Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.08.2012, 19:16   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 - Standard

Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.08.2012, 21:48   #17
LouisM
 
Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 - Standard

Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8



Hallo cosinus,

Code:
ATTFilter
22:44:50.0892 6092	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:44:50.0951 6092	============================================================
22:44:50.0952 6092	Current date / time: 2012/08/03 22:44:50.0951
22:44:50.0952 6092	SystemInfo:
22:44:50.0952 6092	
22:44:50.0952 6092	OS Version: 6.1.7600 ServicePack: 0.0
22:44:50.0952 6092	Product type: Workstation
22:44:50.0952 6092	ComputerName: WOTAN
22:44:50.0952 6092	UserName: ****
22:44:50.0952 6092	Windows directory: C:\Windows
22:44:50.0952 6092	System windows directory: C:\Windows
22:44:50.0952 6092	Running under WOW64
22:44:50.0952 6092	Processor architecture: Intel x64
22:44:50.0952 6092	Number of processors: 4
22:44:50.0952 6092	Page size: 0x1000
22:44:50.0952 6092	Boot type: Normal boot
22:44:50.0952 6092	============================================================
22:44:51.0877 6092	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:44:51.0882 6092	Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:44:52.0347 6092	============================================================
22:44:52.0347 6092	\Device\Harddisk0\DR0:
22:44:52.0347 6092	MBR partitions:
22:44:52.0347 6092	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x32000
22:44:52.0347 6092	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x46000, BlocksNum 0x253E8000
22:44:52.0347 6092	\Device\Harddisk1\DR1:
22:44:52.0348 6092	MBR partitions:
22:44:52.0348 6092	\Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
22:44:52.0348 6092	============================================================
22:44:52.0383 6092	C: <-> \Device\Harddisk0\DR0\Partition1
22:44:52.0384 6092	G: <-> \Device\Harddisk1\DR1\Partition0
22:44:52.0384 6092	============================================================
22:44:52.0384 6092	Initialize success
22:44:52.0384 6092	============================================================
22:45:38.0599 7480	============================================================
22:45:38.0599 7480	Scan started
22:45:38.0599 7480	Mode: Manual; SigCheck; TDLFS; 
22:45:38.0599 7480	============================================================
22:45:42.0103 7480	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
22:45:42.0198 7480	1394ohci - ok
22:45:42.0234 7480	Acceler         (e388503069001f0797ec200ce19b265e) C:\Windows\system32\DRIVERS\Acceler.sys
22:45:42.0283 7480	Acceler - ok
22:45:42.0325 7480	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
22:45:42.0346 7480	ACPI - ok
22:45:42.0357 7480	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
22:45:42.0434 7480	AcpiPmi - ok
22:45:42.0583 7480	AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:45:42.0600 7480	AdobeFlashPlayerUpdateSvc - ok
22:45:42.0671 7480	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:45:42.0716 7480	adp94xx - ok
22:45:42.0751 7480	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:45:42.0772 7480	adpahci - ok
22:45:42.0786 7480	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:45:42.0800 7480	adpu320 - ok
22:45:42.0828 7480	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:45:43.0084 7480	AeLookupSvc - ok
22:45:43.0224 7480	AFD             (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
22:45:43.0279 7480	AFD - ok
22:45:43.0319 7480	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
22:45:43.0341 7480	agp440 - ok
22:45:43.0392 7480	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:45:43.0422 7480	ALG - ok
22:45:43.0422 7480	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
22:45:43.0445 7480	aliide - ok
22:45:43.0631 7480	ALSysIO - ok
22:45:43.0638 7480	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
22:45:43.0657 7480	amdide - ok
22:45:43.0670 7480	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:45:43.0708 7480	AmdK8 - ok
22:45:43.0715 7480	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:45:43.0740 7480	AmdPPM - ok
22:45:43.0779 7480	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\DRIVERS\amdsata.sys
22:45:43.0793 7480	amdsata - ok
22:45:43.0808 7480	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:45:43.0830 7480	amdsbs - ok
22:45:43.0840 7480	amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\DRIVERS\amdxata.sys
22:45:43.0850 7480	amdxata - ok
22:45:43.0920 7480	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:45:43.0948 7480	AntiVirSchedulerService - ok
22:45:43.0967 7480	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:45:43.0979 7480	AntiVirService - ok
22:45:44.0217 7480	Apache2.4       (44ee9285880603e2c7550541ea698d8d) c:\xampp\apache\bin\httpd.exe
22:45:44.0231 7480	Apache2.4 ( UnsignedFile.Multi.Generic ) - warning
22:45:44.0231 7480	Apache2.4 - detected UnsignedFile.Multi.Generic (1)
22:45:44.0249 7480	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
22:45:44.0346 7480	AppID - ok
22:45:44.0404 7480	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:45:44.0465 7480	AppIDSvc - ok
22:45:44.0504 7480	Appinfo         (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
22:45:44.0540 7480	Appinfo - ok
22:45:44.0626 7480	Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:45:44.0642 7480	Apple Mobile Device - ok
22:45:44.0684 7480	AppMgmt         (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
22:45:44.0740 7480	AppMgmt - ok
22:45:44.0772 7480	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:45:44.0791 7480	arc - ok
22:45:44.0801 7480	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:45:44.0820 7480	arcsas - ok
22:45:44.0940 7480	aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:45:44.0975 7480	aspnet_state - ok
22:45:44.0992 7480	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:45:45.0045 7480	AsyncMac - ok
22:45:45.0056 7480	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
22:45:45.0066 7480	atapi - ok
22:45:45.0114 7480	AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:45:45.0185 7480	AudioEndpointBuilder - ok
22:45:45.0190 7480	AudioSrv        (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:45:45.0232 7480	AudioSrv - ok
22:45:45.0266 7480	avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
22:45:45.0286 7480	avgntflt - ok
22:45:45.0305 7480	avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
22:45:45.0323 7480	avipbb - ok
22:45:45.0337 7480	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
22:45:45.0347 7480	avkmgr - ok
22:45:45.0358 7480	AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
22:45:45.0439 7480	AxInstSV - ok
22:45:45.0501 7480	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:45:45.0606 7480	b06bdrv - ok
22:45:45.0640 7480	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:45:45.0676 7480	b57nd60a - ok
22:45:45.0708 7480	BCM42RLY        (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
22:45:45.0718 7480	BCM42RLY - ok
22:45:46.0010 7480	BCM43XX         (0b0df4cd7c2c188c95c4e09c568ad54a) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:45:46.0145 7480	BCM43XX - ok
22:45:46.0268 7480	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:45:46.0307 7480	BDESVC - ok
22:45:46.0341 7480	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:45:46.0395 7480	Beep - ok
22:45:46.0459 7480	BFE             (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
22:45:46.0533 7480	BFE - ok
22:45:46.0602 7480	BITS            (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
22:45:46.0710 7480	BITS - ok
22:45:46.0756 7480	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:45:46.0786 7480	blbdrive - ok
22:45:46.0939 7480	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:45:47.0004 7480	Bonjour Service - ok
22:45:47.0033 7480	bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
22:45:47.0062 7480	bowser - ok
22:45:47.0086 7480	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:45:47.0116 7480	BrFiltLo - ok
22:45:47.0121 7480	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:45:47.0140 7480	BrFiltUp - ok
22:45:47.0160 7480	Browser         (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
22:45:47.0219 7480	Browser - ok
22:45:47.0256 7480	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:45:47.0294 7480	Brserid - ok
22:45:47.0312 7480	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:45:47.0338 7480	BrSerWdm - ok
22:45:47.0345 7480	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:45:47.0364 7480	BrUsbMdm - ok
