibase.sys
17:11:49.0045 6512	FPCIBASE - ok
17:11:49.0107 6512	Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
17:11:49.0138 6512	Fs_Rec - ok
17:11:49.0185 6512	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
17:11:49.0201 6512	gagp30kx - ok
17:11:49.0247 6512	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:11:49.0263 6512	GEARAspiWDM - ok
17:11:49.0325 6512	GnabService     (51b2d8629e1a0f463682f365d56325cb) c:\program files\common files\gnab\service\servicecontroller.exe
17:11:49.0341 6512	GnabService ( UnsignedFile.Multi.Generic ) - warning
17:11:49.0341 6512	GnabService - detected UnsignedFile.Multi.Generic (1)
17:11:49.0388 6512	gpsvc           (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
17:11:49.0435 6512	gpsvc - ok
17:11:49.0513 6512	gupdate         (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
17:11:49.0528 6512	gupdate - ok
17:11:49.0544 6512	gupdatem        (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
17:11:49.0559 6512	gupdatem - ok
17:11:49.0606 6512	HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
17:11:49.0653 6512	HdAudAddService - ok
17:11:49.0715 6512	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:11:49.0840 6512	HDAudBus - ok
17:11:49.0887 6512	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
17:11:49.0934 6512	HidBth - ok
17:11:49.0996 6512	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
17:11:50.0043 6512	HidIr - ok
17:11:50.0074 6512	hidserv         (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
17:11:50.0090 6512	hidserv - ok
17:11:50.0152 6512	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
17:11:50.0183 6512	HidUsb - ok
17:11:50.0215 6512	hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
17:11:50.0246 6512	hkmsvc - ok
17:11:50.0308 6512	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
17:11:50.0324 6512	HpCISSs - ok
17:11:50.0573 6512	hpqcxs08        (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
17:11:50.0573 6512	hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:11:50.0573 6512	hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:11:50.0620 6512	hpqddsvc        (7da3211ac63edd90b8eca1ca1abfd43b) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
17:11:50.0636 6512	hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:11:50.0636 6512	hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:11:50.0698 6512	HPSLPSVC        (14229263aa19c704e0d6d2e7404a8455) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
17:11:50.0714 6512	HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:11:50.0714 6512	HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:11:51.0463 6512	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
17:11:51.0619 6512	HTTP - ok
17:11:51.0634 6512	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
17:11:51.0650 6512	i2omp - ok
17:11:51.0712 6512	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
17:11:51.0728 6512	i8042prt - ok
17:11:51.0915 6512	IAANTMON        (9bcf5972c941b4b5cb60ded03cb9e300) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
17:11:51.0946 6512	IAANTMON - ok
17:11:51.0977 6512	iaStor          (28aae599496b4930b3f19026f2083bc4) C:\Windows\system32\DRIVERS\iaStor.sys
17:11:51.0993 6512	iaStor - ok
17:11:52.0071 6512	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
17:11:52.0087 6512	iaStorV - ok
17:11:52.0211 6512	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
17:11:52.0211 6512	IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:11:52.0211 6512	IDriverT - detected UnsignedFile.Multi.Generic (1)
17:11:52.0321 6512	idsvc           (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:11:52.0586 6512	idsvc - ok
17:11:52.0679 6512	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:11:52.0695 6512	iirsp - ok
17:11:52.0757 6512	IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
17:11:52.0789 6512	IKEEXT - ok
17:11:52.0913 6512	IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys
17:11:53.0491 6512	IntcAzAudAddService - ok
17:11:53.0615 6512	IntelDH         (7f440f8ced849fcdfa85bb3521b4f048) C:\Windows\system32\Drivers\IntelDH.sys
17:11:53.0631 6512	IntelDH - ok
17:11:53.0662 6512	intelide        (e5ea1c17da5065032e346591ff64f3af) C:\Windows\system32\drivers\intelide.sys
17:11:53.0678 6512	intelide - ok
17:11:53.0709 6512	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
17:11:53.0740 6512	intelppm - ok
17:11:53.0771 6512	IPBusEnum       (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
17:11:53.0803 6512	IPBusEnum - ok
17:11:53.0818 6512	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:11:53.0849 6512	IpFilterDriver - ok
17:11:53.0881 6512	iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
17:11:53.0927 6512	iphlpsvc - ok
17:11:53.0943 6512	IpInIp - ok
17:11:53.0974 6512	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
17:11:54.0021 6512	IPMIDRV - ok
17:11:54.0052 6512	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
17:11:54.0083 6512	IPNAT - ok
17:11:54.0161 6512	iPod Service    (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
17:11:54.0271 6512	iPod Service - ok
17:11:54.0302 6512	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
17:11:54.0317 6512	IRENUM - ok
17:11:54.0349 6512	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
17:11:54.0364 6512	isapnp - ok
17:11:54.0395 6512	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
17:11:54.0427 6512	iScsiPrt - ok
17:11:54.0489 6512	ISODrive        (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys
17:11:54.0505 6512	ISODrive - ok
17:11:54.0583 6512	ISSM            (50adb2883f8874aa6632a67cd410f27f) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
17:11:54.0583 6512	ISSM - ok
17:11:54.0598 6512	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:11:54.0614 6512	iteatapi - ok
17:11:54.0629 6512	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:11:54.0645 6512	iteraid - ok
17:11:54.0676 6512	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:11:54.0692 6512	kbdclass - ok
17:11:54.0723 6512	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
17:11:54.0739 6512	kbdhid - ok
17:11:54.0754 6512	KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
17:11:54.0801 6512	KeyIso - ok
17:11:54.0863 6512	KSecDD          (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
17:11:54.0895 6512	KSecDD - ok
17:11:54.0957 6512	KtmRm           (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
17:11:55.0082 6512	KtmRm - ok
17:11:55.0144 6512	LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
17:11:55.0207 6512	LanmanServer - ok
17:11:55.0253 6512	LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
17:11:55.0300 6512	LanmanWorkstation - ok
17:11:55.0519 6512	LBTServ         (45b7d6bd6f59cba3fb6bf202223f4264) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
17:11:55.0534 6512	LBTServ - ok
17:11:55.0597 6512	LHidFilt        (dd83dc92463fce6324fd30a13d17d0da) C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:11:55.0612 6512	LHidFilt - ok
17:11:55.0643 6512	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
17:11:55.0659 6512	lltdio - ok
17:11:55.0784 6512	lltdsvc         (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
17:11:55.0846 6512	lltdsvc - ok
17:11:55.0893 6512	lmhosts         (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
17:11:55.0955 6512	lmhosts - ok
