| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.08.2012, 17:36
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  GVU eingefangen Ist das rein zufällig ein Büro- bzw. hauptsächlich gewerblich genutzer PC?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.08.2012, 10:15
| #17 |
 | GVU eingefangen Hallo,
__________________Büro bezeichnet nur den Standort, also rein privat! Hatte früher mal Vermietung und home-Office und immer schon PC's und die stehen halt jetzt im "Büro" Jonny |
|
18.08.2012, 13:41
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU eingefangen Und was ist das für ein Plattenzirkus was du da in deinem Rechner hast von Laufwerk C bis Y
__________________ Oder sind die meisten davon Netzwerlaufwerke, die auch nicht in dieser Anzahl besonders typisch sind für reine Heimanwender? Zitat:
__________________ |
|
18.08.2012, 14:11
| #19 |
| | GVU eingefangen Hallo, mal ganz vorsichtig gefragt: ist Deine Anfrage wesentlich für die Bereinigung des Systems? Aber, ich habe keine Geheimnisse, hier die Verwendung der LW's: C:\ = Systempartition WIN7 D:\ = Datenpartition WIN7 E:\ = Musikpartition WIN7 F:\ = Grafik- bzw Fotopartition WIN7 G:\ = DVD-LW I - L = Kartenslots N:\ = Netzlaufwerk (meins) O:\ = Netzlaufwerk (meiner Frau) P:\ = Netzlaufwerk (meiner Tochter) R:\ = Systempartition VISTA auf zweiter Platte (dort C:\) S:\ = Sicherungspartition für WIN7 Systemsicherung auf zweiter Platte (dort D:\) T:\ = Netzlaufwerk (AktivityMediaCenter) Fotos, verbunden mit HUMAX U:\ = Netzlaufwerk (AktivityMediaCenter) Musik, verbunden mit HUMAX V:\ = Netzlaufwerk (AktivityMediaCenter) Videoas, verbunden mit HUMAX X:\ = externe Festplatte, Video-Vearbeitungspartition Y:\ = externe Festplasse, Sicherungspartition für Netzlaufwerke N, O, P, T, U und V Das mag evtl. wie ein Zirkus aussehen, hat aber m.E. durchaus System. Da die Rechner meiner Frau und meiner Tochter lokal nicht gesichert werden, arbeiten sie jeweils nur auf den Netzlaufwerken. Nochmals, wir sind nicht gewerblich, sondern eben nur ein Haushalt mit mehreren PC's und ich lege halt nun mal wert auf korekte Sicherung unserer Daten, da mir schon zweimal Festplatten abgeraucht sind! Zu Deier Frage hinsichtlich 64 Bit: Der Sohn meiner Frau war bis 2011 bei Fujitsu beschäftigt und hatte offiziellen Zugang zu mehreren WIN7 Lizenzen. Warum sollte ich da bei meinem Rechner nicht die 64 Bit Version einsetzen? Ich hoffe Deine Fragen ausreichend beantwortet zu haben. LG Jonny |
|
18.08.2012, 14:29
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU eingefangen Danke - ich muss einfach Sachen auf den Grund gehen wenn sie mir komisch vorkommen, Büro-PCs werden nämlich idR nicht bereinigt Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKU\S-1-5-21-1876380478-2552088986-1969383942-1003\..\SearchScopes\{196C1E5A-D5BA-47F8-BF8F-5E81F6C67A99}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1587&src=kw&q={searchTerms}&locale=de_US&apn_ptnrs=^AA9&apn_dtid=^YYYYYY^YY^US&apn_uid=DAA7821A-9D02-4DDB-8F6A-4546A57E7680&apn_sauid=5E635920-C329-42C5-A81C-754FD59B7C86
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-1876380478-2552088986-1969383942-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-1876380478-2552088986-1969383942-1003..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1876380478-2552088986-1969383942-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1876380478-2552088986-1969383942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 00 00 00 02 [binary data]
O7 - HKU\S-1-5-21-1876380478-2552088986-1969383942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1876380478-2552088986-1969383942-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 00 00 00 02 [binary data]
O7 - HKU\S-1-5-21-1876380478-2552088986-1969383942-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.01.12 20:09:32 | 000,000,000 | ---D | M] - E:\Auto -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - R:\autoexec.bat -- [ NTFS ]
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C7D0F96D
:Files
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache
D:\Programme_sicherung\Netz-Tools\Netzmanager\SoftonicDownloader_fuer_netzmanager.exe
C:\Users\Jonny\AppData\Roaming\kock
C:\Users\Jonny\AppData\Roaming\UAs
C:\Users\Jonny\AppData\Roaming\xmldm
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.08.2012, 12:36
| #21 |
| | GVU eingefangen Hi, sorry, wusste ich nicht, dass nur private Rechner bereinigt, verstehe ich natütrlich! Hier das Log: Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-1876380478-2552088986-1969383942-1003\Software\Microsoft\Internet Explorer\SearchScopes\{196C1E5A-D5BA-47F8-BF8F-5E81F6C67A99}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{196C1E5A-D5BA-47F8-BF8F-5E81F6C67A99}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1876380478-2552088986-1969383942-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1876380478-2552088986-1969383942-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1876380478-2552088986-1969383942-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLinkedConnections deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1876380478-2552088986-1969383942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1876380478-2552088986-1969383942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1876380478-2552088986-1969383942-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1876380478-2552088986-1969383942-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File not found.
R:\autoexec.bat moved successfully.
ADS C:\ProgramData\TEMP:C7D0F96D deleted successfully.
========== FILES ==========
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\users\Jonny\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
File\Folder D:\Programme_sicherung\Netz-Tools\Netzmanager\SoftonicDownloader_fuer_netzmanager.exe not found.
C:\Users\Jonny\AppData\Roaming\kock folder moved successfully.
C:\Users\Jonny\AppData\Roaming\UAs folder moved successfully.
C:\Users\Jonny\AppData\Roaming\xmldm folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Anneliese
->Temp folder emptied: 130627 bytes
->Temporary Internet Files folder emptied: 27749316 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 979 bytes
User: Carolin
->Temp folder emptied: 112612 bytes
->Temporary Internet Files folder emptied: 144991794 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1674 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Jonny
->Temp folder emptied: 24552601 bytes
->Temporary Internet Files folder emptied: 3911301933 bytes
->Flash cache emptied: 144158 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 1871354 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 508928 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2380838 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67899 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 3.923,00 mb
[EMPTYFLASH]
User: Administrator
User: Anneliese
->Flash cache emptied: 0 bytes
User: Carolin
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Jonny
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.57.0 log created on 08192012_132515
Files\Folders moved on Reboot...