22:45:47.0371 7480	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:45:47.0394 7480	BrUsbSer - ok
22:45:47.0454 7480	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
22:45:47.0486 7480	BthEnum - ok
22:45:47.0497 7480	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:45:47.0519 7480	BTHMODEM - ok
22:45:47.0566 7480	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
22:45:47.0599 7480	BthPan - ok
22:45:47.0667 7480	BTHPORT         (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
22:45:47.0711 7480	BTHPORT - ok
22:45:47.0740 7480	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:45:47.0791 7480	bthserv - ok
22:45:47.0830 7480	BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
22:45:47.0842 7480	BTHUSB - ok
22:45:47.0893 7480	btwaudio        (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys
22:45:47.0904 7480	btwaudio - ok
22:45:47.0962 7480	btwavdt         (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
22:45:47.0983 7480	btwavdt - ok
22:45:48.0110 7480	btwdins         (8318678c71b12d6663d76473f5ec28b1) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:45:48.0152 7480	btwdins - ok
22:45:48.0208 7480	btwl2cap        (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
22:45:48.0222 7480	btwl2cap - ok
22:45:48.0260 7480	btwrchid        (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
22:45:48.0272 7480	btwrchid - ok
22:45:48.0328 7480	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:45:48.0400 7480	cdfs - ok
22:45:48.0451 7480	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
22:45:48.0516 7480	cdrom - ok
22:45:48.0577 7480	CertPropSvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:45:48.0636 7480	CertPropSvc - ok
22:45:48.0659 7480	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:45:48.0682 7480	circlass - ok
22:45:48.0715 7480	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:45:48.0731 7480	CLFS - ok
22:45:48.0799 7480	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:45:48.0818 7480	clr_optimization_v2.0.50727_32 - ok
22:45:48.0878 7480	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:45:48.0898 7480	clr_optimization_v2.0.50727_64 - ok
22:45:48.0967 7480	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:45:49.0100 7480	clr_optimization_v4.0.30319_32 - ok
22:45:49.0137 7480	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:45:49.0195 7480	clr_optimization_v4.0.30319_64 - ok
22:45:49.0220 7480	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:45:49.0248 7480	CmBatt - ok
22:45:49.0257 7480	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
22:45:49.0269 7480	cmdide - ok
22:45:49.0340 7480	CNG             (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
22:45:49.0442 7480	CNG - ok
22:45:49.0463 7480	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:45:49.0478 7480	Compbatt - ok
22:45:49.0499 7480	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:45:49.0529 7480	CompositeBus - ok
22:45:49.0532 7480	COMSysApp - ok
22:45:49.0545 7480	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:45:49.0560 7480	crcdisk - ok
22:45:49.0672 7480	CryptSvc        (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
22:45:49.0738 7480	CryptSvc - ok
22:45:49.0806 7480	CSC             (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
22:45:49.0867 7480	CSC - ok
22:45:49.0926 7480	CscService      (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
22:45:49.0976 7480	CscService - ok
22:45:50.0030 7480	DcomLaunch      (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:45:50.0093 7480	DcomLaunch - ok
22:45:50.0137 7480	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:45:50.0206 7480	defragsvc - ok
22:45:50.0249 7480	DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
22:45:50.0285 7480	DfsC - ok
22:45:50.0323 7480	Dhcp            (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
22:45:50.0494 7480	Dhcp - ok
22:45:50.0567 7480	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:45:50.0621 7480	discache - ok
22:45:50.0662 7480	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:45:50.0673 7480	Disk - ok
22:45:50.0752 7480	Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
22:45:50.0789 7480	Dnscache - ok
22:45:50.0821 7480	dot3svc         (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
22:45:50.0892 7480	dot3svc - ok
22:45:50.0981 7480	DpHost          (0c23bf4cddbecbaca8659a96c359e0dd) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
22:45:51.0018 7480	DpHost ( UnsignedFile.Multi.Generic ) - warning
22:45:51.0018 7480	DpHost - detected UnsignedFile.Multi.Generic (1)
22:45:51.0039 7480	DPS             (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
22:45:51.0085 7480	DPS - ok
22:45:51.0106 7480	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:45:51.0122 7480	drmkaud - ok
22:45:51.0194 7480	dtsoftbus01     (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:45:51.0219 7480	dtsoftbus01 - ok
22:45:51.0307 7480	DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
22:45:51.0343 7480	DXGKrnl - ok
22:45:51.0363 7480	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:45:51.0432 7480	EapHost - ok
22:45:51.0811 7480	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:45:51.0941 7480	ebdrv - ok
22:45:52.0066 7480	EFS             (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
22:45:52.0104 7480	EFS - ok
22:45:52.0191 7480	ehRecvr         (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
22:45:52.0290 7480	ehRecvr - ok
22:45:52.0318 7480	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:45:52.0361 7480	ehSched - ok
22:45:52.0431 7480	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:45:52.0468 7480	elxstor - ok
22:45:52.0487 7480	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
22:45:52.0506 7480	ErrDev - ok
22:45:52.0603 7480	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:45:52.0773 7480	EventSystem - ok
22:45:52.0841 7480	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:45:52.0939 7480	exfat - ok
22:45:52.0968 7480	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:45:53.0054 7480	fastfat - ok
22:45:53.0129 7480	Fax             (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
22:45:53.0191 7480	Fax - ok
22:45:53.0206 7480	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:45:53.0233 7480	fdc - ok
22:45:53.0242 7480	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:45:53.0319 7480	fdPHost - ok
22:45:53.0335 7480	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:45:53.0371 7480	FDResPub - ok
22:45:53.0388 7480	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:45:53.0399 7480	FileInfo - ok
22:45:53.0415 7480	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:45:53.0451 7480	Filetrace - ok
22:45:53.0465 7480	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:45:53.0477 7480	flpydisk - ok
22:45:53.0510 7480	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
22:45:53.0526 7480	FltMgr - ok
22:45:53.0622 7480	FontCache       (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
22:45:53.0730 7480	FontCache - ok
22:45:53.0911 7480	FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:45:53.0926 7480	FontCache3.0.0.0 - ok
22:45:53.0958 7480	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:45:53.0976 7480	FsDepends - ok
22:45:54.0034 7480	Fs_Rec          (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
22:45:54.0051 7480	Fs_Rec - ok
22:45:54.0115 7480	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:45:54.0141 7480	fvevol - ok
22:45:54.0178 7480	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:45:54.0190 7480	gagp30kx - ok
22:45:54.0223 7480	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:45:54.0232 7480	GEARAspiWDM - ok
22:45:54.0293 7480	gpsvc           (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
22:45:54.0358 7480	gpsvc - ok
22:45:54.0369 7480	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:45:54.0401 7480	hcw85cir - ok
22:45:54.0452 7480	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
22:45:54.0496 7480	HdAudAddService - ok
22:45:54.0523 7480	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:45:54.0557 7480	HDAudBus - ok
22:45:54.0580 7480	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
22:45:54.0593 7480	HECIx64 - ok
22:45:54.0598 7480	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:45:54.0628 7480	HidBatt - ok
22:45:54.0653 7480	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:45:54.0693 7480	HidBth - ok
22:45:54.0698 7480	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:45:54.0738 7480	HidIr - ok
22:45:54.0789 7480	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:45:54.0854 7480	hidserv - ok