17:11:55.0987 6512	LMouFilt        (8fe0008e183ff0293a925b78a5581c5f) C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:11:56.0002 6512	LMouFilt - ok
17:11:56.0018 6512	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
17:11:56.0033 6512	LSI_FC - ok
17:11:56.0049 6512	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
17:11:56.0065 6512	LSI_SAS - ok
17:11:56.0096 6512	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
17:11:56.0111 6512	LSI_SCSI - ok
17:11:56.0127 6512	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
17:11:56.0158 6512	luafv - ok
17:11:56.0299 6512	M1 Server       (9a3741d5412ab81b86992915e3ecd3e9) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
17:11:56.0330 6512	M1 Server - ok
17:11:56.0361 6512	MBAMProtector   (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
17:11:56.0377 6512	MBAMProtector - ok
17:11:56.0439 6512	MBAMService     (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:11:56.0470 6512	MBAMService - ok
17:11:56.0595 6512	MCLServiceATL   (6ad27b01272f966c9611a398961fcf15) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
17:11:56.0611 6512	MCLServiceATL - ok
17:11:56.0657 6512	Mcx2Svc         (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
17:11:56.0689 6512	Mcx2Svc - ok
17:11:56.0782 6512	MDM             (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
17:11:56.0813 6512	MDM - ok
17:11:56.0876 6512	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
17:11:56.0891 6512	megasas - ok
17:11:56.0923 6512	MFX             (50dfcd9043bc5b019e7e97295b47735b) C:\Windows\system32\drivers\MFX.sys
17:11:56.0923 6512	Suspicious file (Hidden): C:\Windows\system32\drivers\MFX.sys. md5: 50dfcd9043bc5b019e7e97295b47735b
17:11:56.0923 6512	MFX ( HiddenFile.Multi.Generic ) - warning
17:11:56.0923 6512	MFX - detected HiddenFile.Multi.Generic (1)
17:11:56.0938 6512	MMCSS           (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
17:11:56.0985 6512	MMCSS - ok
17:11:57.0063 6512	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
17:11:57.0094 6512	Modem - ok
17:11:57.0141 6512	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
17:11:57.0157 6512	monitor - ok
17:11:57.0188 6512	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
17:11:57.0203 6512	mouclass - ok
17:11:57.0219 6512	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
17:11:57.0250 6512	mouhid - ok
17:11:57.0297 6512	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
17:11:57.0313 6512	MountMgr - ok
17:11:57.0375 6512	MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:11:57.0391 6512	MozillaMaintenance - ok
17:11:57.0422 6512	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
17:11:57.0437 6512	mpio - ok
17:11:57.0469 6512	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
17:11:57.0484 6512	mpsdrv - ok
17:11:57.0874 6512	MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
17:11:57.0983 6512	MpsSvc - ok
17:11:58.0030 6512	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:11:58.0030 6512	Mraid35x - ok
17:11:58.0077 6512	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
17:11:58.0108 6512	MRxDAV - ok
17:11:58.0155 6512	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:11:58.0186 6512	mrxsmb - ok
17:11:58.0280 6512	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:11:58.0311 6512	mrxsmb10 - ok
17:11:58.0342 6512	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:11:58.0358 6512	mrxsmb20 - ok
17:11:58.0389 6512	msahci          (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys
17:11:58.0389 6512	msahci - ok
17:11:58.0420 6512	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
17:11:58.0436 6512	msdsm - ok
17:11:58.0670 6512	MSDTC           (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
17:11:58.0701 6512	MSDTC - ok
17:11:58.0748 6512	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
17:11:58.0763 6512	Msfs - ok
17:11:58.0810 6512	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
17:11:58.0826 6512	msisadrv - ok
17:11:58.0904 6512	MSiSCSI         (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
17:11:58.0966 6512	MSiSCSI - ok
17:11:58.0982 6512	msiserver - ok
17:11:59.0075 6512	MSI_DVD_010507  (09a00b8c911d32a0cfeb747be9ce5dab) C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys
17:11:59.0091 6512	MSI_DVD_010507 - ok
17:11:59.0107 6512	MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys
17:11:59.0122 6512	MSI_MSIBIOS_010507 - ok
17:11:59.0153 6512	MSI_VGASYS_010507 (8d603678c3961bed302163964ad6a38e) C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys
17:11:59.0153 6512	MSI_VGASYS_010507 - ok
17:11:59.0185 6512	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
17:11:59.0216 6512	MSKSSRV - ok
17:11:59.0247 6512	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
17:11:59.0278 6512	MSPCLOCK - ok
17:11:59.0341 6512	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
17:11:59.0356 6512	MSPQM - ok
17:11:59.0403 6512	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
17:11:59.0419 6512	MsRPC - ok
17:11:59.0434 6512	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
17:11:59.0450 6512	mssmbios - ok
17:11:59.0465 6512	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
17:11:59.0481 6512	MSTEE - ok
17:11:59.0559 6512	MTOnlPktAlyX    (036300114255b3c78bfb616ce8bc7ad9) C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
17:11:59.0575 6512	MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - warning
17:11:59.0575 6512	MTOnlPktAlyX - detected UnsignedFile.Multi.Generic (1)
17:11:59.0590 6512	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
17:11:59.0606 6512	Mup - ok
17:11:59.0653 6512	napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
17:11:59.0668 6512	napagent - ok
17:11:59.0715 6512	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
17:11:59.0746 6512	NativeWifiP - ok
17:11:59.0809 6512	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
17:11:59.0855 6512	NDIS - ok
17:11:59.0887 6512	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
17:11:59.0902 6512	NdisTapi - ok
17:11:59.0933 6512	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
17:11:59.0965 6512	Ndisuio - ok
17:11:59.0996 6512	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:12:00.0027 6512	NdisWan - ok
17:12:00.0058 6512	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
17:12:00.0089 6512	NDProxy - ok
17:12:00.0230 6512	Nero BackItUp Scheduler 3 (78073f606ae3b24f6c1f555759aa8511) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
17:12:00.0277 6512	Nero BackItUp Scheduler 3 - ok
17:12:00.0401 6512	Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
17:12:00.0401 6512	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:12:00.0401 6512	Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:12:00.0448 6512	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
17:12:00.0479 6512	NetBIOS - ok
17:12:00.0526 6512	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
17:12:00.0557 6512	netbt - ok
17:12:00.0589 6512	Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
17:12:00.0604 6512	Netlogon - ok
17:12:00.0635 6512	Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
17:12:00.0682 6512	Netman - ok
17:12:00.0745 6512	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:12:00.0776 6512	NetMsmqActivator - ok
17:12:00.0776 6512	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:12:00.0791 6512	NetPipeActivator - ok