C:\Users\Jonny\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\Jonny\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
|
|
20.08.2012, 17:12
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU eingefangen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.08.2012, 12:07
| #23 |
| | GVU eingefangen Hi, hier TDSSKilleer: Code:
ATTFilter 12:58:17.0453 3020 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
12:58:17.0640 3020 ============================================================
12:58:17.0640 3020 Current date / time: 2012/08/21 12:58:17.0640
12:58:17.0640 3020 SystemInfo:
12:58:17.0640 3020
12:58:17.0640 3020 OS Version: 6.1.7601 ServicePack: 1.0
12:58:17.0640 3020 Product type: Workstation
12:58:17.0640 3020 ComputerName: JONNY-BUERO-7
12:58:17.0640 3020 UserName: Jonny
12:58:17.0640 3020 Windows directory: C:\Windows
12:58:17.0640 3020 System windows directory: C:\Windows
12:58:17.0640 3020 Running under WOW64
12:58:17.0640 3020 Processor architecture: Intel x64
12:58:17.0640 3020 Number of processors: 4
12:58:17.0640 3020 Page size: 0x1000
12:58:17.0640 3020 Boot type: Normal boot
12:58:17.0640 3020 ============================================================
12:58:22.0788 3020 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:58:22.0788 3020 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:58:22.0804 3020 Drive \Device\Harddisk6\DR6 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:58:22.0819 3020 ============================================================
12:58:22.0819 3020 \Device\Harddisk0\DR0:
12:58:22.0819 3020 MBR partitions:
12:58:22.0819 3020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC350000
12:58:22.0819 3020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x190DD000
12:58:22.0819 3020 \Device\Harddisk1\DR1:
12:58:22.0819 3020 MBR partitions:
12:58:22.0819 3020 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1E64C000
12:58:22.0819 3020 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1E64C800, BlocksNum 0x88B8000
12:58:22.0819 3020 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x26F04800, BlocksNum 0x61A8000
12:58:22.0850 3020 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x2D0AD000, BlocksNum 0xD2D8800
12:58:22.0850 3020 \Device\Harddisk6\DR6:
12:58:22.0850 3020 MBR partitions:
12:58:22.0850 3020 \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B08FC8
12:58:22.0850 3020 \Device\Harddisk6\DR6\Partition2: MBR, Type 0x7, StartLBA 0x38B0D248, BlocksNum 0x75F795B8
12:58:22.0850 3020 ============================================================
12:58:22.0882 3020 C: <-> \Device\Harddisk1\DR1\Partition1
12:58:22.0897 3020 X: <-> \Device\Harddisk6\DR6\Partition1
12:58:22.0928 3020 S: <-> \Device\Harddisk0\DR0\Partition2
12:58:22.0960 3020 E: <-> \Device\Harddisk1\DR1\Partition3
12:58:22.0991 3020 F: <-> \Device\Harddisk1\DR1\Partition4
12:58:23.0006 3020 R: <-> \Device\Harddisk0\DR0\Partition1
12:58:23.0038 3020 D: <-> \Device\Harddisk1\DR1\Partition2
12:58:23.0069 3020 Y: <-> \Device\Harddisk6\DR6\Partition2
12:58:23.0069 3020 ============================================================
12:58:23.0069 3020 Initialize success
12:58:23.0069 3020 ============================================================
12:59:27.0965 1292 ============================================================
12:59:27.0965 1292 Scan started
12:59:27.0965 1292 Mode: Manual; SigCheck; TDLFS;
12:59:27.0965 1292 ============================================================
12:59:29.0228 1292 ================ Scan services =============================
12:59:29.0322 1292 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
12:59:29.0400 1292 1394ohci - ok
12:59:29.0431 1292 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:59:29.0447 1292 ACPI - ok
12:59:29.0462 1292 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:59:29.0509 1292 AcpiPmi - ok
12:59:29.0572 1292 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:59:29.0587 1292 AdobeARMservice - ok
12:59:29.0650 1292 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:59:29.0665 1292 AdobeFlashPlayerUpdateSvc - ok
12:59:29.0681 1292 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:59:29.0712 1292 adp94xx - ok
12:59:29.0728 1292 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:59:29.0743 1292 adpahci - ok
12:59:29.0759 1292 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:59:29.0774 1292 adpu320 - ok
12:59:29.0790 1292 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:59:29.0915 1292 AeLookupSvc - ok
12:59:29.0962 1292 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:59:30.0024 1292 AFD - ok
12:59:30.0040 1292 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:59:30.0055 1292 agp440 - ok
12:59:30.0071 1292 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:59:30.0118 1292 ALG - ok
12:59:30.0133 1292 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:59:30.0149 1292 aliide - ok
12:59:30.0149 1292 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:59:30.0164 1292 amdide - ok
12:59:30.0180 1292 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:59:30.0211 1292 AmdK8 - ok
12:59:30.0227 1292 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:59:30.0242 1292 AmdPPM - ok
12:59:30.0274 1292 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:59:30.0289 1292 amdsata - ok
12:59:30.0320 1292 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:59:30.0336 1292 amdsbs - ok
12:59:30.0352 1292 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:59:30.0367 1292 amdxata - ok
12:59:30.0414 1292 [ B9B5DFAFEA592BD4CA967824EBB42E3D ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
12:59:30.0430 1292 AntiVirMailService - ok
12:59:30.0461 1292 [ 67B1D78711B4386C26241096326EE14A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:59:30.0461 1292 AntiVirSchedulerService - ok
12:59:30.0492 1292 [ 845C4E7AE211EDAD5E0B832126F56932 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:59:30.0492 1292 AntiVirService - ok
12:59:30.0523 1292 [ 30D71E0C149943A8985D02EA0944F2FE ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
12:59:30.0539 1292 AntiVirWebService - ok
12:59:30.0554 1292 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:59:30.0632 1292 AppID - ok
12:59:30.0664 1292 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:59:30.0710 1292 AppIDSvc - ok
12:59:30.0710 1292 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:59:30.0773 1292 Appinfo - ok
12:59:30.0788 1292 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
12:59:30.0835 1292 AppMgmt - ok
12:59:30.0851 1292 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:59:30.0866 1292 arc - ok
12:59:30.0882 1292 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:59:30.0898 1292 arcsas - ok
12:59:30.0976 1292 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:59:30.0991 1292 aspnet_state - ok
12:59:31.0007 1292 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:59:31.0069 1292 AsyncMac - ok
12:59:31.0069 1292 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:59:31.0085 1292 atapi - ok
12:59:31.0116 1292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:59:31.0178 1292 AudioEndpointBuilder - ok
12:59:31.0194 1292 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:59:31.0225 1292 AudioSrv - ok
12:59:31.0241 1292 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:59:31.0288 1292 avgntflt - ok
12:59:31.0303 1292 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:59:31.0303 1292 avipbb - ok
12:59:31.0334 1292 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:59:31.0334 1292 avkmgr - ok
12:59:31.0366 1292 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:59:31.0444 1292 AxInstSV - ok
12:59:31.0475 1292 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:59:31.0506 1292 b06bdrv - ok
12:59:31.0553 1292 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:59:31.0600 1292 b57nd60a - ok
12:59:31.0631 1292 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:59:31.0678 1292 BDESVC - ok
12:59:31.0693 1292 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:59:31.0740 1292 Beep - ok
12:59:31.0771 1292 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:59:31.0834 1292 BFE - ok
12:59:31.0865 1292 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:59:31.0943 1292 BITS - ok
12:59:31.0958 1292 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:59:31.0974 1292 blbdrive - ok
12:59:32.0005 1292 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:59:32.0036 1292 bowser - ok
12:59:32.0052 1292 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:59:32.0083 1292 BrFiltLo - ok
12:59:32.0083 1292 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:59:32.0099 1292 BrFiltUp - ok
12:59:32.0130 1292 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:59:32.0161 1292 Browser - ok
12:59:32.0177 1292 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:59:32.0224 1292 Brserid - ok
12:59:32.0239 1292 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:59:32.0255 1292 BrSerWdm - ok
12:59:32.0270 1292 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:59:32.0286 1292 BrUsbMdm - ok
12:59:32.0302 1292 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:59:32.0302 1292 BrUsbSer - ok
12:59:32.0333 1292 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:59:32.0380 1292 BthEnum - ok
12:59:32.0380 1292 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:59:32.0411 1292 BTHMODEM - ok
12:59:32.0426 1292 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:59:32.0458 1292 BthPan - ok
12:59:32.0504 1292 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:59:32.0536 1292 BTHPORT - ok
12:59:32.0551 1292 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:59:32.0598 1292 bthserv - ok
12:59:32.0614 1292 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:59:32.0629 1292 BTHUSB - ok
12:59:32.0645 1292 CdaC15BA - ok