22:45:54.0924 7480	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
22:45:54.0937 7480	HidUsb - ok
22:45:55.0038 7480	hkmsvc          (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
22:45:55.0095 7480	hkmsvc - ok
22:45:55.0147 7480	HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
22:45:55.0184 7480	HomeGroupListener - ok
22:45:55.0225 7480	HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
22:45:55.0265 7480	HomeGroupProvider - ok
22:45:55.0286 7480	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
22:45:55.0297 7480	HpSAMD - ok
22:45:55.0358 7480	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
22:45:55.0412 7480	HTTP - ok
22:45:55.0424 7480	hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
22:45:55.0433 7480	hwpolicy - ok
22:45:55.0465 7480	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:45:55.0479 7480	i8042prt - ok
22:45:55.0535 7480	iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\DRIVERS\iaStorV.sys
22:45:55.0567 7480	iaStorV - ok
22:45:55.0693 7480	idsvc           (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:45:55.0748 7480	idsvc - ok
22:45:55.0768 7480	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:45:55.0786 7480	iirsp - ok
22:45:55.0880 7480	IKEEXT          (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
22:45:55.0989 7480	IKEEXT - ok
22:45:56.0111 7480	InstallFilterService (cb8e52c468d674324260d1102955d42e) C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
22:45:56.0132 7480	InstallFilterService ( UnsignedFile.Multi.Generic ) - warning
22:45:56.0132 7480	InstallFilterService - detected UnsignedFile.Multi.Generic (1)
22:45:56.0137 7480	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
22:45:56.0154 7480	intelide - ok
22:45:56.0197 7480	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:45:56.0222 7480	intelppm - ok
22:45:56.0261 7480	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:45:56.0324 7480	IPBusEnum - ok
22:45:56.0334 7480	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:45:56.0371 7480	IpFilterDriver - ok
22:45:56.0426 7480	iphlpsvc        (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
22:45:56.0479 7480	iphlpsvc - ok
22:45:56.0487 7480	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:45:56.0497 7480	IPMIDRV - ok
22:45:56.0507 7480	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:45:56.0550 7480	IPNAT - ok
22:45:56.0663 7480	iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
22:45:56.0709 7480	iPod Service - ok
22:45:56.0733 7480	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:45:56.0759 7480	IRENUM - ok
22:45:56.0774 7480	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
22:45:56.0785 7480	isapnp - ok
22:45:56.0815 7480	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
22:45:56.0926 7480	iScsiPrt - ok
22:45:56.0958 7480	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:45:56.0970 7480	kbdclass - ok
22:45:56.0990 7480	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
22:45:57.0008 7480	kbdhid - ok
22:45:57.0079 7480	KeyIso          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:45:57.0098 7480	KeyIso - ok
22:45:57.0137 7480	KSecDD          (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
22:45:57.0155 7480	KSecDD - ok
22:45:57.0190 7480	KSecPkg         (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
22:45:57.0202 7480	KSecPkg - ok
22:45:57.0249 7480	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:45:57.0319 7480	ksthunk - ok
22:45:57.0361 7480	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:45:57.0430 7480	KtmRm - ok
22:45:57.0476 7480	LanmanServer    (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
22:45:57.0520 7480	LanmanServer - ok
22:45:57.0553 7480	LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
22:45:57.0623 7480	LanmanWorkstation - ok
22:45:57.0665 7480	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:45:57.0714 7480	lltdio - ok
22:45:57.0749 7480	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:45:57.0814 7480	lltdsvc - ok
22:45:57.0829 7480	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:45:57.0865 7480	lmhosts - ok
22:45:57.0892 7480	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:45:57.0905 7480	LSI_FC - ok
22:45:57.0914 7480	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:45:57.0927 7480	LSI_SAS - ok
22:45:57.0934 7480	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:45:57.0945 7480	LSI_SAS2 - ok
22:45:57.0971 7480	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:45:57.0983 7480	LSI_SCSI - ok
22:45:58.0012 7480	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:45:58.0059 7480	luafv - ok
22:45:58.0085 7480	Mcx2Svc         (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
22:45:58.0105 7480	Mcx2Svc - ok
22:45:58.0114 7480	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:45:58.0124 7480	megasas - ok
22:45:58.0143 7480	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:45:58.0158 7480	MegaSR - ok
22:45:58.0181 7480	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:45:58.0209 7480	MMCSS - ok
22:45:58.0227 7480	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:45:58.0279 7480	Modem - ok
22:45:58.0302 7480	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:45:58.0316 7480	monitor - ok
22:45:58.0329 7480	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:45:58.0340 7480	mouclass - ok
22:45:58.0362 7480	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:45:58.0372 7480	mouhid - ok
22:45:58.0387 7480	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
22:45:58.0402 7480	mountmgr - ok
22:45:58.0428 7480	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
22:45:58.0441 7480	mpio - ok
22:45:58.0458 7480	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:45:58.0494 7480	mpsdrv - ok
22:45:58.0560 7480	MpsSvc          (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
22:45:58.0647 7480	MpsSvc - ok
22:45:58.0677 7480	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
22:45:58.0718 7480	MRxDAV - ok
22:45:58.0837 7480	mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:45:58.0893 7480	mrxsmb - ok
22:45:58.0965 7480	mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:45:59.0023 7480	mrxsmb10 - ok
22:45:59.0042 7480	mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:45:59.0062 7480	mrxsmb20 - ok
22:45:59.0078 7480	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
22:45:59.0090 7480	msahci - ok
22:45:59.0102 7480	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
22:45:59.0118 7480	msdsm - ok
22:45:59.0140 7480	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:45:59.0169 7480	MSDTC - ok
22:45:59.0191 7480	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:45:59.0224 7480	Msfs - ok
22:45:59.0244 7480	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:45:59.0286 7480	mshidkmdf - ok
22:45:59.0301 7480	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
22:45:59.0310 7480	msisadrv - ok
22:45:59.0344 7480	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:45:59.0400 7480	MSiSCSI - ok
22:45:59.0403 7480	msiserver - ok
22:45:59.0413 7480	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:45:59.0449 7480	MSKSSRV - ok
22:45:59.0453 7480	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:45:59.0497 7480	MSPCLOCK - ok
22:45:59.0500 7480	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:45:59.0539 7480	MSPQM - ok
22:45:59.0592 7480	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
22:45:59.0607 7480	MsRPC - ok
22:45:59.0634 7480	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:45:59.0644 7480	mssmbios - ok
22:45:59.0648 7480	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:45:59.0700 7480	MSTEE - ok
22:45:59.0704 7480	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:45:59.0716 7480	MTConfig - ok
22:45:59.0786 7480	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:45:59.0803 7480	Mup - ok
22:45:59.0935 7480	mysql - ok
22:45:59.0986 7480	napagent        (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
22:46:00.0085 7480	napagent - ok
22:46:00.0142 7480	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:46:00.0186 7480	NativeWifiP - ok
22:46:00.0271 7480	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
22:46:00.0308 7480	NDIS - ok
22:46:00.0331 7480	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:46:00.0367 7480	NdisCap - ok
22:46:00.0390 7480	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:46:00.0437 7480	NdisTapi - ok
22:46:00.0453 7480	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
22:46:00.0501 7480	Ndisuio - ok
22:46:00.0525 7480	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:46:00.0573 7480	NdisWan - ok
22:46:00.0659 7480	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