17:12:00.0823 6512	netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
17:12:00.0869 6512	netprofm - ok
17:12:00.0901 6512	netr28u         (9ba2f93e4f01ec58e722b36639e0ce5d) C:\Windows\system32\DRIVERS\netr28u.sys
17:12:00.0947 6512	netr28u - ok
17:12:00.0947 6512	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:12:00.0963 6512	NetTcpActivator - ok
17:12:00.0963 6512	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:12:00.0979 6512	NetTcpPortSharing - ok
17:12:01.0010 6512	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:12:01.0025 6512	nfrd960 - ok
17:12:01.0072 6512	NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
17:12:01.0103 6512	NlaSvc - ok
17:12:01.0244 6512	NMIndexingService (62f68443d244024845b875b44d76a92f) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
17:12:01.0259 6512	NMIndexingService - ok
17:12:01.0322 6512	NMSCore         (5384d7a64e7b6011e98d68f69dcfc980) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
17:12:01.0337 6512	NMSCore - ok
17:12:01.0384 6512	nmsunidr        (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\nmsunidr.sys
17:12:01.0415 6512	nmsunidr - ok
17:12:01.0431 6512	nmwcd           (f6c40e0a565ee3ce5aeeb325e10054f2) C:\Windows\system32\drivers\ccdcmb.sys
17:12:01.0493 6512	nmwcd - ok
17:12:01.0556 6512	nmwcdc          (2a394e9e1fa3565e4b2fea470ffe4d6b) C:\Windows\system32\drivers\ccdcmbo.sys
17:12:01.0587 6512	nmwcdc - ok
17:12:01.0603 6512	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
17:12:01.0634 6512	Npfs - ok
17:12:01.0665 6512	nsi             (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
17:12:01.0712 6512	nsi - ok
17:12:01.0759 6512	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
17:12:01.0790 6512	nsiproxy - ok
17:12:01.0868 6512	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
17:12:01.0946 6512	Ntfs - ok
17:12:02.0055 6512	NTIOLib_1_0_4 - ok
17:12:02.0133 6512	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:12:02.0180 6512	ntrigdigi - ok
17:12:02.0227 6512	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
17:12:02.0242 6512	Null - ok
17:12:10.0916 6512	nvlddmkm        (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:12:11.0992 6512	nvlddmkm - ok
17:12:12.0101 6512	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
17:12:12.0117 6512	nvraid - ok
17:12:12.0133 6512	nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
17:12:12.0148 6512	nvstor - ok
17:12:12.0195 6512	nvsvc           (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
17:12:12.0273 6512	nvsvc - ok
17:12:12.0320 6512	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
17:12:12.0351 6512	nv_agp - ok
17:12:12.0351 6512	NwlnkFlt - ok
17:12:12.0367 6512	NwlnkFwd - ok
17:12:12.0413 6512	ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
17:12:12.0429 6512	ohci1394 - ok
17:12:12.0491 6512	p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
17:12:12.0601 6512	p2pimsvc - ok
17:12:12.0601 6512	p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
17:12:12.0710 6512	p2psvc - ok
17:12:12.0741 6512	PalmUSBD        (dc450992eba6f914080c1f7fbeeed72c) C:\Windows\system32\drivers\PalmUSBD.sys
17:12:12.0757 6512	PalmUSBD - ok
17:12:12.0788 6512	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys
17:12:12.0835 6512	Parport - ok
17:12:12.0866 6512	partmgr         (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
17:12:12.0881 6512	partmgr - ok
17:12:12.0881 6512	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys
17:12:12.0928 6512	Parvdm - ok
17:12:12.0959 6512	PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
17:12:13.0006 6512	PcaSvc - ok
17:12:13.0053 6512	pccsmcfd        (f451dcacbaa67f3307305ebd4a39ea07) C:\Windows\system32\DRIVERS\pccsmcfd.sys
17:12:13.0115 6512	pccsmcfd - ok
17:12:13.0193 6512	PCD65X2 - ok
17:12:13.0225 6512	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
17:12:13.0256 6512	pci - ok
17:12:13.0271 6512	pciide          (304048c2565a803d091cca1ac945f593) C:\Windows\system32\drivers\pciide.sys
17:12:13.0287 6512	pciide - ok
17:12:13.0318 6512	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
17:12:13.0349 6512	pcmcia - ok
17:12:13.0412 6512	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:12:13.0490 6512	PEAUTH - ok
17:12:13.0568 6512	PGPdisk         (61d8b94b1d60e792c904362595302acd) C:\Windows\system32\drivers\PGPdisk.sys
17:12:13.0599 6512	PGPdisk - ok
17:12:13.0630 6512	pgpfs           (da001ef36cb465a2a9644c13fa7459ce) C:\Windows\system32\Drivers\PGPfsfd.sys
17:12:13.0646 6512	pgpfs - ok
17:12:13.0661 6512	PGPsdkDriver    (2cc45ea86dddc3a3fd3e022782d91f0b) C:\Windows\system32\Drivers\PGPsdk.sys
17:12:13.0677 6512	PGPsdkDriver - ok
17:12:13.0693 6512	PGPserv         (ea29f4eddd7a2de3591bbf14fe84fe0d) C:\Windows\system32\PGPserv.exe
17:12:13.0708 6512	PGPserv - ok
17:12:13.0739 6512	PGPwded         (359e8e2d287d0708d543f29e6b792423) C:\Windows\system32\drivers\PGPwded.sys
17:12:13.0771 6512	PGPwded - ok
17:12:13.0817 6512	phaudlwr        (427e58b9357fba0fdcec08f3930a7325) C:\Windows\system32\DRIVERS\phaudlwr.sys
17:12:13.0833 6512	phaudlwr - ok
17:12:13.0927 6512	pla             (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
17:12:13.0973 6512	pla - ok
17:12:14.0083 6512	PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
17:12:14.0114 6512	PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
17:12:14.0114 6512	PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
17:12:14.0145 6512	PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
17:12:14.0192 6512	PlugPlay - ok
17:12:14.0254 6512	Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
17:12:14.0254 6512	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:12:14.0254 6512	Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:12:14.0317 6512	PNRPAutoReg     (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
17:12:14.0395 6512	PNRPAutoReg - ok
17:12:14.0410 6512	PNRPsvc         (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
17:12:14.0457 6512	PNRPsvc - ok
17:12:14.0504 6512	PolicyAgent     (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
17:12:14.0551 6512	PolicyAgent - ok
17:12:14.0769 6512	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
17:12:14.0816 6512	PptpMiniport - ok
17:12:14.0847 6512	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
17:12:14.0909 6512	Processor - ok
17:12:15.0362 6512	ProfSvc         (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
17:12:15.0393 6512	ProfSvc - ok
17:12:15.0455 6512	ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
17:12:15.0487 6512	ProtectedStorage - ok
17:12:15.0533 6512	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
17:12:15.0565 6512	PSched - ok
17:12:15.0627 6512	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
17:12:15.0674 6512	ql2300 - ok
17:12:15.0767 6512	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:12:15.0799 6512	ql40xx - ok
17:12:16.0251 6512	QualityManager  (938a882b718866e24ca5f71dfc925866) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
17:12:16.0282 6512	QualityManager - ok
17:12:16.0313 6512	QWAVE           (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
17:12:16.0360 6512	QWAVE - ok
17:12:16.0391 6512	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
17:12:16.0407 6512	QWAVEdrv - ok
17:12:19.0449 6512	R300            (7844984a5e1e6f18d93af9e9bcc65436) C:\Windows\system32\DRIVERS\atikmdag.sys