12:59:32.0660 1292 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:59:32.0707 1292 cdfs - ok
12:59:32.0723 1292 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:59:32.0738 1292 cdrom - ok
12:59:32.0754 1292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:59:32.0801 1292 CertPropSvc - ok
12:59:32.0816 1292 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:59:32.0832 1292 circlass - ok
12:59:32.0863 1292 [ ED81E81752CA817AFA740C14AD05BC6C ] cjpcsc C:\Windows\SysWOW64\cjpcsc.exe
12:59:32.0879 1292 cjpcsc - ok
12:59:32.0894 1292 [ 06E1F5228399FC49A8D026DA38DB6784 ] cjusb C:\Windows\system32\DRIVERS\cjusb.sys
12:59:32.0910 1292 cjusb - ok
12:59:32.0941 1292 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:59:32.0957 1292 CLFS - ok
12:59:32.0988 1292 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:59:33.0004 1292 clr_optimization_v2.0.50727_32 - ok
12:59:33.0035 1292 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:59:33.0050 1292 clr_optimization_v2.0.50727_64 - ok
12:59:33.0082 1292 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:59:33.0175 1292 clr_optimization_v4.0.30319_32 - ok
12:59:33.0191 1292 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:59:33.0222 1292 clr_optimization_v4.0.30319_64 - ok
12:59:33.0238 1292 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:59:33.0253 1292 CmBatt - ok
12:59:33.0269 1292 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:59:33.0284 1292 cmdide - ok
12:59:33.0300 1292 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:59:33.0362 1292 CNG - ok
12:59:33.0378 1292 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:59:33.0378 1292 Compbatt - ok
12:59:33.0394 1292 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:59:33.0425 1292 CompositeBus - ok
12:59:33.0425 1292 COMSysApp - ok
12:59:33.0440 1292 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:59:33.0456 1292 crcdisk - ok
12:59:33.0472 1292 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:59:33.0581 1292 CryptSvc - ok
12:59:33.0628 1292 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
12:59:33.0690 1292 CSC - ok
12:59:33.0721 1292 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
12:59:33.0752 1292 CscService - ok
12:59:33.0784 1292 [ B18AB4F8F194E9F0E35D3AF5AF578D14 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
12:59:33.0830 1292 CtClsFlt - ok
12:59:33.0846 1292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:59:33.0893 1292 DcomLaunch - ok
12:59:33.0924 1292 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:59:33.0971 1292 defragsvc - ok
12:59:33.0986 1292 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:59:34.0033 1292 DfsC - ok
12:59:34.0049 1292 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:59:34.0111 1292 Dhcp - ok
12:59:34.0111 1292 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:59:34.0158 1292 discache - ok
12:59:34.0174 1292 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:59:34.0189 1292 Disk - ok
12:59:34.0220 1292 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:59:34.0267 1292 dmvsc - ok
12:59:34.0283 1292 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:59:34.0330 1292 Dnscache - ok
12:59:34.0345 1292 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:59:34.0392 1292 dot3svc - ok
12:59:34.0408 1292 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:59:34.0454 1292 DPS - ok
12:59:34.0454 1292 DRHARD - ok
12:59:34.0470 1292 [ 2A53AA388EB00FB6C57D43DBFE89C972 ] DRHARD64 C:\Windows\system32\drivers\DRHARD64.sys
12:59:34.0486 1292 DRHARD64 - ok
12:59:34.0517 1292 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:59:34.0532 1292 drmkaud - ok
12:59:34.0548 1292 [ D52EEB224DF107AAD9059597F0EB95CC ] DslMNLwf C:\Windows\system32\DRIVERS\dslmnlwf.sys
12:59:34.0564 1292 DslMNLwf - ok
12:59:34.0595 1292 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:59:34.0626 1292 DXGKrnl - ok
12:59:34.0657 1292 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:59:34.0704 1292 EapHost - ok
12:59:34.0766 1292 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:59:34.0829 1292 ebdrv - ok
12:59:34.0860 1292 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:59:34.0891 1292 EFS - ok
12:59:34.0938 1292 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:59:35.0000 1292 ehRecvr - ok
12:59:35.0000 1292 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:59:35.0016 1292 ehSched - ok
12:59:35.0047 1292 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:59:35.0063 1292 elxstor - ok
12:59:35.0078 1292 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
12:59:35.0094 1292 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
12:59:35.0094 1292 epmntdrv - detected UnsignedFile.Multi.Generic (1)
12:59:35.0110 1292 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:59:35.0141 1292 ErrDev - ok
12:59:35.0156 1292 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
12:59:35.0172 1292 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
12:59:35.0172 1292 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
12:59:35.0203 1292 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:59:35.0266 1292 EventSystem - ok
12:59:35.0281 1292 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:59:35.0312 1292 exfat - ok
12:59:35.0344 1292 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:59:35.0375 1292 fastfat - ok
12:59:35.0406 1292 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:59:35.0468 1292 Fax - ok
12:59:35.0500 1292 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:59:35.0515 1292 fdc - ok
12:59:35.0531 1292 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:59:35.0578 1292 fdPHost - ok
12:59:35.0593 1292 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:59:35.0640 1292 FDResPub - ok
12:59:35.0656 1292 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:59:35.0671 1292 FileInfo - ok
12:59:35.0671 1292 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:59:35.0718 1292 Filetrace - ok
12:59:35.0734 1292 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:59:35.0749 1292 flpydisk - ok
12:59:35.0765 1292 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:59:35.0780 1292 FltMgr - ok
12:59:35.0827 1292 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:59:35.0858 1292 FontCache - ok
12:59:35.0905 1292 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:59:35.0921 1292 FontCache3.0.0.0 - ok
12:59:35.0921 1292 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:59:35.0936 1292 FsDepends - ok
12:59:35.0952 1292 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:59:35.0968 1292 Fs_Rec - ok
12:59:35.0968 1292 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:59:35.0999 1292 fvevol - ok
12:59:36.0014 1292 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:59:36.0030 1292 gagp30kx - ok
12:59:36.0061 1292 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:59:36.0108 1292 gpsvc - ok
12:59:36.0170 1292 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:59:36.0170 1292 gupdate - ok
12:59:36.0186 1292 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:59:36.0186 1292 gupdatem - ok
12:59:36.0202 1292 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:59:36.0217 1292 gusvc - ok
12:59:36.0233 1292 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:59:36.0264 1292 hcw85cir - ok
12:59:36.0280 1292 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:59:36.0311 1292 HdAudAddService - ok
12:59:36.0326 1292 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:59:36.0342 1292 HDAudBus - ok
12:59:36.0358 1292 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:59:36.0373 1292 HidBatt - ok
12:59:36.0389 1292 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:59:36.0420 1292 HidBth - ok
12:59:36.0451 1292 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:59:36.0467 1292 HidIr - ok
12:59:36.0482 1292 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:59:36.0514 1292 hidserv - ok
12:59:36.0529 1292 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:59:36.0545 1292 HidUsb - ok
12:59:36.0576 1292 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:59:36.0623 1292 hkmsvc - ok
12:59:36.0638 1292 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:59:36.0670 1292 HomeGroupListener - ok
12:59:36.0701 1292 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:59:36.0732 1292 HomeGroupProvider - ok
12:59:36.0732 1292 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:59:36.0748 1292 HpSAMD - ok
12:59:36.0779 1292 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:59:36.0826 1292 HTTP - ok
12:59:36.0841 1292 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:59:36.0857 1292 hwpolicy - ok
12:59:36.0872 1292 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:59:36.0888 1292 i8042prt - ok
12:59:36.0919 1292 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:59:36.0935 1292 iaStorV - ok
12:59:36.0982 1292 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:59:36.0997 1292 idsvc - ok
12:59:37.0013 1292 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:59:37.0028 1292 iirsp - ok
12:59:37.0075 1292 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:59:37.0138 1292 IKEEXT - ok
12:59:37.0216 1292 [ F242E36CDA231701CFA702641C20FAEC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:59:37.0325 1292 IntcAzAudAddService - ok
12:59:37.0340 1292 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:59:37.0356 1292 intelide - ok
12:59:37.0372 1292 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:59:37.0403 1292 intelppm - ok
12:59:37.0418 1292 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:59:37.0465 1292 IPBusEnum - ok
12:59:37.0512 1292 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:59:37.0559 1292 IpFilterDriver - ok
12:59:37.0637 1292 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:59:37.0699 1292 iphlpsvc - ok