22:46:00.0706 7480	NDProxy - ok
22:46:00.0730 7480	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:46:00.0765 7480	NetBIOS - ok
22:46:00.0800 7480	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
22:46:00.0899 7480	NetBT - ok
22:46:00.0938 7480	Netlogon        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:46:00.0949 7480	Netlogon - ok
22:46:01.0006 7480	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:46:01.0068 7480	Netman - ok
22:46:01.0168 7480	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:46:01.0207 7480	NetMsmqActivator - ok
22:46:01.0211 7480	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:46:01.0227 7480	NetPipeActivator - ok
22:46:01.0272 7480	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:46:01.0339 7480	netprofm - ok
22:46:01.0342 7480	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:46:01.0352 7480	NetTcpActivator - ok
22:46:01.0355 7480	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:46:01.0366 7480	NetTcpPortSharing - ok
22:46:01.0400 7480	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:46:01.0412 7480	nfrd960 - ok
22:46:01.0446 7480	NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
22:46:01.0510 7480	NlaSvc - ok
22:46:01.0542 7480	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:46:01.0582 7480	Npfs - ok
22:46:01.0594 7480	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:46:01.0644 7480	nsi - ok
22:46:01.0656 7480	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:46:01.0704 7480	nsiproxy - ok
22:46:01.0818 7480	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
22:46:01.0890 7480	Ntfs - ok
22:46:01.0964 7480	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:46:02.0028 7480	Null - ok
22:46:02.0070 7480	NVHDA           (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys
22:46:02.0094 7480	NVHDA - ok
22:46:02.0781 7480	nvlddmkm        (19dec2416f159182bdab2585ccbe30c7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:46:03.0103 7480	nvlddmkm - ok
22:46:03.0187 7480	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\DRIVERS\nvraid.sys
22:46:03.0211 7480	nvraid - ok
22:46:03.0232 7480	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\DRIVERS\nvstor.sys
22:46:03.0257 7480	nvstor - ok
22:46:03.0311 7480	nvsvc           (c4935c93c03aca1148e9556092c51262) C:\Windows\system32\nvvsvc.exe
22:46:03.0333 7480	nvsvc - ok
22:46:03.0366 7480	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
22:46:03.0379 7480	nv_agp - ok
22:46:03.0386 7480	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
22:46:03.0397 7480	ohci1394 - ok
22:46:03.0528 7480	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:46:03.0545 7480	ose - ok
22:46:03.0963 7480	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:46:04.0122 7480	osppsvc - ok
22:46:04.0211 7480	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:46:04.0261 7480	p2pimsvc - ok
22:46:04.0308 7480	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:46:04.0336 7480	p2psvc - ok
22:46:04.0415 7480	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:46:04.0427 7480	Parport - ok
22:46:04.0500 7480	partmgr         (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
22:46:04.0513 7480	partmgr - ok
22:46:04.0581 7480	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:46:04.0630 7480	PcaSvc - ok
22:46:04.0660 7480	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
22:46:04.0681 7480	pci - ok
22:46:04.0685 7480	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
22:46:04.0702 7480	pciide - ok
22:46:04.0729 7480	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:46:04.0801 7480	pcmcia - ok
22:46:04.0815 7480	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:46:04.0827 7480	pcw - ok
22:46:04.0879 7480	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:46:04.0950 7480	PEAUTH - ok
22:46:05.0050 7480	PeerDistSvc     (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
22:46:05.0134 7480	PeerDistSvc - ok
22:46:05.0207 7480	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:46:05.0235 7480	PerfHost - ok
22:46:05.0402 7480	pla             (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
22:46:05.0497 7480	pla - ok
22:46:05.0545 7480	PlugPlay        (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
22:46:05.0613 7480	PlugPlay - ok
22:46:05.0659 7480	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:46:05.0689 7480	PNRPAutoReg - ok
22:46:05.0727 7480	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:46:05.0748 7480	PNRPsvc - ok
22:46:05.0797 7480	PolicyAgent     (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
22:46:05.0872 7480	PolicyAgent - ok
22:46:05.0951 7480	postgresql-x64-9.1 - ok
22:46:05.0987 7480	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:46:06.0073 7480	Power - ok
22:46:06.0123 7480	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
22:46:06.0218 7480	PptpMiniport - ok
22:46:06.0237 7480	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:46:06.0263 7480	Processor - ok
22:46:06.0310 7480	ProfSvc         (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
22:46:06.0377 7480	ProfSvc - ok
22:46:06.0439 7480	ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:46:06.0457 7480	ProtectedStorage - ok
22:46:06.0488 7480	Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
22:46:06.0547 7480	Psched - ok
22:46:06.0659 7480	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:46:06.0723 7480	ql2300 - ok
22:46:06.0829 7480	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:46:06.0854 7480	ql40xx - ok
22:46:06.0892 7480	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:46:06.0918 7480	QWAVE - ok
22:46:06.0923 7480	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:46:06.0947 7480	QWAVEdrv - ok
22:46:06.0950 7480	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:46:07.0000 7480	RasAcd - ok
22:46:07.0039 7480	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:46:07.0077 7480	RasAgileVpn - ok
22:46:07.0082 7480	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:46:07.0131 7480	RasAuto - ok
22:46:07.0187 7480	Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:46:07.0244 7480	Rasl2tp - ok
22:46:07.0322 7480	RasMan          (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
22:46:07.0382 7480	RasMan - ok
22:46:07.0447 7480	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:46:07.0517 7480	RasPppoe - ok
22:46:07.0553 7480	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:46:07.0598 7480	RasSstp - ok
22:46:07.0636 7480	rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
22:46:07.0684 7480	rdbss - ok
22:46:07.0693 7480	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:46:07.0709 7480	rdpbus - ok
22:46:07.0715 7480	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:46:07.0752 7480	RDPCDD - ok
22:46:07.0792 7480	RDPDR           (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
22:46:07.0846 7480	RDPDR - ok
22:46:07.0851 7480	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:46:07.0906 7480	RDPENCDD - ok
22:46:07.0914 7480	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:46:07.0953 7480	RDPREFMP - ok
22:46:08.0004 7480	RDPWD           (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
22:46:08.0041 7480	RDPWD - ok
22:46:08.0072 7480	rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
22:46:08.0097 7480	rdyboost - ok
22:46:08.0107 7480	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:46:08.0160 7480	RemoteAccess - ok
22:46:08.0180 7480	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:46:08.0230 7480	RemoteRegistry - ok
22:46:08.0290 7480	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
22:46:08.0360 7480	RFCOMM - ok
22:46:08.0424 7480	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:46:08.0474 7480	RpcEptMapper - ok
22:46:08.0501 7480	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:46:08.0514 7480	RpcLocator - ok
22:46:08.0553 7480	RpcSs           (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:46:08.0604 7480	RpcSs - ok
22:46:08.0620 7480	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:46:08.0684 7480	rspndr - ok
22:46:08.0769 7480	RTL8167         (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:46:08.0803 7480	RTL8167 - ok
22:46:08.0831 7480	s3cap           (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
22:46:08.0863 7480	s3cap - ok
22:46:08.0897 7480	SamSs           (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:46:08.0914 7480	SamSs - ok
22:46:08.0938 7480	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
22:46:08.0958 7480	sbp2port - ok
22:46:08.0997 7480	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:46:09.0050 7480	SCardSvr - ok