17:12:19.0636 6512	R300 - ok
17:12:19.0792 6512	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
17:12:19.0808 6512	RasAcd - ok
17:12:19.0855 6512	RasAuto         (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
17:12:19.0901 6512	RasAuto - ok
17:12:19.0917 6512	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:12:19.0948 6512	Rasl2tp - ok
17:12:19.0995 6512	RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
17:12:20.0026 6512	RasMan - ok
17:12:20.0057 6512	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
17:12:20.0073 6512	RasPppoe - ok
17:12:20.0104 6512	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
17:12:20.0120 6512	RasSstp - ok
17:12:20.0151 6512	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
17:12:20.0182 6512	rdbss - ok
17:12:20.0213 6512	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:12:20.0245 6512	RDPCDD - ok
17:12:20.0276 6512	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
17:12:20.0338 6512	rdpdr - ok
17:12:20.0338 6512	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
17:12:20.0369 6512	RDPENCDD - ok
17:12:20.0401 6512	RDPWD           (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
17:12:20.0432 6512	RDPWD - ok
17:12:20.0525 6512	Remote UI Service (a8430231e1a06828210248c79755bf9c) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
17:12:20.0557 6512	Remote UI Service - ok
17:12:20.0603 6512	RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
17:12:20.0650 6512	RemoteAccess - ok
17:12:20.0681 6512	RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
17:12:20.0713 6512	RemoteRegistry - ok
17:12:20.0775 6512	RichVideo       (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:12:20.0791 6512	RichVideo - ok
17:12:20.0869 6512	ROOTMODEM       (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
17:12:20.0915 6512	ROOTMODEM - ok
17:12:20.0931 6512	RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
17:12:20.0962 6512	RpcLocator - ok
17:12:21.0009 6512	RpcSs           (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
17:12:21.0056 6512	RpcSs - ok
17:12:21.0071 6512	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
17:12:21.0103 6512	rspndr - ok
17:12:21.0134 6512	SamSs           (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
17:12:21.0149 6512	SamSs - ok
17:12:21.0243 6512	SANDRA          (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x86\Sandra.sys
17:12:21.0259 6512	SANDRA - ok
17:12:21.0305 6512	SandraAgentSrv  (6858620e6ef1df704366acd45a317ad2) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe
17:12:21.0321 6512	SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
17:12:21.0321 6512	SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
17:12:21.0337 6512	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:12:21.0352 6512	sbp2port - ok
17:12:21.0399 6512	SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
17:12:21.0430 6512	SCardSvr - ok
17:12:21.0477 6512	Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
17:12:21.0742 6512	Schedule - ok
17:12:21.0773 6512	SCPolicySvc     (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
17:12:21.0789 6512	SCPolicySvc - ok
17:12:21.0836 6512	SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
17:12:21.0898 6512	SDRSVC - ok
17:12:21.0914 6512	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:12:21.0961 6512	secdrv - ok
17:12:21.0992 6512	seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
17:12:22.0023 6512	seclogon - ok
17:12:22.0023 6512	SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
17:12:22.0070 6512	SENS - ok
17:12:22.0101 6512	Serenum         (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
17:12:22.0132 6512	Serenum - ok
17:12:22.0148 6512	Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
17:12:22.0163 6512	Serial - ok
17:12:22.0195 6512	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
17:12:22.0226 6512	sermouse - ok
17:12:22.0335 6512	ServiceLayer    (c3bb6cf8f9ee199005a2aae2815ad756) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:12:22.0366 6512	ServiceLayer - ok
17:12:22.0413 6512	SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
17:12:22.0444 6512	SessionEnv - ok
17:12:22.0460 6512	sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
17:12:22.0507 6512	sffdisk - ok
17:12:22.0522 6512	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
17:12:22.0569 6512	sffp_mmc - ok
17:12:22.0600 6512	sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
17:12:22.0647 6512	sffp_sd - ok
17:12:22.0647 6512	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:12:22.0709 6512	sfloppy - ok
17:12:22.0990 6512	SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
17:12:23.0037 6512	SharedAccess - ok
17:12:23.0271 6512	ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
17:12:23.0318 6512	ShellHWDetection - ok
17:12:23.0349 6512	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
17:12:23.0365 6512	SiSRaid2 - ok
17:12:23.0380 6512	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
17:12:23.0396 6512	SiSRaid4 - ok
17:12:23.0864 6512	slsvc           (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
17:12:24.0769 6512	slsvc - ok
17:12:25.0049 6512	SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
17:12:25.0081 6512	SLUINotify - ok
17:12:25.0143 6512	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
17:12:25.0174 6512	Smb - ok
17:12:25.0190 6512	SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
17:12:25.0221 6512	SNMPTRAP - ok
17:12:26.0329 6512	SPC2050         (44588f2236f8c4e55b9a9e4031912b63) C:\Windows\system32\DRIVERS\spc2050.sys
17:12:26.0531 6512	SPC2050 - ok
17:12:27.0343 6512	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
17:12:27.0358 6512	spldr - ok
17:12:27.0389 6512	Spooler         (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
17:12:27.0452 6512	Spooler - ok
17:12:27.0483 6512	Spyder2         (527bbe1a1e98e634b540325491927efe) C:\Windows\system32\DRIVERS\Spyder2.sys
17:12:27.0514 6512	Spyder2 - ok
17:12:27.0561 6512	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
17:12:27.0608 6512	srv - ok
17:12:27.0639 6512	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
17:12:27.0701 6512	srv2 - ok
17:12:27.0733 6512	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
17:12:27.0764 6512	srvnet - ok
17:12:27.0811 6512	SSDPSRV         (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
17:12:27.0842 6512	SSDPSRV - ok
17:12:27.0873 6512	SSHDRV65        (a322501277d7733f5266581b79b8cc79) C:\Windows\system32\drivers\SSHDRV65.sys
17:12:27.0904 6512	SSHDRV65 ( UnsignedFile.Multi.Generic ) - warning
17:12:27.0904 6512	SSHDRV65 - detected UnsignedFile.Multi.Generic (1)
17:12:27.0920 6512	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
17:12:27.0935 6512	ssmdrv - ok
17:12:27.0982 6512	SstpSvc         (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
17:12:28.0013 6512	SstpSvc - ok
17:12:28.0076 6512	stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
17:12:28.0154 6512	stisvc - ok
17:12:28.0232 6512	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
17:12:28.0263 6512	swenum - ok
17:12:28.0294 6512	swprv           (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
17:12:28.0357 6512	swprv - ok
17:12:28.0372 6512	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:12:28.0388 6512	Symc8xx - ok