12:59:37.0715 1292 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:59:37.0715 1292 IPMIDRV - ok
12:59:37.0730 1292 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:59:37.0793 1292 IPNAT - ok
12:59:37.0793 1292 [ 05360B1EA5A2ABF620D1D96EBD8BD8F1 ] irda C:\Windows\system32\DRIVERS\irda.sys
12:59:37.0824 1292 irda - ok
12:59:37.0840 1292 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:59:37.0855 1292 IRENUM - ok
12:59:37.0871 1292 [ 3848384AB383F0A8F506C4370635C1F9 ] Irmon C:\Windows\System32\irmon.dll
12:59:37.0886 1292 Irmon - ok
12:59:37.0902 1292 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:59:37.0918 1292 isapnp - ok
12:59:37.0933 1292 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:59:37.0964 1292 iScsiPrt - ok
12:59:37.0980 1292 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:59:37.0980 1292 kbdclass - ok
12:59:38.0011 1292 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:59:38.0027 1292 kbdhid - ok
12:59:38.0042 1292 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:59:38.0058 1292 KeyIso - ok
12:59:38.0089 1292 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:59:38.0089 1292 KSecDD - ok
12:59:38.0105 1292 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:59:38.0120 1292 KSecPkg - ok
12:59:38.0136 1292 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:59:38.0167 1292 ksthunk - ok
12:59:38.0198 1292 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:59:38.0245 1292 KtmRm - ok
12:59:38.0276 1292 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:59:38.0323 1292 LanmanServer - ok
12:59:38.0339 1292 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:59:38.0386 1292 LanmanWorkstation - ok
12:59:38.0401 1292 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:59:38.0432 1292 lltdio - ok
12:59:38.0464 1292 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:59:38.0526 1292 lltdsvc - ok
12:59:38.0526 1292 lmab_device - ok
12:59:38.0542 1292 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:59:38.0588 1292 lmhosts - ok
12:59:38.0620 1292 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:59:38.0620 1292 LSI_FC - ok
12:59:38.0651 1292 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:59:38.0651 1292 LSI_SAS - ok
12:59:38.0666 1292 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:59:38.0682 1292 LSI_SAS2 - ok
12:59:38.0698 1292 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:59:38.0713 1292 LSI_SCSI - ok
12:59:38.0729 1292 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:59:38.0776 1292 luafv - ok
12:59:38.0807 1292 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:59:38.0822 1292 MBAMProtector - ok
12:59:38.0869 1292 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:59:38.0900 1292 MBAMService - ok
12:59:38.0916 1292 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:59:38.0947 1292 Mcx2Svc - ok
12:59:38.0963 1292 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:59:38.0978 1292 megasas - ok
12:59:38.0994 1292 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:59:39.0010 1292 MegaSR - ok
12:59:39.0025 1292 [ 8D0E52F36A153D099DE7D5A1E233FAC7 ] mf C:\Windows\system32\DRIVERS\mf.sys
12:59:39.0056 1292 mf - ok
12:59:39.0103 1292 Microsoft SharePoint Workspace Audit Service - ok
12:59:39.0119 1292 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:59:39.0166 1292 MMCSS - ok
12:59:39.0181 1292 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:59:39.0228 1292 Modem - ok
12:59:39.0244 1292 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:59:39.0259 1292 monitor - ok
12:59:39.0275 1292 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:59:39.0290 1292 mouclass - ok
12:59:39.0322 1292 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:59:39.0337 1292 mouhid - ok
12:59:39.0353 1292 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:59:39.0368 1292 mountmgr - ok
12:59:39.0384 1292 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:59:39.0400 1292 mpio - ok
12:59:39.0415 1292 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:59:39.0446 1292 mpsdrv - ok
12:59:39.0478 1292 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:59:39.0524 1292 MpsSvc - ok
12:59:39.0556 1292 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:59:39.0587 1292 MRxDAV - ok
12:59:39.0602 1292 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:59:39.0634 1292 mrxsmb - ok
12:59:39.0649 1292 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:59:39.0680 1292 mrxsmb10 - ok
12:59:39.0696 1292 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:59:39.0712 1292 mrxsmb20 - ok
12:59:39.0712 1292 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:59:39.0727 1292 msahci - ok
12:59:39.0743 1292 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:59:39.0743 1292 msdsm - ok
12:59:39.0774 1292 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:59:39.0805 1292 MSDTC - ok
12:59:39.0821 1292 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:59:39.0852 1292 Msfs - ok
12:59:39.0868 1292 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:59:39.0914 1292 mshidkmdf - ok
12:59:39.0914 1292 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:59:39.0930 1292 msisadrv - ok
12:59:39.0961 1292 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:59:40.0008 1292 MSiSCSI - ok
12:59:40.0008 1292 msiserver - ok
12:59:40.0024 1292 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:59:40.0070 1292 MSKSSRV - ok
12:59:40.0086 1292 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:59:40.0117 1292 MSPCLOCK - ok
12:59:40.0117 1292 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:59:40.0164 1292 MSPQM - ok
12:59:40.0195 1292 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:59:40.0211 1292 MsRPC - ok
12:59:40.0242 1292 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:59:40.0242 1292 mssmbios - ok
12:59:40.0258 1292 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:59:40.0304 1292 MSTEE - ok
12:59:40.0304 1292 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:59:40.0336 1292 MTConfig - ok
12:59:40.0351 1292 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:59:40.0367 1292 Mup - ok
12:59:40.0382 1292 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:59:40.0445 1292 napagent - ok
12:59:40.0460 1292 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:59:40.0492 1292 NativeWifiP - ok
12:59:40.0538 1292 [ DFE14D63F0F649EE94A9E3442B7C8F2C ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
12:59:40.0554 1292 NAUpdate - ok
12:59:40.0585 1292 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
12:59:40.0616 1292 NDIS - ok
12:59:40.0632 1292 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:59:40.0679 1292 NdisCap - ok
12:59:40.0679 1292 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:59:40.0710 1292 NdisTapi - ok
12:59:40.0726 1292 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:59:40.0772 1292 Ndisuio - ok
12:59:40.0788 1292 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:59:40.0835 1292 NdisWan - ok
12:59:40.0850 1292 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:59:40.0897 1292 NDProxy - ok
12:59:40.0913 1292 [ 2C723E42FC8D7B0209492828F921FB50 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:59:40.0928 1292 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:59:40.0928 1292 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:59:40.0928 1292 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:59:40.0975 1292 NetBIOS - ok
12:59:41.0006 1292 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:59:41.0038 1292 NetBT - ok
12:59:41.0053 1292 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:59:41.0053 1292 Netlogon - ok
12:59:41.0084 1292 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:59:41.0131 1292 Netman - ok
12:59:41.0162 1292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:41.0178 1292 NetMsmqActivator - ok
12:59:41.0178 1292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:41.0194 1292 NetPipeActivator - ok
12:59:41.0209 1292 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:59:41.0256 1292 netprofm - ok
12:59:41.0272 1292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:41.0272 1292 NetTcpActivator - ok
12:59:41.0287 1292 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:59:41.0287 1292 NetTcpPortSharing - ok
12:59:41.0381 1292 [ 70B5B4E69A07895DF30291CAB6ABDA54 ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
12:59:41.0428 1292 Netzmanager Service ( UnsignedFile.Multi.Generic ) - warning
12:59:41.0428 1292 Netzmanager Service - detected UnsignedFile.Multi.Generic (1)
12:59:41.0443 1292 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:59:41.0459 1292 nfrd960 - ok
12:59:41.0474 1292 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:59:41.0537 1292 NlaSvc - ok
12:59:41.0552 1292 [ 2F48AB72B6D554A41817020171DC53D6 ] NmPar C:\Windows\system32\DRIVERS\NmPar.sys
12:59:41.0568 1292 NmPar - ok
12:59:41.0599 1292 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
12:59:41.0646 1292 nmwcd - ok
12:59:41.0662 1292 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
12:59:41.0708 1292 nmwcdc - ok
12:59:41.0724 1292 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:59:41.0755 1292 Npfs - ok
12:59:41.0771 1292 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:59:41.0818 1292 nsi - ok
12:59:41.0833 1292 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:59:41.0880 1292 nsiproxy - ok
12:59:41.0927 1292 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:59:41.0974 1292 Ntfs - ok
12:59:42.0005 1292 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:59:42.0052 1292 Null - ok
12:59:42.0083 1292 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
12:59:42.0114 1292 NVENETFD - ok
12:59:42.0348 1292 [ 623D0264E44F88152EEF6C98FF9B8013 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:59:42.0707 1292 nvlddmkm - ok