22:46:09.0063 7480	scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
22:46:09.0117 7480	scfilter - ok
22:46:09.0210 7480	Schedule        (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
22:46:09.0277 7480	Schedule - ok
22:46:09.0307 7480	SCPolicySvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:46:09.0342 7480	SCPolicySvc - ok
22:46:09.0417 7480	sdbus           (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\drivers\sdbus.sys
22:46:09.0451 7480	sdbus - ok
22:46:09.0466 7480	SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
22:46:09.0505 7480	SDRSVC - ok
22:46:09.0511 7480	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:46:09.0584 7480	secdrv - ok
22:46:09.0636 7480	seclogon        (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
22:46:09.0725 7480	seclogon - ok
22:46:09.0775 7480	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:46:09.0825 7480	SENS - ok
22:46:09.0831 7480	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:46:09.0857 7480	SensrSvc - ok
22:46:09.0868 7480	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:46:09.0880 7480	Serenum - ok
22:46:09.0908 7480	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:46:09.0921 7480	Serial - ok
22:46:09.0949 7480	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:46:09.0963 7480	sermouse - ok
22:46:09.0989 7480	SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
22:46:10.0032 7480	SessionEnv - ok
22:46:10.0058 7480	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:46:10.0084 7480	sffdisk - ok
22:46:10.0115 7480	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:46:10.0135 7480	sffp_mmc - ok
22:46:10.0165 7480	sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
22:46:10.0185 7480	sffp_sd - ok
22:46:10.0191 7480	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:46:10.0207 7480	sfloppy - ok
22:46:10.0271 7480	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:46:10.0334 7480	SharedAccess - ok
22:46:10.0367 7480	ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
22:46:10.0397 7480	ShellHWDetection - ok
22:46:10.0402 7480	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:46:10.0412 7480	SiSRaid2 - ok
22:46:10.0420 7480	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:46:10.0431 7480	SiSRaid4 - ok
22:46:10.0527 7480	SkypeUpdate     (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:46:10.0561 7480	SkypeUpdate - ok
22:46:10.0616 7480	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:46:10.0668 7480	Smb - ok
22:46:10.0683 7480	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:46:10.0708 7480	SNMPTRAP - ok
22:46:10.0712 7480	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:46:10.0712 7480	spldr - ok
22:46:10.0788 7480	Spooler         (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
22:46:10.0827 7480	Spooler - ok
22:46:11.0015 7480	sppsvc          (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
22:46:11.0124 7480	sppsvc - ok
22:46:11.0204 7480	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:46:11.0259 7480	sppuinotify - ok
22:46:11.0313 7480	srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
22:46:11.0446 7480	srv - ok
22:46:11.0481 7480	srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
22:46:11.0513 7480	srv2 - ok
22:46:11.0533 7480	srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
22:46:11.0593 7480	srvnet - ok
22:46:11.0629 7480	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:46:11.0715 7480	SSDPSRV - ok
22:46:11.0755 7480	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:46:11.0793 7480	SstpSvc - ok
22:46:11.0843 7480	stdflt          (3d69f5f3beb8aa28d7f46f5548b8d6d7) C:\Windows\system32\DRIVERS\stdflt.sys
22:46:11.0855 7480	stdflt - ok
22:46:11.0886 7480	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:46:11.0907 7480	stexstor - ok
22:46:11.0965 7480	stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
22:46:12.0005 7480	stisvc - ok
22:46:12.0023 7480	storflt         (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
22:46:12.0037 7480	storflt - ok
22:46:12.0052 7480	StorSvc         (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
22:46:12.0085 7480	StorSvc - ok
22:46:12.0104 7480	storvsc         (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
22:46:12.0140 7480	storvsc - ok
22:46:12.0152 7480	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:46:12.0166 7480	swenum - ok
22:46:12.0208 7480	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:46:12.0265 7480	swprv - ok
22:46:12.0379 7480	SysMain         (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
22:46:12.0453 7480	SysMain - ok
22:46:12.0550 7480	TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
22:46:12.0592 7480	TabletInputService - ok
22:46:12.0673 7480	TapiSrv         (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
22:46:12.0759 7480	TapiSrv - ok
22:46:12.0828 7480	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:46:12.0889 7480	TBS - ok
22:46:13.0063 7480	Tcpip           (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
22:46:13.0149 7480	Tcpip - ok
22:46:13.0324 7480	TCPIP6          (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
22:46:13.0370 7480	TCPIP6 - ok
22:46:13.0438 7480	tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
22:46:13.0485 7480	tcpipreg - ok
22:46:13.0499 7480	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:46:13.0523 7480	TDPIPE - ok
22:46:13.0567 7480	TDTCP           (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
22:46:13.0602 7480	TDTCP - ok
22:46:13.0604 7480	tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
22:46:13.0666 7480	tdx - ok
22:46:14.0015 7480	TeamViewer7     (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
22:46:14.0152 7480	TeamViewer7 - ok
22:46:14.0204 7480	TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
22:46:14.0222 7480	TermDD - ok
22:46:14.0291 7480	TermService     (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
22:46:14.0375 7480	TermService - ok
22:46:14.0421 7480	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:46:14.0469 7480	Themes - ok
22:46:14.0487 7480	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:46:14.0553 7480	THREADORDER - ok
22:46:14.0586 7480	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:46:14.0637 7480	TrkWks - ok
22:46:14.0688 7480	TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
22:46:14.0702 7480	TrustedInstaller - ok
22:46:14.0708 7480	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:46:14.0761 7480	tssecsrv - ok
22:46:14.0797 7480	tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
22:46:14.0866 7480	tunnel - ok
22:46:14.0902 7480	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:46:14.0913 7480	uagp35 - ok
22:46:14.0957 7480	udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
22:46:15.0153 7480	udfs - ok
22:46:15.0189 7480	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:46:15.0214 7480	UI0Detect - ok
22:46:15.0232 7480	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
22:46:15.0244 7480	uliagpkx - ok
22:46:15.0263 7480	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
22:46:15.0286 7480	umbus - ok
22:46:15.0290 7480	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:46:15.0303 7480	UmPass - ok
22:46:15.0331 7480	UmRdpService    (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
22:46:15.0358 7480	UmRdpService - ok
22:46:15.0391 7480	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:46:15.0449 7480	upnphost - ok
22:46:15.0495 7480	USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
22:46:15.0523 7480	USBAAPL64 - ok
22:46:15.0550 7480	usbccgp         (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
22:46:15.0585 7480	usbccgp - ok
22:46:15.0622 7480	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
22:46:15.0656 7480	usbcir - ok
22:46:15.0675 7480	usbehci         (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
22:46:15.0688 7480	usbehci - ok
22:46:15.0733 7480	usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
22:46:15.0773 7480	usbhub - ok
22:46:15.0781 7480	usbohci         (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
22:46:15.0807 7480	usbohci - ok
22:46:15.0825 7480	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:46:15.0847 7480	usbprint - ok
22:46:15.0901 7480	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:46:15.0939 7480	usbscan - ok
22:46:15.0969 7480	USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:46:16.0008 7480	USBSTOR - ok
22:46:16.0025 7480	usbuhci         (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:46:16.0044 7480	usbuhci - ok
22:46:16.0098 7480	usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
22:46:16.0165 7480	usbvideo - ok