17:12:28.0403 6512	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:12:28.0419 6512	Sym_hi - ok
17:12:28.0419 6512	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:12:28.0435 6512	Sym_u3 - ok
17:12:28.0856 6512	SysMain         (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
17:12:28.0903 6512	SysMain - ok
17:12:28.0918 6512	TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
17:12:28.0996 6512	TabletInputService - ok
17:12:29.0027 6512	TapiSrv         (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
17:12:29.0059 6512	TapiSrv - ok
17:12:29.0230 6512	TBS             (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
17:12:29.0277 6512	TBS - ok
17:12:29.0355 6512	Tcpip           (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
17:12:29.0683 6512	Tcpip - ok
17:12:29.0698 6512	Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
17:12:29.0745 6512	Tcpip6 - ok
17:12:29.0823 6512	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
17:12:29.0885 6512	tcpipreg - ok
17:12:29.0933 6512	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
17:12:30.0042 6512	TDPIPE - ok
17:12:30.0167 6512	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
17:12:30.0198 6512	TDTCP - ok
17:12:30.0370 6512	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
17:12:30.0401 6512	tdx - ok
17:12:30.0432 6512	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
17:12:30.0448 6512	TermDD - ok
17:12:30.0542 6512	TermService     (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
17:12:30.0573 6512	TermService - ok
17:12:30.0620 6512	Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
17:12:30.0651 6512	Themes - ok
17:12:30.0698 6512	THREADORDER     (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
17:12:30.0729 6512	THREADORDER - ok
17:12:31.0072 6512	TomTomHOMEService (e9ca6ed72ea9f56bd6e98c7042092a1c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:12:31.0103 6512	TomTomHOMEService - ok
17:12:31.0384 6512	TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
17:12:31.0415 6512	TrkWks - ok
17:12:31.0680 6512	TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
17:12:31.0696 6512	TrustedInstaller - ok
17:12:31.0836 6512	TSHWMDTCP       (b56368b25a51cebda77e6b20764f07f2) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
17:12:31.0868 6512	TSHWMDTCP - ok
17:12:32.0008 6512	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:12:32.0055 6512	tssecsrv - ok
17:12:32.0070 6512	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
17:12:32.0102 6512	tunmp - ok
17:12:32.0133 6512	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
17:12:32.0164 6512	tunnel - ok
17:12:32.0788 6512	TVECapSvc       (dec8acebd9cd1f3dd6f4f3a6308d8b94) C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
17:12:32.0804 6512	TVECapSvc ( UnsignedFile.Multi.Generic ) - warning
17:12:32.0804 6512	TVECapSvc - detected UnsignedFile.Multi.Generic (1)
17:12:32.0835 6512	TVESched        (7a5a6987397f78b1606bdb5c407d3574) C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
17:12:32.0866 6512	TVESched ( UnsignedFile.Multi.Generic ) - warning
17:12:32.0866 6512	TVESched - detected UnsignedFile.Multi.Generic (1)
17:12:32.0913 6512	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
17:12:32.0928 6512	uagp35 - ok
17:12:32.0960 6512	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
17:12:32.0991 6512	udfs - ok
17:12:33.0022 6512	UI0Detect       (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
17:12:33.0069 6512	UI0Detect - ok
17:12:33.0100 6512	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
17:12:33.0100 6512	uliagpkx - ok
17:12:33.0131 6512	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
17:12:33.0162 6512	uliahci - ok
17:12:33.0178 6512	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
17:12:33.0194 6512	UlSata - ok
17:12:33.0209 6512	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
17:12:33.0240 6512	ulsata2 - ok
17:12:33.0303 6512	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
17:12:33.0334 6512	umbus - ok
17:12:33.0381 6512	upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
17:12:33.0412 6512	upnphost - ok
17:12:33.0459 6512	upperdev        (47f5f9d837d80ffd5882a14db9da0a67) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
17:12:33.0506 6512	upperdev - ok
17:12:33.0646 6512	USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
17:12:33.0662 6512	USBAAPL ( UnsignedFile.Multi.Generic ) - warning
17:12:33.0662 6512	USBAAPL - detected UnsignedFile.Multi.Generic (1)
17:12:33.0693 6512	usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
17:12:33.0724 6512	usbaudio - ok
17:12:34.0005 6512	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
17:12:34.0036 6512	usbccgp - ok
17:12:34.0067 6512	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:12:34.0114 6512	usbcir - ok
17:12:34.0161 6512	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
17:12:34.0192 6512	usbehci - ok
17:12:34.0223 6512	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
17:12:34.0254 6512	usbhub - ok
17:12:34.0270 6512	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
17:12:34.0317 6512	usbohci - ok
17:12:34.0473 6512	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
17:12:34.0504 6512	usbprint - ok
17:12:34.0722 6512	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
17:12:34.0754 6512	usbscan - ok
17:12:34.0800 6512	usbser          (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
17:12:34.0816 6512	usbser - ok
17:12:34.0863 6512	UsbserFilt      (e44f0d17be0908b58dcc99ccb99c6c32) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
17:12:34.0894 6512	UsbserFilt - ok
17:12:34.0925 6512	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:12:34.0956 6512	USBSTOR - ok
17:12:35.0034 6512	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
17:12:35.0050 6512	usbuhci - ok
17:12:35.0081 6512	UxSms           (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
17:12:35.0112 6512	UxSms - ok
17:12:35.0424 6512	vds             (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
17:12:35.0534 6512	vds - ok
17:12:35.0612 6512	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
17:12:35.0627 6512	vga - ok
17:12:35.0658 6512	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
17:12:35.0690 6512	VgaSave - ok
17:12:35.0721 6512	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
17:12:35.0736 6512	viaagp - ok
17:12:35.0752 6512	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
17:12:35.0799 6512	ViaC7 - ok
17:12:35.0814 6512	viaide          (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys
17:12:35.0830 6512	viaide - ok
17:12:35.0861 6512	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
17:12:35.0877 6512	volmgr - ok
17:12:35.0924 6512	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
17:12:35.0939 6512	volmgrx - ok
17:12:35.0970 6512	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
17:12:36.0002 6512	volsnap - ok
17:12:36.0033 6512	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
17:12:36.0048 6512	vsmraid - ok
17:12:36.0126 6512	VSS             (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
17:12:36.0204 6512	VSS - ok
17:12:36.0236 6512	W32Time         (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
17:12:36.0267 6512	W32Time - ok
17:12:36.0314 6512	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:12:36.0360 6512	WacomPen - ok