12:59:42.0754 1292 [ BD25E03EAD63AC3365F25175B4DBD56A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
12:59:42.0769 1292 NVNET - ok
12:59:42.0785 1292 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:59:42.0800 1292 nvraid - ok
12:59:42.0832 1292 [ 61A59FB62864EB3F32D24985A505CE03 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
12:59:42.0832 1292 nvsmu - ok
12:59:42.0863 1292 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:59:42.0878 1292 nvstor - ok
12:59:42.0925 1292 [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:59:42.0972 1292 nvsvc - ok
12:59:43.0019 1292 [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:59:43.0081 1292 nvUpdatusService - ok
12:59:43.0097 1292 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:59:43.0112 1292 nv_agp - ok
12:59:43.0128 1292 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:59:43.0159 1292 ohci1394 - ok
12:59:43.0190 1292 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:59:43.0206 1292 ose64 - ok
12:59:43.0300 1292 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:59:43.0393 1292 osppsvc - ok
12:59:43.0409 1292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:59:43.0456 1292 p2pimsvc - ok
12:59:43.0487 1292 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:59:43.0502 1292 p2psvc - ok
12:59:43.0534 1292 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
12:59:43.0549 1292 Parport - ok
12:59:43.0580 1292 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:59:43.0596 1292 partmgr - ok
12:59:43.0612 1292 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:59:43.0627 1292 PcaSvc - ok
12:59:43.0658 1292 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
12:59:43.0690 1292 pccsmcfd - ok
12:59:43.0705 1292 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:59:43.0705 1292 pci - ok
12:59:43.0721 1292 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:59:43.0736 1292 pciide - ok
12:59:43.0752 1292 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:59:43.0768 1292 pcmcia - ok
12:59:43.0768 1292 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:59:43.0783 1292 pcw - ok
12:59:43.0799 1292 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:59:43.0861 1292 PEAUTH - ok
12:59:43.0892 1292 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:59:43.0939 1292 PeerDistSvc - ok
12:59:44.0002 1292 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:59:44.0017 1292 PerfHost - ok
12:59:44.0080 1292 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:59:44.0142 1292 pla - ok
12:59:44.0189 1292 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:59:44.0251 1292 PlugPlay - ok
12:59:44.0267 1292 [ 171E6D91A20AAC8D02172A64E82CE90B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:59:44.0282 1292 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:59:44.0282 1292 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:59:44.0298 1292 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:59:44.0314 1292 PNRPAutoReg - ok
12:59:44.0345 1292 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:59:44.0360 1292 PNRPsvc - ok
12:59:44.0376 1292 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:59:44.0438 1292 PolicyAgent - ok
12:59:44.0454 1292 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:59:44.0501 1292 Power - ok
12:59:44.0548 1292 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:59:44.0579 1292 PptpMiniport - ok
12:59:44.0594 1292 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:59:44.0626 1292 Processor - ok
12:59:44.0641 1292 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:59:44.0672 1292 ProfSvc - ok
12:59:44.0704 1292 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:59:44.0704 1292 ProtectedStorage - ok
12:59:44.0735 1292 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:59:44.0782 1292 Psched - ok
12:59:44.0813 1292 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:59:44.0860 1292 ql2300 - ok
12:59:44.0875 1292 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:59:44.0891 1292 ql40xx - ok
12:59:44.0922 1292 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:59:44.0938 1292 QWAVE - ok
12:59:44.0969 1292 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:59:44.0984 1292 QWAVEdrv - ok
12:59:45.0000 1292 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:59:45.0031 1292 RasAcd - ok
12:59:45.0047 1292 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:59:45.0094 1292 RasAgileVpn - ok
12:59:45.0109 1292 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:59:45.0156 1292 RasAuto - ok
12:59:45.0172 1292 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:59:45.0218 1292 Rasl2tp - ok
12:59:45.0234 1292 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:59:45.0281 1292 RasMan - ok
12:59:45.0296 1292 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:59:45.0343 1292 RasPppoe - ok
12:59:45.0359 1292 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:59:45.0390 1292 RasSstp - ok
12:59:45.0421 1292 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:59:45.0452 1292 rdbss - ok
12:59:45.0468 1292 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:59:45.0499 1292 rdpbus - ok
12:59:45.0515 1292 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:59:45.0546 1292 RDPCDD - ok
12:59:45.0577 1292 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:59:45.0608 1292 RDPDR - ok
12:59:45.0624 1292 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:59:45.0671 1292 RDPENCDD - ok
12:59:45.0671 1292 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:59:45.0702 1292 RDPREFMP - ok
12:59:45.0733 1292 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:59:45.0764 1292 RDPWD - ok
12:59:45.0796 1292 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:59:45.0811 1292 rdyboost - ok
12:59:45.0827 1292 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:59:45.0874 1292 RemoteAccess - ok
12:59:45.0889 1292 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:59:45.0936 1292 RemoteRegistry - ok
12:59:45.0967 1292 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:59:45.0998 1292 RFCOMM - ok
12:59:46.0030 1292 [ CF1EEE81FD32238FC51ADCA9F2266B7D ] RLDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\livecamv.sys
12:59:46.0045 1292 RLDesignVirtualAudioCableWdm - ok
12:59:46.0076 1292 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:59:46.0108 1292 RpcEptMapper - ok
12:59:46.0139 1292 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:59:46.0154 1292 RpcLocator - ok
12:59:46.0170 1292 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:59:46.0217 1292 RpcSs - ok
12:59:46.0232 1292 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
12:59:46.0248 1292 RRNetCap - ok
12:59:46.0248 1292 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
12:59:46.0264 1292 RRNetCapMP - ok
12:59:46.0279 1292 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:59:46.0310 1292 rspndr - ok
12:59:46.0342 1292 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:59:46.0357 1292 s3cap - ok
12:59:46.0373 1292 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:59:46.0388 1292 SamSs - ok
12:59:46.0404 1292 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:59:46.0420 1292 sbp2port - ok
12:59:46.0451 1292 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:59:46.0482 1292 SCardSvr - ok
12:59:46.0498 1292 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:59:46.0544 1292 scfilter - ok
12:59:46.0576 1292 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:59:46.0638 1292 Schedule - ok
12:59:46.0654 1292 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:59:46.0700 1292 SCPolicySvc - ok
12:59:46.0716 1292 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:59:46.0747 1292 SDRSVC - ok
12:59:46.0778 1292 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:59:46.0825 1292 secdrv - ok
12:59:46.0841 1292 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:59:46.0872 1292 seclogon - ok
12:59:46.0888 1292 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:59:46.0919 1292 SENS - ok
12:59:46.0934 1292 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:59:46.0981 1292 SensrSvc - ok
12:59:46.0997 1292 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
12:59:47.0012 1292 Serenum - ok
12:59:47.0028 1292 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
12:59:47.0059 1292 Serial - ok
12:59:47.0075 1292 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:59:47.0090 1292 sermouse - ok
12:59:47.0153 1292 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
12:59:47.0168 1292 ServiceLayer - ok
12:59:47.0184 1292 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:59:47.0246 1292 SessionEnv - ok
12:59:47.0262 1292 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:59:47.0278 1292 sffdisk - ok
12:59:47.0293 1292 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:59:47.0309 1292 sffp_mmc - ok
12:59:47.0309 1292 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:59:47.0340 1292 sffp_sd - ok
12:59:47.0356 1292 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:59:47.0371 1292 sfloppy - ok
12:59:47.0418 1292 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:59:47.0465 1292 SharedAccess - ok
12:59:47.0496 1292 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:59:47.0543 1292 ShellHWDetection - ok
12:59:47.0558 1292 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:59:47.0558 1292 SiSRaid2 - ok
12:59:47.0574 1292 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:59:47.0590 1292 SiSRaid4 - ok
12:59:47.0683 1292 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:59:47.0761 1292 Skype C2C Service - ok
12:59:47.0792 1292 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:59:47.0808 1292 SkypeUpdate - ok
12:59:47.0824 1292 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:59:47.0870 1292 Smb - ok