22:46:16.0234 7480	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:46:16.0279 7480	UxSms - ok
22:46:16.0311 7480	VaultSvc        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:46:16.0323 7480	VaultSvc - ok
22:46:16.0389 7480	VBoxDrv         (ba20a718e25228b9d69d72e4f19edeb5) C:\Windows\system32\DRIVERS\VBoxDrv.sys
22:46:16.0421 7480	VBoxDrv - ok
22:46:16.0490 7480	VBoxNetAdp      (48630b4530c80aaf3dde9633e4291d8c) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:46:16.0511 7480	VBoxNetAdp - ok
22:46:16.0576 7480	VBoxNetFlt      (8b86a00d13e2dcbfe320061f3435faff) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
22:46:16.0597 7480	VBoxNetFlt - ok
22:46:16.0651 7480	VBoxUSBMon      (cec73cea22b7258c0a8f2354dc49d25c) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
22:46:16.0677 7480	VBoxUSBMon - ok
22:46:16.0701 7480	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
22:46:16.0715 7480	vdrvroot - ok
22:46:16.0765 7480	vds             (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
22:46:16.0800 7480	vds - ok
22:46:16.0810 7480	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:46:16.0842 7480	vga - ok
22:46:16.0859 7480	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:46:16.0928 7480	VgaSave - ok
22:46:16.0982 7480	vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
22:46:17.0038 7480	vhdmp - ok
22:46:17.0096 7480	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
22:46:17.0124 7480	viaide - ok
22:46:17.0170 7480	vmbus           (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
22:46:17.0197 7480	vmbus - ok
22:46:17.0217 7480	VMBusHID        (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
22:46:17.0238 7480	VMBusHID - ok
22:46:17.0253 7480	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
22:46:17.0267 7480	volmgr - ok
22:46:17.0313 7480	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
22:46:17.0334 7480	volmgrx - ok
22:46:17.0373 7480	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
22:46:17.0394 7480	volsnap - ok
22:46:17.0446 7480	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:46:17.0471 7480	vsmraid - ok
22:46:17.0660 7480	VSPerfDrv100    (1928b9ca20f51bfbbad54d2c2c447b13) C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
22:46:17.0676 7480	VSPerfDrv100 - ok
22:46:17.0809 7480	VSS             (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
22:46:17.0920 7480	VSS - ok
22:46:18.0144 7480	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:46:18.0172 7480	vwifibus - ok
22:46:18.0219 7480	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:46:18.0256 7480	vwififlt - ok
22:46:18.0268 7480	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:46:18.0284 7480	vwifimp - ok
22:46:18.0332 7480	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:46:18.0384 7480	W32Time - ok
22:46:18.0390 7480	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:46:18.0413 7480	WacomPen - ok
22:46:18.0439 7480	WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:46:18.0488 7480	WANARP - ok
22:46:18.0491 7480	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:46:18.0527 7480	Wanarpv6 - ok
22:46:18.0629 7480	wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
22:46:18.0703 7480	wbengine - ok
22:46:18.0779 7480	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:46:18.0816 7480	WbioSrvc - ok
22:46:18.0864 7480	wcncsvc         (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
22:46:18.0914 7480	wcncsvc - ok
22:46:18.0927 7480	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:46:18.0947 7480	WcsPlugInService - ok
22:46:18.0964 7480	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:46:18.0976 7480	Wd - ok
22:46:19.0024 7480	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:46:19.0062 7480	Wdf01000 - ok
22:46:19.0110 7480	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:46:19.0166 7480	WdiServiceHost - ok
22:46:19.0170 7480	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:46:19.0194 7480	WdiSystemHost - ok
22:46:19.0276 7480	WebClient       (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
22:46:19.0340 7480	WebClient - ok
22:46:19.0455 7480	WebDriveFSD     (1c7a4545e4d9bb91cedf30be26fdd05a) C:\Program Files\WebDrive\wdfsd.sys
22:46:19.0473 7480	WebDriveFSD - ok
22:46:19.0714 7480	WebDriveService (0343416117a1f839e20514d44bbe289c) C:\Program Files\WebDrive\wdService.exe
22:46:19.0841 7480	WebDriveService - ok
22:46:19.0958 7480	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:46:20.0021 7480	Wecsvc - ok
22:46:20.0038 7480	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:46:20.0083 7480	wercplsupport - ok
22:46:20.0099 7480	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:46:20.0135 7480	WerSvc - ok
22:46:20.0176 7480	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:46:20.0213 7480	WfpLwf - ok
22:46:20.0262 7480	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:46:20.0289 7480	WIMMount - ok
22:46:20.0379 7480	WinDefend - ok
22:46:20.0387 7480	WinHttpAutoProxySvc - ok
22:46:20.0466 7480	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:46:20.0530 7480	Winmgmt - ok
22:46:20.0657 7480	WinRM           (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
22:46:20.0793 7480	WinRM - ok
22:46:20.0899 7480	WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
22:46:20.0927 7480	WinUsb - ok
22:46:20.0998 7480	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:46:21.0042 7480	Wlansvc - ok
22:46:21.0395 7480	wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:46:21.0474 7480	wlidsvc - ok
22:46:21.0527 7480	wltrysvc        (de816a0624d54d68e1fb8a9028dcf81a) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
22:46:21.0545 7480	wltrysvc ( UnsignedFile.Multi.Generic ) - warning
22:46:21.0545 7480	wltrysvc - detected UnsignedFile.Multi.Generic (1)
22:46:21.0656 7480	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:46:21.0688 7480	WmiAcpi - ok
22:46:21.0761 7480	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:46:21.0858 7480	wmiApSrv - ok
22:46:21.0903 7480	WMPNetworkSvc - ok
22:46:21.0953 7480	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:46:21.0977 7480	WPCSvc - ok
22:46:22.0028 7480	WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
22:46:22.0065 7480	WPDBusEnum - ok
22:46:22.0071 7480	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:46:22.0143 7480	ws2ifsl - ok
22:46:22.0166 7480	wscsvc          (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
22:46:22.0188 7480	wscsvc - ok
22:46:22.0191 7480	WSearch - ok
22:46:22.0369 7480	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:46:22.0464 7480	wuauserv - ok
22:46:22.0544 7480	WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
22:46:22.0594 7480	WudfPf - ok
22:46:22.0630 7480	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:46:22.0686 7480	WUDFRd - ok
22:46:22.0711 7480	wudfsvc         (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
22:46:22.0760 7480	wudfsvc - ok
22:46:22.0786 7480	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:46:22.0815 7480	WwanSvc - ok
22:46:22.0854 7480	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:46:23.0199 7480	\Device\Harddisk0\DR0 - ok
22:46:23.0662 7480	MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
22:46:23.0810 7480	\Device\Harddisk1\DR1 - ok
22:46:23.0813 7480	Boot (0x1200)   (6f3ce5805e604552edf5ca231c970acf) \Device\Harddisk0\DR0\Partition0
22:46:23.0813 7480	\Device\Harddisk0\DR0\Partition0 - ok
22:46:23.0828 7480	Boot (0x1200)   (86b9bc70d8be0cfe688d76f929716337) \Device\Harddisk0\DR0\Partition1
22:46:23.0828 7480	\Device\Harddisk0\DR0\Partition1 - ok
22:46:23.0848 7480	Boot (0x1200)   (c35ed14c9512243d9375a7d90d7d9d3e) \Device\Harddisk1\DR1\Partition0
22:46:23.0850 7480	\Device\Harddisk1\DR1\Partition0 - ok
22:46:23.0851 7480	============================================================
22:46:23.0851 7480	Scan finished
22:46:23.0851 7480	============================================================
22:46:23.0865 9540	Detected object count: 4
22:46:23.0865 9540	Actual detected object count: 4
22:46:38.0210 9540	Apache2.4 ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:38.0210 9540	Apache2.4 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:46:38.0211 9540	DpHost ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:38.0211 9540	DpHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:46:38.0213 9540	InstallFilterService ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:38.0213 9540	InstallFilterService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:46:38.0215 9540	wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:46:38.0216 9540	wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Gruß,
Louis