17:12:36.0407 6512	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:12:36.0423 6512	Wanarp - ok
17:12:36.0423 6512	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:12:36.0454 6512	Wanarpv6 - ok
17:12:36.0501 6512	wcncsvc         (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
17:12:36.0548 6512	wcncsvc - ok
17:12:36.0563 6512	WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
17:12:36.0594 6512	WcsPlugInService - ok
17:12:36.0610 6512	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
17:12:36.0626 6512	Wd - ok
17:12:36.0688 6512	Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
17:12:36.0750 6512	Wdf01000 - ok
17:12:36.0797 6512	WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
17:12:36.0828 6512	WdiServiceHost - ok
17:12:36.0828 6512	WdiSystemHost   (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
17:12:36.0875 6512	WdiSystemHost - ok
17:12:36.0906 6512	WebClient       (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
17:12:36.0938 6512	WebClient - ok
17:12:36.0969 6512	Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
17:12:37.0062 6512	Wecsvc - ok
17:12:37.0094 6512	wercplsupport   (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
17:12:37.0156 6512	wercplsupport - ok
17:12:37.0187 6512	WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
17:12:37.0218 6512	WerSvc - ok
17:12:37.0296 6512	WinDefend       (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
17:12:37.0312 6512	WinDefend - ok
17:12:37.0406 6512	WINFLASH        (01f2026f3c5b9c87cf77a9d233c2d39b) C:\Medion\BIOS\winflash192\WinFlash.sys
17:12:37.0406 6512	WINFLASH - ok
17:12:37.0406 6512	WinHttpAutoProxySvc - ok
17:12:37.0468 6512	Winmgmt         (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
17:12:37.0499 6512	Winmgmt - ok
17:12:37.0577 6512	WinRM           (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
17:12:37.0655 6512	WinRM - ok
17:12:37.0733 6512	Wlansvc         (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
17:12:37.0874 6512	Wlansvc - ok
17:12:37.0920 6512	WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
17:12:37.0967 6512	WmiAcpi - ok
17:12:38.0014 6512	wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
17:12:38.0045 6512	wmiApSrv - ok
17:12:38.0139 6512	WMPNetworkSvc   (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
17:12:38.0201 6512	WMPNetworkSvc - ok
17:12:38.0232 6512	WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
17:12:38.0295 6512	WPCSvc - ok
17:12:38.0326 6512	WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
17:12:38.0357 6512	WPDBusEnum - ok
17:12:38.0420 6512	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
17:12:38.0435 6512	WpdUsb - ok
17:12:38.0576 6512	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:12:38.0607 6512	WPFFontCache_v0400 - ok
17:12:38.0638 6512	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
17:12:38.0669 6512	ws2ifsl - ok
17:12:38.0700 6512	wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
17:12:38.0732 6512	wscsvc - ok
17:12:38.0732 6512	WSearch - ok
17:12:38.0841 6512	wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
17:12:38.0903 6512	wuauserv - ok
17:12:39.0028 6512	WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
17:12:39.0044 6512	WudfPf - ok
17:12:39.0106 6512	WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:39.0122 6512	WUDFRd - ok
17:12:39.0153 6512	wudfsvc         (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll
17:12:39.0200 6512	wudfsvc - ok
17:12:39.0231 6512	X10Hid          (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
17:12:39.0231 6512	X10Hid - ok
17:12:39.0309 6512	x10nets         (5a0c788c5bc5f2c993cb60940adcf95e) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
17:12:39.0309 6512	x10nets ( UnsignedFile.Multi.Generic ) - warning
17:12:39.0309 6512	x10nets - detected UnsignedFile.Multi.Generic (1)
17:12:39.0340 6512	XUIF            (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
17:12:39.0356 6512	XUIF - ok
17:12:39.0434 6512	{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (5867ce254625645345c833510d24f124) C:\Program Files\HomeCinema\PlayMovie\000.fcl
17:12:39.0434 6512	{49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
17:12:39.0480 6512	{95808DC4-FA4A-4C74-92FE-5B863F82066B} (556b5cfe8d21b256add7f87d7f4b4123) C:\Program Files\HomeCinema\PowerDVD\000.fcl
17:12:39.0496 6512	{95808DC4-FA4A-4C74-92FE-5B863F82066B} - ok
17:12:39.0512 6512	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:12:39.0902 6512	\Device\Harddisk0\DR0 - ok
17:12:39.0902 6512	Boot (0x1200)   (f8de6b423739bf5aa48f276007f8a363) \Device\Harddisk0\DR0\Partition0
17:12:39.0902 6512	\Device\Harddisk0\DR0\Partition0 - ok
17:12:39.0917 6512	Boot (0x1200)   (8722d8427dca8a2a9be8b4bcad8af40a) \Device\Harddisk0\DR0\Partition1
17:12:39.0917 6512	\Device\Harddisk0\DR0\Partition1 - ok
17:12:39.0917 6512	============================================================
17:12:39.0917 6512	Scan finished
17:12:39.0917 6512	============================================================
17:12:39.0933 2260	Detected object count: 19
17:12:39.0933 2260	Actual detected object count: 19
17:13:10.0337 2260	ACPService ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0337 2260	ACPService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0337 2260	DQLWinService ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0337 2260	DQLWinService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0337 2260	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0337 2260	FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	GnabService ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	GnabService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	MFX ( HiddenFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	MFX ( HiddenFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	MTOnlPktAlyX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	SSHDRV65 ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	SSHDRV65 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0353 2260	TVECapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0353 2260	TVECapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0368 2260	TVESched ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0368 2260	TVESched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0368 2260	USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0368 2260	USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:13:10.0368 2260	x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
17:13:10.0368 2260	x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 05.08.2012, 17:15

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

hoochiecoo · 06.08.2012, 08:39

[code]
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-08-05.02 - *** 06.08.2012   8:59.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.1745 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xml62F1.tmp
c:\programdata\xml6497.tmp
c:\programdata\xml65EF.tmp
c:\users\Hanna\Documents\~WRL0004.tmp
c:\users\***\AppData\Local\uTorrent.exe
c:\windows\ali.exe
c:\windows\IsUn0407.exe
c:\windows\system32\encapi32.dll
c:\windows\system32\fpop411.ocx
c:\windows\system32\kWab.dll
c:\windows\system32\ubgrid.ocx
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\vspc2050.exe
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-06 bis 2012-08-06  ))))))))))))))))))))))))))))))
.
.