12:59:47.0886 1292 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:59:47.0902 1292 SNMPTRAP - ok
12:59:47.0933 1292 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:59:47.0933 1292 spldr - ok
12:59:47.0964 1292 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:59:48.0011 1292 Spooler - ok
12:59:48.0073 1292 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:59:48.0167 1292 sppsvc - ok
12:59:48.0198 1292 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:59:48.0229 1292 sppuinotify - ok
12:59:48.0260 1292 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:59:48.0307 1292 srv - ok
12:59:48.0323 1292 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:59:48.0338 1292 srv2 - ok
12:59:48.0354 1292 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:59:48.0370 1292 srvnet - ok
12:59:48.0385 1292 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:59:48.0416 1292 SSDPSRV - ok
12:59:48.0448 1292 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:59:48.0479 1292 SstpSvc - ok
12:59:48.0541 1292 [ E4AEA6FC64A979375149B86882CA2100 ] StarMoney 8.0 OnlineUpdate C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
12:59:48.0557 1292 StarMoney 8.0 OnlineUpdate - ok
12:59:48.0588 1292 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:59:48.0604 1292 stexstor - ok
12:59:48.0619 1292 [ 1A807A037503B285016E61100D04614A ] STIrUsb C:\Windows\system32\DRIVERS\irstusb.sys
12:59:48.0650 1292 STIrUsb - ok
12:59:48.0682 1292 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:59:48.0728 1292 stisvc - ok
12:59:48.0744 1292 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:59:48.0744 1292 storflt - ok
12:59:48.0775 1292 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
12:59:48.0806 1292 StorSvc - ok
12:59:48.0822 1292 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:59:48.0822 1292 storvsc - ok
12:59:48.0838 1292 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:59:48.0853 1292 swenum - ok
12:59:48.0869 1292 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:59:48.0931 1292 swprv - ok
12:59:48.0978 1292 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:59:49.0025 1292 SysMain - ok
12:59:49.0040 1292 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:59:49.0072 1292 TabletInputService - ok
12:59:49.0087 1292 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:59:49.0134 1292 TapiSrv - ok
12:59:49.0165 1292 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
12:59:49.0165 1292 tbhsd - ok
12:59:49.0196 1292 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:59:49.0243 1292 TBS - ok
12:59:49.0290 1292 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:59:49.0337 1292 Tcpip - ok
12:59:49.0368 1292 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:59:49.0399 1292 TCPIP6 - ok
12:59:49.0430 1292 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:59:49.0477 1292 tcpipreg - ok
12:59:49.0493 1292 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:59:49.0524 1292 TDPIPE - ok
12:59:49.0555 1292 [ 5A9715FCD237693631CA236E2AB319C2 ] TDslMgrService C:\Program Files (x86)\T-Online\DSL-Manager\DslMgrSvc.exe
12:59:49.0571 1292 TDslMgrService ( UnsignedFile.Multi.Generic ) - warning
12:59:49.0571 1292 TDslMgrService - detected UnsignedFile.Multi.Generic (1)
12:59:49.0586 1292 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:59:49.0618 1292 TDTCP - ok
12:59:49.0649 1292 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:59:49.0680 1292 tdx - ok
12:59:49.0742 1292 [ C314391535B8BBA4238C13D663B07F83 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
12:59:49.0805 1292 TeamViewer6 - ok
12:59:49.0852 1292 [ 4283D7125BA4BD0CB50BB0F78B54257A ] TelekomNM6 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
12:59:49.0867 1292 TelekomNM6 - ok
12:59:49.0883 1292 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:59:49.0898 1292 TermDD - ok
12:59:49.0930 1292 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:59:49.0976 1292 TermService - ok
12:59:49.0992 1292 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:59:50.0023 1292 Themes - ok
12:59:50.0039 1292 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:59:50.0070 1292 THREADORDER - ok
12:59:50.0086 1292 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:59:50.0132 1292 TrkWks - ok
12:59:50.0179 1292 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:59:50.0210 1292 TrustedInstaller - ok
12:59:50.0242 1292 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:59:50.0288 1292 tssecsrv - ok
12:59:50.0288 1292 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:59:50.0320 1292 TsUsbFlt - ok
12:59:50.0335 1292 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:59:50.0351 1292 TsUsbGD - ok
12:59:50.0398 1292 [ 41A3F69FBB7CA37A3FC5CD8EF424F199 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
12:59:50.0429 1292 TuneUp.Defrag - ok
12:59:50.0460 1292 [ EBA3ABFFDADA40A2B590ADEF1A24CA24 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
12:59:50.0491 1292 TuneUp.UtilitiesSvc - ok
12:59:50.0507 1292 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
12:59:50.0522 1292 TuneUpUtilitiesDrv - ok
12:59:50.0538 1292 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:59:50.0585 1292 tunnel - ok
12:59:50.0600 1292 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:59:50.0600 1292 uagp35 - ok
12:59:50.0632 1292 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:59:50.0678 1292 udfs - ok
12:59:50.0725 1292 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:59:50.0741 1292 UI0Detect - ok
12:59:50.0756 1292 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:59:50.0772 1292 uliagpkx - ok
12:59:50.0788 1292 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:59:50.0803 1292 umbus - ok
12:59:50.0834 1292 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:59:50.0850 1292 UmPass - ok
12:59:50.0866 1292 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
12:59:50.0897 1292 UmRdpService - ok
12:59:50.0912 1292 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:59:50.0959 1292 upnphost - ok
12:59:50.0990 1292 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
12:59:51.0022 1292 upperdev - ok
12:59:51.0053 1292 [ C669DE449D5D399037EF9FF77C03C23C ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
12:59:51.0084 1292 USB28xxBGA - ok
12:59:51.0115 1292 [ 46C0FB27F28531D9D19573FD97EBCF90 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
12:59:51.0131 1292 USB28xxOEM - ok
12:59:51.0178 1292 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:59:51.0193 1292 usbaudio - ok
12:59:51.0224 1292 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:59:51.0256 1292 usbccgp - ok
12:59:51.0271 1292 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:59:51.0287 1292 usbcir - ok
12:59:51.0302 1292 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:59:51.0334 1292 usbehci - ok
12:59:51.0349 1292 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:59:51.0380 1292 usbhub - ok
12:59:51.0396 1292 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:59:51.0427 1292 usbohci - ok
12:59:51.0443 1292 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:59:51.0458 1292 usbprint - ok
12:59:51.0490 1292 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:59:51.0505 1292 usbscan - ok
12:59:51.0521 1292 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
12:59:51.0536 1292 usbser - ok
12:59:51.0552 1292 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
12:59:51.0583 1292 UsbserFilt - ok
12:59:51.0614 1292 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:59:51.0646 1292 USBSTOR - ok
12:59:51.0661 1292 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:59:51.0692 1292 usbuhci - ok
12:59:51.0724 1292 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:59:51.0739 1292 usbvideo - ok
12:59:51.0770 1292 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:59:51.0802 1292 UxSms - ok
12:59:51.0833 1292 [ 9AC0C072FD7EDE138842BEF7DA73B0E6 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
12:59:51.0833 1292 UxTuneUp - ok
12:59:51.0880 1292 [ 8242985B0EB906C921075A8635069860 ] V0540Dev C:\Windows\system32\DRIVERS\V0540Vid.sys
12:59:51.0895 1292 V0540Dev - ok
12:59:51.0911 1292 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:59:51.0926 1292 VaultSvc - ok
12:59:51.0942 1292 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:59:51.0958 1292 vdrvroot - ok
12:59:51.0989 1292 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:59:52.0036 1292 vds - ok
12:59:52.0051 1292 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:59:52.0067 1292 vga - ok
12:59:52.0082 1292 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:59:52.0129 1292 VgaSave - ok
12:59:52.0145 1292 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:59:52.0160 1292 vhdmp - ok
12:59:52.0176 1292 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:59:52.0192 1292 viaide - ok
12:59:52.0223 1292 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:59:52.0238 1292 vmbus - ok
12:59:52.0254 1292 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:59:52.0270 1292 VMBusHID - ok
12:59:52.0270 1292 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:59:52.0285 1292 volmgr - ok
12:59:52.0301 1292 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:59:52.0316 1292 volmgrx - ok
12:59:52.0332 1292 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:59:52.0348 1292 volsnap - ok
12:59:52.0379 1292 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:59:52.0394 1292 vsmraid - ok
12:59:52.0426 1292 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:59:52.0504 1292 VSS - ok
12:59:52.0519 1292 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:59:52.0550 1292 vwifibus - ok
12:59:52.0566 1292 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:59:52.0597 1292 W32Time - ok
12:59:52.0628 1292 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:59:52.0644 1292 WacomPen - ok