Ich fahr jetzt auch erstmal in Urlaub und lass die Kiste hier ;-)
Am 13. oder 14. bin ich wieder da, dann meld ich mich nochmal.

Bis dahin schonmal vielen Dank für Deine Hilfe!
__________________


Alt 04.08.2012, 12:41   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 - Standard

Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8



Ok, dann wünsche ich schonmal einen erholsamen Urlaub
Meld dich einfach wieder wenn du da bist
__________________
__________________

Alt 16.08.2012, 12:34   #19
LouisM
 
Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 - Standard

Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8



So, da bin ich wieder. Es kann weiter gehen.

Alt 16.08.2012, 13:55   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 - Standard

Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8



Gut. Bald bin ich aber für ne Woche weg

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.08.2012, 19:09   #21
LouisM
 
Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 - Standard

Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8



Hallo cosinus,

wir wollen ja nicht, dass es Dir nach Deinem Urlaub langweilig wird, daher hier das Log von ComboFix
Code:
ATTFilter
ComboFix 12-08-25.04 - **** 26.08.2012  19:42:47.1.4 - x64
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.3895.2066 [GMT 2:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-26 bis 2012-08-26  ))))))))))))))))))))))))))))))
.
.
2012-08-26 10:44 . 2012-08-26 10:44	--------	d-----w-	c:\programdata\TeamDrive3
2012-08-24 07:36 . 2012-08-01 22:58	9309624	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{72058082-A955-4376-B237-5456AE9712EB}\mpengine.dll
2012-08-23 11:56 . 2012-08-23 11:56	--------	d-----w-	c:\users\****\AppData\Local\Apple_Inc
2012-08-23 11:55 . 2012-08-23 11:55	--------	d-----w-	c:\program files (x86)\iPhone-Konfigurationsprogramm
2012-08-21 16:11 . 2012-08-21 16:25	--------	d-----w-	C:\Qt
2012-08-16 23:14 . 2012-07-06 19:58	552448	----a-w-	c:\windows\system32\drivers\bthport.sys
2012-08-16 23:12 . 2012-06-29 03:56	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-08-16 06:42 . 2012-05-05 08:30	503808	----a-w-	c:\windows\system32\srcore.dll
2012-08-16 06:42 . 2012-05-05 07:44	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2012-08-16 06:42 . 2012-02-11 06:36	751104	----a-w-	c:\windows\system32\win32spl.dll
2012-08-16 06:42 . 2012-02-11 06:29	559104	----a-w-	c:\windows\system32\spoolsv.exe
2012-08-16 06:42 . 2012-02-11 06:29	67584	----a-w-	c:\windows\splwow64.exe
2012-08-16 06:42 . 2012-02-11 05:44	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2012-08-16 06:42 . 2012-07-04 22:04	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-08-16 06:42 . 2012-07-04 22:01	58880	----a-w-	c:\windows\system32\browcli.dll
2012-08-16 06:42 . 2012-07-04 22:01	136704	----a-w-	c:\windows\system32\browser.dll
2012-08-16 06:42 . 2012-07-04 21:23	41472	----a-w-	c:\windows\SysWow64\browcli.dll
2012-08-16 06:42 . 2012-07-18 17:31	3146752	----a-w-	c:\windows\system32\win32k.sys
2012-08-16 06:42 . 2012-05-14 05:20	956416	----a-w-	c:\windows\system32\localspl.dll
2012-08-03 10:37 . 2012-08-03 10:37	--------	d-----w-	C:\_OTL
2012-08-02 17:06 . 2012-08-02 17:06	--------	d-----w-	c:\program files (x86)\Team17
2012-08-02 17:06 . 2000-10-05 12:55	221184	----a-w-	c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll
2012-08-02 17:06 . 2000-10-05 12:50	221184	----a-w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2012-08-02 17:06 . 2000-10-05 12:55	77824	----a-w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-08-02 17:06 . 2000-10-05 12:49	32768	----a-w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2012-07-31 12:42 . 2012-08-24 14:05	--------	d-----w-	c:\users\****\AppData\Roaming\KeePass
2012-07-31 12:26 . 2012-07-31 12:26	--------	d-----w-	c:\program files (x86)\KeePass Password Safe 2
2012-07-30 20:21 . 2012-07-30 20:21	--------	d-----w-	c:\program files (x86)\ESET
2012-07-30 14:59 . 2012-07-30 14:59	--------	d-----w-	c:\users\****\AppData\Roaming\Malwarebytes
2012-07-30 14:57 . 2012-07-30 14:57	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-30 14:57 . 2012-07-30 14:57	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-30 14:57 . 2012-07-03 11:46	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 23:09 . 2012-03-05 08:15	62134624	----a-w-	c:\windows\system32\MRT.exe
2012-08-15 19:47 . 2012-04-11 20:38	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 19:47 . 2011-11-14 20:56	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-09 05:30 . 2012-07-11 12:12	14165504	----a-w-	c:\windows\system32\shell32.dll
2012-06-06 06:49 . 2012-06-06 06:49	1070152	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 05:50 . 2012-07-11 12:13	1880064	----a-w-	c:\windows\system32\msxml3.dll
2012-06-06 05:50 . 2012-07-11 12:13	2003968	----a-w-	c:\windows\system32\msxml6.dll
2012-06-06 05:09 . 2012-07-11 12:13	1389568	----a-w-	c:\windows\SysWow64\msxml6.dll
2012-06-06 05:09 . 2012-07-11 12:13	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2012-06-02 22:19 . 2012-06-22 07:33	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 07:33	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 07:33	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 07:33	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 07:33	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 07:33	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 07:33	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 07:33	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-22 07:33	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-02 05:38 . 2012-07-11 12:12	95088	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:38 . 2012-07-11 12:12	152432	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:37 . 2012-07-11 12:12	459216	----a-w-	c:\windows\system32\drivers\cng.sys
2012-06-02 05:27 . 2012-07-11 12:12	340992	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 05:27 . 2012-07-11 12:12	307200	----a-w-	c:\windows\system32\ncrypt.dll
2012-06-02 04:48 . 2012-07-11 12:12	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-06-02 04:48 . 2012-07-11 12:12	225280	----a-w-	c:\windows\SysWow64\schannel.dll
2012-06-02 04:47 . 2012-07-11 12:12	219136	----a-w-	c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:42 . 2012-07-11 12:12	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2011-11-13 20:37	279656	------w-	c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02	94208	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02	94208	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02	94208	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebDriveTray"="c:\program files\WebDrive\webdrive.exe" [2012-02-27 2767608]
"Ubuntu One"="c:\program files (x86)\ubuntuone\dist\ubuntuone-syncdaemon.exe" [2011-12-16 58536]
"Ubuntu One Icon"="c:\program files (x86)\ubuntuone\dist\ubuntuone-control-panel-qt.exe" [2011-12-16 53928]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"InstallIQUpdater"="c:\program files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-10-11 1179648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-05-12 842816]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-14 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2012-05-01 1895424]
.
c:\users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
TeamDrive starten.lnk - c:\program files (x86)\TeamDrive 3\TeamDrive3.exe [2012-7-23 11530616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-10-20 1082144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 ALSysIO;ALSysIO;c:\users\JULIAN~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2009-11-27 19504]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-19 27760]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-20 283200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-05-22 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-05-22 130904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-09 86224]
S2 Apache2.4;Apache2.4;c:\xampp\apache\bin\httpd.exe [2012-06-06 22016]
S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-11-29 59904]
S2 postgresql-x64-9.1;postgresql-x64-9.1 - PostgreSQL Server 9.1;C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N postgresql-x64-9.1 -D C:/Program Files/PostgreSQL/9.1/data -w [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 WebDriveFSD;WebDrive Filesystem Driver;c:\program files\WebDrive\wdfsd.sys [2012-02-27 89336]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-11-27 25136]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-05-22 147288]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-05-22 166232]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 19:47]
.
2012-08-26 c:\windows\Tasks\MATLAB R2012a Startup Accelerator.job
- c:\program files\MATLAB\R2012a\bin\win64\MATLABStartupAccelerator.exe [2012-05-20 01:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02	97792	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02	97792	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02	97792	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02	97792	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\WebDrive]
@="{37D70BD3-073C-4180-ADD9-C032EA5A7204}"
[HKEY_CLASSES_ROOT\CLSID\{37D70BD3-073C-4180-ADD9-C032EA5A7204}]
2012-02-27 13:12	2229760	----a-w-	c:\windows\System32\wdShellExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2011-11-13 5712896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-08 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-08 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-08 414744]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-24 16416360]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896]
"combofix"="c:\combofix\CF12107.3XE" [2009-07-14 344576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\apnt54ca.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.1]
"ImagePath"="C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.1\" -D \"C:/Program Files/PostgreSQL/9.1/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.1]
"ImagePath"="C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.1\" -D \"C:/Program Files/PostgreSQL/9.1/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\xampp\mysql\bin\mysqld.exe
c:\program files (x86)\ubuntuone\dist\ubuntu-sso-login.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-26  20:06:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-08-26 18:06
.
Vor Suchlauf: 21 Verzeichnis(se), 153.086.914.560 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 152.376.954.880 Bytes frei
.
- - End Of File - - 3EA917CD27519F462576D69021E2EFC1
         