2012-08-05 10:11 . 2012-08-05 10:11	--------	d-----w-	C:\_OTL
2012-08-05 00:10 . 2012-08-06 04:59	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{519AA064-1F9F-41D1-9886-26B389C3B6AD}\offreg.dll
2012-08-03 23:57 . 2012-06-29 08:44	6891424	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{519AA064-1F9F-41D1-9886-26B389C3B6AD}\mpengine.dll
2012-08-01 19:13 . 2012-08-01 19:13	--------	d-----w-	c:\programdata\Simply Super Software
2012-07-31 10:43 . 2012-07-31 10:43	--------	d-----w-	c:\program files\ESET
2012-07-30 14:11 . 2012-07-30 14:11	--------	d-----w-	c:\users\***\AppData\Roaming\Malwarebytes
2012-07-30 14:10 . 2012-07-30 14:10	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-30 14:10 . 2012-07-30 14:10	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-07-30 14:10 . 2012-07-03 11:46	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-07-30 01:34 . 2012-07-30 01:34	--------	d-----w-	c:\program files\iPod
2012-07-30 01:34 . 2012-07-30 01:36	--------	d-----w-	c:\program files\iTunes
2012-07-28 01:22 . 2012-07-28 01:22	--------	d-----w-	c:\program files\Perion
2012-07-22 23:52 . 2012-07-22 23:52	--------	d-----w-	c:\program files\Oracle
2012-07-14 16:00 . 2012-07-14 16:00	--------	d-----w-	c:\users\***\AppData\Local\Downloaded Installations
2012-07-14 10:04 . 2012-07-14 10:04	--------	d-----w-	c:\program files\Common Files\PCSuite
2012-07-14 10:03 . 2012-06-11 09:33	19072	----a-w-	c:\windows\system32\drivers\pccsmcfd.sys
2012-07-14 10:02 . 2012-07-14 10:02	--------	d-----w-	c:\program files\PC Connectivity Solution
2012-07-14 09:41 . 2012-07-14 09:41	--------	d-----w-	c:\users\***\AppData\Roaming\dvdcss
2012-07-12 13:21 . 2012-06-13 13:40	2047488	----a-w-	c:\windows\system32\win32k.sys
2012-07-12 13:13 . 2012-06-05 16:47	708608	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2012-07-12 13:13 . 2012-06-05 16:47	1401856	----a-w-	c:\windows\system32\msxml6.dll
2012-07-12 13:13 . 2012-06-05 16:47	1248768	----a-w-	c:\windows\system32\msxml3.dll
2012-07-12 13:13 . 2012-06-04 15:26	440704	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-07-12 13:13 . 2012-06-02 00:04	278528	----a-w-	c:\windows\system32\schannel.dll
2012-07-12 13:13 . 2012-06-02 00:03	204288	----a-w-	c:\windows\system32\ncrypt.dll
2012-07-08 14:02 . 2010-08-19 17:22	409600	----a-w-	c:\program files\Mozilla Firefox\Kaspersky Rescue2Usb\rescue2usb.exe
2012-07-08 14:02 . 2010-04-01 09:01	28160	----a-w-	c:\program files\Mozilla Firefox\Kaspersky Rescue2Usb\syslinux.exe
2012-07-08 14:02 . 2009-10-16 14:43	237849	----a-w-	c:\program files\Mozilla Firefox\Kaspersky Rescue2Usb\grub.exe
2012-07-08 08:27 . 2012-07-08 08:27	--------	d-----w-	c:\programdata\ATI
2012-07-08 08:26 . 2012-07-08 08:26	--------	d-----w-	c:\program files\AMD APP
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-28 01:18 . 2012-04-06 01:19	426184	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-07-28 01:18 . 2011-06-03 08:46	70344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 20:06 . 2012-05-28 21:01	772544	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-07-05 20:06 . 2010-05-01 08:47	687544	----a-w-	c:\windows\system32\deployJava1.dll
2012-07-03 16:24 . 2012-07-03 16:24	30544	----a-w-	c:\windows\dirdib.drv
2012-07-03 16:24 . 2012-07-03 16:24	30256	----a-w-	c:\windows\macromix.dll
2012-06-12 17:53 . 2012-06-12 17:53	1207568	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-06-11 18:58 . 2012-06-11 18:58	8733696	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35 . 2012-06-11 18:35	58880	----a-w-	c:\windows\system32\coinst_8.98.dll
2012-06-11 18:00 . 2012-06-11 18:00	20467712	----a-w-	c:\windows\system32\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25	163840	----a-w-	c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-10-12 20:14	924160	----a-w-	c:\windows\system32\aticfx32.dll
2012-06-11 17:20 . 2012-06-11 17:20	442368	----a-w-	c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19	468992	----a-w-	c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19	217600	----a-w-	c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17	163840	----a-w-	c:\windows\system32\atitmmxx.dll
2012-06-11 17:17 . 2012-06-11 17:17	20992	----a-w-	c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17	43520	----a-w-	c:\windows\system32\ati2edxx.dll
2012-06-11 17:16 . 2012-06-11 17:16	6301696	----a-w-	c:\windows\system32\atidxx32.dll
2012-06-11 16:45 . 2012-06-11 16:45	46080	----a-w-	c:\windows\system32\aticalrt.dll
2012-06-11 16:45 . 2011-10-12 19:44	5480448	----a-w-	c:\windows\system32\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45	44032	----a-w-	c:\windows\system32\aticalcl.dll
2012-06-11 16:43 . 2011-10-12 19:33	4729344	----a-w-	c:\windows\system32\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40	13277696	----a-w-	c:\windows\system32\aticaldd.dll
2012-06-11 16:26 . 2012-06-11 16:26	368640	----a-w-	c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26	33280	----a-w-	c:\windows\system32\atigktxx.dll
2012-06-11 16:25 . 2012-06-11 16:25	295936	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2012-06-11 16:25	42496	----a-w-	c:\windows\system32\atiuxpag.dll
2012-06-11 16:24 . 2011-10-12 19:29	32768	----a-w-	c:\windows\system32\atiu9pag.dll
2012-06-11 16:24 . 2011-10-12 19:28	37376	----a-w-	c:\windows\system32\atitmpxx.dll
2012-06-11 16:24 . 2012-06-11 16:24	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23	56832	----a-w-	c:\windows\system32\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23	56832	----a-w-	c:\windows\system32\amdpcom32.dll
2012-06-11 11:50 . 2012-06-11 11:50	159232	----a-w-	c:\windows\system32\clinfo.exe
2012-06-11 11:50 . 2012-06-11 11:50	65024	----a-w-	c:\windows\system32\OpenVideo.dll
2012-06-11 11:50 . 2012-06-11 11:50	56320	----a-w-	c:\windows\system32\OVDecode.dll
2012-06-11 11:49 . 2012-06-11 11:49	13008896	----a-w-	c:\windows\system32\amdocl.dll
2012-06-05 13:43 . 2007-10-09 14:23	319456	----a-w-	c:\windows\DIFxAPI.dll
2012-06-05 13:43 . 2012-06-05 13:43	319488	----a-w-	c:\windows\HideWin.exe
2012-06-02 22:19 . 2012-06-27 14:26	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-27 14:26	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-27 14:26	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-27 14:26	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-27 14:26	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-27 14:26	2422272	----a-w-	c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-27 14:26	88576	----a-w-	c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-27 14:25	171904	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-27 14:25	33792	----a-w-	c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2009-10-02 23:36	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-05-15 06:37 . 2012-06-13 11:10	916992	----a-w-	c:\windows\system32\wininet.dll
2012-05-15 06:32 . 2012-06-13 11:10	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-05-15 06:32 . 2012-06-13 11:10	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2012-05-15 06:31 . 2012-06-13 11:10	109056	----a-w-	c:\windows\system32\iesysprep.dll
2012-05-15 06:31 . 2012-06-13 11:10	71680	----a-w-	c:\windows\system32\iesetup.dll
2012-05-15 05:01 . 2012-06-13 11:10	385024	----a-w-	c:\windows\system32\html.iec
2012-05-15 03:26 . 2012-06-13 11:10	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2012-05-15 03:23 . 2012-06-13 11:10	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2009-07-10 12:39 . 2010-02-26 07:45	350720	----a-w-	c:\program files\hjsplit.exe
2009-02-16 12:03 . 2009-02-16 12:03	520192	----a-w-	c:\program files\WinDjView-0.5.exe
2008-07-23 07:04 . 2008-07-23 07:07	7100928	----a-w-	c:\program files\PocketDivXEncoder_0.3.96.exe
2008-06-27 22:38 . 2009-07-25 13:21	3786240	----a-w-	c:\program files\BabelMap.exe
2006-12-30 09:05 . 2008-07-28 19:58	953344	----a-w-	c:\program files\MPEG_Streamclip.exe
2002-11-06 18:42 . 2008-07-28 12:22	237568	----a-w-	c:\program files\VobEdit.exe