12:59:52.0660 1292 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:59:52.0706 1292 WANARP - ok
12:59:52.0722 1292 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:59:52.0753 1292 Wanarpv6 - ok
12:59:52.0800 1292 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:59:52.0862 1292 wbengine - ok
12:59:52.0878 1292 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:59:52.0909 1292 WbioSrvc - ok
12:59:52.0925 1292 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:59:52.0956 1292 wcncsvc - ok
12:59:52.0972 1292 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:59:53.0003 1292 WcsPlugInService - ok
12:59:53.0018 1292 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
12:59:53.0034 1292 Wd - ok
12:59:53.0065 1292 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:59:53.0081 1292 Wdf01000 - ok
12:59:53.0096 1292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:59:53.0159 1292 WdiServiceHost - ok
12:59:53.0174 1292 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:59:53.0190 1292 WdiSystemHost - ok
12:59:53.0221 1292 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:59:53.0252 1292 WebClient - ok
12:59:53.0268 1292 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:59:53.0315 1292 Wecsvc - ok
12:59:53.0330 1292 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:59:53.0377 1292 wercplsupport - ok
12:59:53.0393 1292 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:59:53.0440 1292 WerSvc - ok
12:59:53.0455 1292 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:59:53.0486 1292 WfpLwf - ok
12:59:53.0502 1292 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:59:53.0518 1292 WIMMount - ok
12:59:53.0533 1292 WinDefend - ok
12:59:53.0549 1292 WinHttpAutoProxySvc - ok
12:59:53.0596 1292 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:59:53.0642 1292 Winmgmt - ok
12:59:53.0689 1292 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:59:53.0752 1292 WinRM - ok
12:59:53.0783 1292 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:59:53.0814 1292 WinUsb - ok
12:59:53.0845 1292 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:59:53.0892 1292 Wlansvc - ok
12:59:53.0908 1292 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:59:53.0923 1292 WmiAcpi - ok
12:59:53.0954 1292 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:59:53.0970 1292 wmiApSrv - ok
12:59:53.0986 1292 WMPNetworkSvc - ok
12:59:54.0001 1292 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:59:54.0032 1292 WPCSvc - ok
12:59:54.0048 1292 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:59:54.0079 1292 WPDBusEnum - ok
12:59:54.0095 1292 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:59:54.0142 1292 ws2ifsl - ok
12:59:54.0157 1292 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:59:54.0188 1292 wscsvc - ok
12:59:54.0220 1292 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:59:54.0251 1292 WSDPrintDevice - ok
12:59:54.0251 1292 WSearch - ok
12:59:54.0313 1292 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:59:54.0376 1292 wuauserv - ok
12:59:54.0407 1292 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:59:54.0438 1292 WudfPf - ok
12:59:54.0469 1292 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:59:54.0500 1292 WUDFRd - ok
12:59:54.0532 1292 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:59:54.0563 1292 wudfsvc - ok
12:59:54.0594 1292 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:59:54.0625 1292 WwanSvc - ok
12:59:54.0641 1292 ================ Scan global ===============================
12:59:54.0688 1292 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:59:54.0719 1292 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:59:54.0734 1292 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:59:54.0750 1292 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:59:54.0766 1292 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:59:54.0781 1292 [Global] - ok
12:59:54.0781 1292 ================ Scan MBR ==================================
12:59:54.0781 1292 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:59:54.0890 1292 \Device\Harddisk0\DR0 - ok
12:59:54.0906 1292 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:59:55.0015 1292 \Device\Harddisk1\DR1 - ok
12:59:55.0031 1292 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk6\DR6
12:59:55.0124 1292 \Device\Harddisk6\DR6 - ok
12:59:55.0124 1292 ================ Scan VBR ==================================
12:59:55.0124 1292 [ DC42802F5BB64CDD3D9A2539173883C0 ] \Device\Harddisk0\DR0\Partition1
12:59:55.0124 1292 \Device\Harddisk0\DR0\Partition1 - ok
12:59:55.0124 1292 [ 10D5246552F4D431D1F6E0CBAF5FB825 ] \Device\Harddisk0\DR0\Partition2
12:59:55.0124 1292 \Device\Harddisk0\DR0\Partition2 - ok
12:59:55.0156 1292 [ DAE8898BA87270797B0CF40406A7D5AF ] \Device\Harddisk1\DR1\Partition1
12:59:55.0156 1292 \Device\Harddisk1\DR1\Partition1 - ok
12:59:55.0171 1292 [ 11D10E978C1D8AFCA25C417A7DD6BF52 ] \Device\Harddisk1\DR1\Partition2
12:59:55.0171 1292 \Device\Harddisk1\DR1\Partition2 - ok
12:59:55.0187 1292 [ CE481CD93A547D12C47663E1D9E5554B ] \Device\Harddisk1\DR1\Partition3
12:59:55.0187 1292 \Device\Harddisk1\DR1\Partition3 - ok
12:59:55.0187 1292 [ 2C0924412007A0879ECB672354F8D46F ] \Device\Harddisk1\DR1\Partition4
12:59:55.0202 1292 \Device\Harddisk1\DR1\Partition4 - ok
12:59:55.0202 1292 [ 544CBE3DF5733B5ED3FAEA640818FFBA ] \Device\Harddisk6\DR6\Partition1
12:59:55.0202 1292 \Device\Harddisk6\DR6\Partition1 - ok
12:59:55.0202 1292 [ 4DCBE73096F7376908B0EFDE60FE8668 ] \Device\Harddisk6\DR6\Partition2
12:59:55.0218 1292 \Device\Harddisk6\DR6\Partition2 - ok
12:59:55.0218 1292 ============================================================
12:59:55.0218 1292 Scan finished
12:59:55.0218 1292 ============================================================
12:59:55.0234 6060 Detected object count: 6
12:59:55.0234 6060 Actual detected object count: 6
13:01:32.0532 6060 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:01:32.0532 6060 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:01:32.0532 6060 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:01:32.0532 6060 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:01:32.0548 6060 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:01:32.0548 6060 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:01:32.0548 6060 Netzmanager Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:01:32.0548 6060 Netzmanager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:01:32.0548 6060 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:01:32.0548 6060 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:01:32.0548 6060 TDslMgrService ( UnsignedFile.Multi.Generic ) - skipped by user
13:01:32.0548 6060 TDslMgrService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
21.08.2012, 13:55
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU eingefangen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.08.2012, 17:54
| #25 |
| | GVU eingefangen Hallo, hier das Log: [CODE] Combofix Logfile: Code:
ATTFilter ComboFix 12-08-20.02 - Jonny 21.08.2012 18:37:29.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4095.2138 [GMT 2:00]
ausgeführt von:: c:\users\Jonny\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Jonny\AppData\Roaming\AcroIEHelpe.txt
c:\users\Jonny\AppData\Roaming\srvblck5.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-21 bis 2012-08-21 ))))))))))))))))))))))))))))))
.
.
2012-08-21 16:43 . 2012-08-21 16:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-08-19 11:25 . 2012-08-19 11:25 -------- d-----w- C:\_OTL
2012-08-15 14:40 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 09:26 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 09:26 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 09:26 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 09:26 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 09:26 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 09:26 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 09:26 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 09:26 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 09:26 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 09:26 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 09:26 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 09:26 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-13 12:45 . 2012-08-13 12:45 -------- d-----w- c:\program files (x86)\ESET
2012-08-10 11:36 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AEE1B934-BB36-4A49-AD0D-7368B708D2A5}\mpengine.dll
2012-08-05 15:44 . 2012-08-05 15:44 -------- d-----w- c:\users\Jonny\AppData\Roaming\Malwarebytes
2012-08-05 15:43 . 2012-08-05 15:43 -------- d-----w- c:\programdata\Malwarebytes
2012-08-05 15:43 . 2012-08-05 15:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-05 15:43 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-03 12:10 . 2012-08-03 12:10 -------- d-----w- c:\program files (x86)\Microtek
2012-08-03 11:58 . 2012-08-03 11:58 -------- d-----w- c:\programdata\ABBYY
2012-07-28 14:25 . 2012-07-28 14:25 -------- d-----w- c:\users\Jonny\AppData\Local\Macromedia
2012-07-28 14:19 . 2012-07-28 14:19 -------- d-----w- c:\users\Jonny\AppData\Local\Mozilla
2012-07-28 13:04 . 2012-07-28 13:04 -------- d-----w- c:\users\Jonny\AppData\Roaming\Anvsoft
2012-07-28 13:04 . 2012-07-28 13:04 -------- d-----w- c:\program files (x86)\AnvSoft
2012-07-27 14:09 . 2012-07-30 17:32 -------- d-----w- c:\program files (x86)\WebSite X5 v8 - Evolution
2012-07-27 14:09 . 1997-07-19 15:00 604432 ----a-w- c:\windows\SysWow64\COMCTL32.OCX
2012-07-27 11:43 . 2012-07-27 11:43 -------- d-----w- c:\users\Public\ABBYY FineReader Engine 9.0
2012-07-27 11:43 . 2012-07-27 11:43 -------- d-----w- c:\users\Jonny\AppData\Roaming\ABBYY FineReader Engine 9.0