Viele grüße,
Louis

Alt 30.08.2012, 18:45   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 - Standard

Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8



Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
ATTFilter
Dirlook::
C:\Qt
c:\program files (x86)\Team17
         
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.



6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8
7-zip, adobe, antivirus, application/pdf:, autorun, avg, avira, bho, bonjour, browser, cpu, document, eraser, error, firefox, flash player, format, gesperrt, grand theft auto, helper, helper.exe, install.exe, langs, mp3, nicht sicher, ntdll.dll, plug-in, realtek, registry, rundll, software, tr/crpyt.epack.gen8, tr/crypt.zpack.gen8, tr/vcaredrix.a.3, tracker, trojaner, udp, virtualbox, visual studio, windows, wlan, wrapper



Ähnliche Themen: Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8


  1. TR/Crypt.ZPACK.Gen8 gefunden
    Log-Analyse und Auswertung - 23.01.2014 (5)
  2. Trojaner "TR/Crypt.ZPACK.Gen8" in C:\Users\johanna\AppData\Roaming\skype.dat via Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.09.2013 (7)
  3. Probleme mit der Tastatur und dann TR/Crypt.ZPACK.Gen8 von Avira gefunden...
    Log-Analyse und Auswertung - 31.05.2013 (4)
  4. C:TR/Crypt.ZPACK.Gen8
    Log-Analyse und Auswertung - 12.03.2013 (23)
  5. TR/Crypt/ZPACK.Gen8 in Avira Quarantäne
    Log-Analyse und Auswertung - 04.03.2013 (20)
  6. AVIRA meldet 'TR/Crypt.ZPACK.Gen8' (C:\System Volume Information\_restore{...}\RP353\A0103375.exe)
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (11)
  7. TR/Crypt.ZPACK.GEN8 in C:\Windows\System32\wmidxu.dll durch Avira gefunden und isoliert
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (21)
  8. TR/Crypt.EPACK.Gen2 / TR/Spy.Banker.Gen8
    Plagegeister aller Art und deren Bekämpfung - 22.11.2012 (5)
  9. Avira findet TR/Spy.Banker.Gen8 und TR/Crypt.EPACK.Gen2 - wie werd ich die wieder los?
    Log-Analyse und Auswertung - 14.11.2012 (8)
  10. Verschlüsselungstrojaner noch auf PC? (TR/Crypt.EPACK.Gen8, wroui.dll)
    Plagegeister aller Art und deren Bekämpfung - 07.10.2012 (3)
  11. TR/Crypt.EPACK.Gen8, TR/Crypt.XPACK.Gen, TR/Vcaredrix.A.3 und einige EXP/CVE-xx, EXP/2010-xx Viren.
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (7)
  12. TR/Crypt.XPACK.Gen8 - TR/Crypt.EPACK.Gen2 - TR/ATRAPS.Gen
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (18)
  13. Virus TR/Crypt.EPACK.Gen8' [trojan] > Daten verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 19.06.2012 (1)
  14. TR/Crypt.ZPACK.GEN8
    Log-Analyse und Auswertung - 09.06.2012 (6)
  15. TR/Crypt.ZPACK.GEN8 - nach Start schwarzer Desktop, keine Progr./Dateien; AVIRA Warnung, Systemfehle
    Log-Analyse und Auswertung - 19.05.2012 (1)
  16. TR/Crypt.ZPACK.Gen8 - Virusproblem
    Log-Analyse und Auswertung - 17.05.2012 (10)
  17. TR/Crypt.ZPACK.GEN8 - nach Start schwarzer Desktop, keine Progr./Dateien; AVIRA Warnung, Systemfehle
    Log-Analyse und Auswertung - 17.04.2012 (19)

Zum Thema Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 - Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis : Bitte den Virenscanner abstellen bevor du den - Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8...
Archiv
Du betrachtest: Avira findet TR/Crypt.ZPACK.Gen8, TR/Vcaredrix.A.3 und Tr/Crpyt.EPACK.Gen8 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.