2012-07-19 14:20 . 2011-03-22 16:54	136672	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32	94208	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHandlerAccessible]
@="{3DBF5F01-3287-46EB-82CF-45AA5C241162}"
[HKEY_CLASSES_ROOT\CLSID\{3DBF5F01-3287-46EB-82CF-45AA5C241162}]
2008-05-21 08:35	380472	----a-w-	c:\windows\System32\PGPfsshl.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2008-12-12 132392]
"AVMUSBFernanschluss"="c:\users\***\AppData\Local\Apps\2.0\NV4B77TJ.RLV\ZA3RV21M.ADH\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe" [2010-11-21 147456]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Facebook Update"="c:\users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-06-21 247768]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2011-10-12 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PlayMovie"="c:\program files\HomeCinema\PlayMovie\PMVService.exe" [2007-09-06 172032]
"TVEService"="c:\program files\HomeCinema\TV Enhance\TVEService.exe" [2007-10-19 155648]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-08 178712]
"NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 439512]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2007-06-27 215256]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 69632]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2009-05-05 4178688]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2009-05-05 58112]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-03-18 75048]
"RemoteControl"="c:\program files\HomeCinema\PowerDVD\PDVDServ.exe" [2008-07-21 87336]
"LanguageShortcut"="c:\program files\HomeCinema\PowerDVD\Language\Language.exe" [2008-05-14 62760]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]
"PLF2050"="c:\windows\PLF2050.exe" [2008-07-10 40960]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-07 6139904]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-04-04 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-04-04 815512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Online_Software_6\WLAN-Access Finder"="c:\program files\T-Online\WLAN-Access Finder\ToWLaAcF.exe" [2008-04-08 671796]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
FRITZ!fax.lnk - c:\program files\FRITZ!\FriFax32.exe [2007-12-4 1504560]
Hamster.lnk - c:\program files\hamster\Hamster.exe [2007-12-5 2423296]
HotSync Manager.lnk - c:\program files\palmOne\Hotsync.exe [2008-1-3 1392640]
ISDNWatch.lnk - c:\program files\FRITZ!\IWatch.exe [2007-12-4 341296]
klickIdent 19.lnk - c:\program files\klickIdent Herbst 2007\klickIdentPP.exe [2008-1-10 855552]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
Telefon- und Branchenbuch Herbst 2007 - Schnellstarter.lnk - c:\program files\klickTel\Telefon- und Branchenbuch Herbst 2007\KSTART32.EXE [2008-1-10 4460032]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled
Google Updater.lnk - c:\program files\Google\Google Updater\GoogleUpdater.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HotSync Manager.lnk - c:\program files\palmOne\Hotsync.exe [2008-1-3 1392640]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-12-3 809488]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=PGPmapih.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli PGPpwflt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08	1259376	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-07-19 14:18	116648	----atw-	c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-06-09 18:55	49208	----a-w-	c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2011-07-31 12:07	189808	----a-w-	c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMAgent]
2010-01-18 19:46	1371584	----a-w-	c:\program files\Mobile Master\MMAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07	252296	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3256582083-1008837156-380773153-1004]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3256582083-1008837156-380773153-1005]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3256582083-1008837156-380773153-1006]
"EnableNotificationsRef"=dword:00000001
.
S2 ACPService;ACPService;c:\program files\Philips\CamSuite\2.0.15.0\ACPService.exe [x]
S3 3xHybrid;CTX SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3256582083-1008837156-380773153-1004Core.job
- c:\users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-09 07:55]
.
2012-08-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3256582083-1008837156-380773153-1004UA.job
- c:\users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-09 07:55]
.
2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-29 00:39]
.
2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-29 00:39]
.
2012-08-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3256582083-1008837156-380773153-1004Core.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-28 14:18]
.
2012-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3256582083-1008837156-380773153-1004UA.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-28 14:18]
.
2012-08-06 c:\windows\Tasks\User_Feed_Synchronization-{8FFE2620-F3A6-4A3D-8DE1-28BB43424C7F}.job
- c:\windows\system32\msfeedssync.exe [2012-06-13 03:24]
.
2012-08-06 c:\windows\Tasks\User_Feed_Synchronization-{B3D2BDFD-4BCC-4E26-A292-781810C0B8D0}.job
- c:\windows\system32\msfeedssync.exe [2012-06-13 03:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Free YouTube Download - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: In Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-15/4
LSP: c:\windows\system32\PGPlsp.dll
Trusted Zone: apemap.com
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: meine-domain.de
Trusted Zone: elsteronline.de\www
Trusted Zone: fernuni-hagen.de\ca
Trusted Zone: microsoft.com\www.update
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\iqywoth5.default-1343886510233\
FF - prefs.js: browser.startup.homepage - about:blank
.
.
------- Dateityp-Verknüpfung -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.txt=CrimsonEditor.txt
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-spc2050 - c:\windows\vspc2050.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-GameShadow - c:\program files\GameShadow\GameShadow.exe
MSConfigStartUp-toolbar_eula_launcher - c:\program files\GoogleEULA\EULALauncher.exe
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
AddRemove-uTorrent - c:\users\***\AppData\Local\uTorrent.exe
AddRemove-Mixxx (1.10.0) - c:\users\***\AppData\Local\Mixxx\UninstallMixxx.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-08-06 09:12
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
.
c:\windows\system32\drivers\MFX.sys 45824 bytes executable
c:\windows\TEMP\TMP000000BD425670B4799B3349 524288 bytes
C:\SYZ_DAT
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 3
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\HomeCinema\PlayMovie\000.fcl"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\HomeCinema\PowerDVD\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(832)
c:\windows\system32\PGPpwflt.dll
c:\windows\system32\PGPwd.dll
c:\windows\system32\PGPsdk.dll
.
- - - - - - - > 'Explorer.exe'(7284)
c:\program files\ATI Technologies\HydraVision\HydraDMH.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\PGPfsshl.dll
.
Zeit der Fertigstellung: 2012-08-06  09:17:25
ComboFix-quarantined-files.txt  2012-08-06 07:17
.
Vor Suchlauf: 6.400.729.088 Bytes frei
Nach Suchlauf: 6.318.563.328 Bytes frei
.
- - End Of File - - F29E65DC96214950D22E9A6FC0299949

--- --- ---

cosinus · 06.08.2012, 16:06

Edit:

Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:

ATTFilter

Filelook::
c:\windows\system32\drivers\MFX.sys
c:\windows\TEMP\TMP000000BD425670B4799B3349
C:\SYZ_DAT

3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.

6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

MyStart Incredibar in Firefox, IE und Chrome

Log-Analyse und Auswertung: MyStart Incredibar in Firefox, IE und Chrome