2012-07-27 11:43 . 2012-07-27 11:43 -------- d-----w- c:\users\Jonny\AppData\Local\ABBYY FineReader Engine 9.0
2012-07-23 15:56 . 2012-07-23 15:56 -------- d-----w- c:\users\Jonny\AppData\Roaming\Serif
2012-07-23 15:55 . 2012-07-23 15:55 -------- d-----w- c:\program files (x86)\Serif
2012-07-23 15:16 . 2012-07-23 15:16 -------- d-----w- c:\users\Jonny\AppData\Roaming\LMSOFT
2012-07-23 15:13 . 2012-07-23 15:19 -------- d-----w- c:\program files (x86)\LMSOFT
2012-07-23 13:57 . 2012-07-23 13:57 -------- d-----w- c:\users\Jonny\AppData\Roaming\Nvu
2012-07-23 13:57 . 2012-07-23 15:21 -------- d-----w- c:\program files (x86)\Nvu
2012-07-23 12:17 . 2012-07-23 12:17 -------- d-----w- c:\programdata\vsosdk
2012-07-23 11:42 . 2012-07-23 12:46 -------- d-----w- c:\users\Jonny\AppData\Roaming\BuddyW
2012-07-23 11:42 . 2012-07-23 11:42 -------- d-----w- c:\program files (x86)\BuddyW
2012-07-23 11:38 . 2012-07-23 12:27 -------- d-----w- c:\users\Jonny\AppData\Roaming\dvdcss
2012-07-23 11:36 . 2012-07-23 11:36 -------- d-----w- c:\programdata\MagicSoftware
2012-07-23 11:34 . 2012-07-23 11:35 -------- d-----w- c:\program files (x86)\DVDx 4.0 Open Edition
2012-07-23 11:34 . 2012-07-23 11:34 -------- d-----w- c:\users\Jonny\AppData\Local\MagicSoftware
2012-07-23 11:34 . 2012-07-23 12:25 -------- d-----w- c:\program files (x86)\MagicDVDCopier
2012-07-22 17:11 . 2012-07-22 17:16 -------- d-----w- c:\program files (x86)\phase5
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 13:17 . 2012-04-01 10:47 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-16 13:17 . 2012-01-02 16:07 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 14:34 . 2011-12-30 19:09 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-12 15:13 . 2012-05-18 14:46 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-06-09 05:43 . 2012-07-11 16:42 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 16:42 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 16:42 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 16:41 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 16:42 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 16:42 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 16:41 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-26 09:30 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-26 09:30 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-26 09:30 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-26 09:30 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-26 09:30 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-26 09:30 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-26 09:30 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-26 09:30 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-26 09:30 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-11 16:42 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 16:42 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 16:42 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 16:42 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 16:42 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 16:42 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 16:42 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 16:42 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 16:42 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2006-05-03 11:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-31 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"LMab1err"="c:\program files\Lexmark\ErrorApp\LMab1err.exe" [2010-08-03 582312]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"Live! Central"="c:\program files (x86)\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe" [2008-05-08 438399]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-04-28 1406248]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files (x86)\T-Online\DSL-Manager\DslMgr.exe [2012-1-2 1085440]
.
c:\users\Anneliese\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files (x86)\T-Online\DSL-Manager\DslMgr.exe [2012-1-2 1085440]
.
c:\users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files (x86)\T-Online\DSL-Manager\DslMgr.exe [2012-1-2 1085440]
.
c:\users\Jonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files (x86)\T-Online\DSL-Manager\DslMgr.exe [2012-1-2 1085440]
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe [2011-11-10 14000128]
ShellFolderFix.lnk - c:\program files (x86)\ShellFolderFix\ShellFolderFixUI.exe [2012-1-12 2625024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microtek Scanner Finder.lnk - c:\program files (x86)\Microtek\ScanWizard 5\ScannerFinder.exe [2012-8-3 344064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 250056]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 DRHARD;DRHARD;c:\windows\system32\DRIVERS\DRHARD.SYS [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 136176]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [2012-01-03 37480]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S1 DslMNLwf;DSL-Manager NDIS LightWeight Filter;c:\windows\system32\DRIVERS\dslmnlwf.sys [2007-08-01 19008]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-05-15 375760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-15 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-15 465360]
S2 cjpcsc;cyberJack PC/SC COM Service ;c:\windows\SysWOW64\cjpcsc.exe [2012-03-19 514128]
S2 DRHARD64;DRHARD64;c:\windows\system32\drivers\DRHARD64.sys [2008-08-06 22216]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-04 687400]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 StarMoney 8.0 OnlineUpdate;StarMoney 8.0 OnlineUpdate;c:\program files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [2012-06-28 692432]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-01 2296696]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2011-11-21 1403200]
S3 cjusb;REINER SCT cyberJack USB Driver;c:\windows\system32\DRIVERS\cjusb.sys [2011-03-29 34672]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2008-05-07 169472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 NmPar;PCI Parallel Port;c:\windows\system32\DRIVERS\NmPar.sys [2010-01-12 95744]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\DRIVERS\livecamv.sys [2007-02-05 49664]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [2012-01-03 37480]
S3 TDslMgrService;DSL-Manager;c:\program files (x86)\T-Online\DSL-Manager\DslMgrSvc.exe [2007-08-01 290816]
S3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [2010-09-16 45664]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
S3 V0540Dev;Creative Camera VF0540 Driver;c:\windows\system32\DRIVERS\V0540Vid.sys [2009-06-15 321376]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 13:17]
.
2012-08-12 c:\windows\Tasks\AdvancedDriverUpdater.job
- c:\program files (x86)\Advanced Driver Updater\adu.exe [2012-01-03 10:33]
.
2012-07-18 c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
- c:\program files (x86)\Advanced Driver Updater\adu.exe [2012-01-03 10:33]
.
2012-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 14:53]
.
2012-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-31 14:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://portal.sska.de/portal/portal/StartenIPSTANDARD
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: Free YouTube to MP3 Converter - c:\users\Jonny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
DPF: {39ED5386-A900-4D6C-B564-20BFDE5402CF} - hxxp://www.medion.com/de/service/download/MEDION_Treibersuche.ocx
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Incomedia WebSite X5 v8 - Evolution - c:\windows\system32\iwpsetup.exe
AddRemove-SmartToolseBook DAO, ADO Recordsetsv1.00 - c:\program files (x86)\SmartTools\Access eBook DAO
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-21 18:45:50
ComboFix-quarantined-files.txt 2012-08-21 16:45
.
Vor Suchlauf: 17 Verzeichnis(se), 199.663.939.584 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 199.140.237.312 Bytes frei
.
- - End Of File - - FC05696190A21CE04B47E02630E43601
Einen schönen Urlaub. LG Jonny |
|
24.08.2012, 17:25
| #26 | |
| |  GVU eingefangen Hallo Cosinus hoffe du hattest schöne Tage! Zitat:
 Beim Start von StarMoney 8.0 kann der Update-Dienst nicht gestartet weden! Habe eine Datei mit genauer Fehlerbeschreibung angehängt. Da sich StarMoney grundsätzlich starten lässt, eben nur nicht updaten, ist es zunächst nicht sooo tragisch, sollte aber schon gelöst werden! Vielen Dank. Jonny |
|
30.08.2012, 14:32
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU eingefangen StarMoney musst du wohl neu installieren. Ansonsten musst du den Support vom Hersteller in Anspruch nehmen, ich kann dafür nun wirklich keinen Support geben Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.08.2012, 16:03
| #28 |
| | GVU eingefangen Hallo cosinus, zu StarMoney: mir war schon klar, dass du dazu keinen Support lieferst, andererseits soll man doch alle ungewöhnlichen Dinge posten!? Hier die Logs: GMER: Code:
ATTFilter GMER Logfile: Code:
ATTFilter OSAM Logfile: |
|
30.08.2012, 16:23
| #29 |
| | GVU eingefangen Habe nun, da du Offline gegangen bist und in Deinem Post nicht explizit stand, ich solle warten, aswMBR ausgeführt. Dies stürzte nach einer weile ab bzw. "funktionierte nicht mehr", siehe Anhang. |
|
30.08.2012, 20:05
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU eingefangen Bitte auch alles lesen was in meinem Posting steht. Ganz unten zu aswMBR steht nämlich noch ein Hinweis!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu GVU eingefangen |
| administrator, anti-malware, appdata, autostart, avira, browser, dateien, explorer, festplatte, festplatten, gen, gvu entfernen, gvu trojaner, helper, hijack.userinit, malwarebytes, microsoft, nicht mehr, nicht sicher, registry, roaming, scan, software, speicher, system, test, vista, win |
