Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: "Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.09.2012, 17:45   #1
Nykah
 
"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt - Standard

"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt



Hallo zusammen,

auch ich habe jetzt das Problem mit der Fehlermeldung "Dieses Programm kann die Webseite nicht anzeigen." Der Desktop ist ganz ausgefüllt durch die Meldung, alle Versuche mit Alt+F4 oder Task Manager haben nichts geholfen. Ich habe Windows 7 mit einer 64Bit Version. Der Laptop muss dann hart neugestartet werden. Meistens startet er auch ohne abgesicherten Modus und läuft dann wieder normal. Ich habe nicht rausbekommen, ob ein bestimmtes Programm oder Event den Fehler triggert.

Jetzt habe ich hier schon recherchiert und musste feststellen, dass das Ganze scheinbar komplizierter ist als ich dachte. Die ersten Log Datein habe ich schon erstellt:

Code:
ATTFilter
OTL logfile created on: 18.09.2012 18:06:46 - Run 1
OTL by OldTimer - Version 3.2.63.0     Folder = D:\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,90 Gb Total Physical Memory | 4,13 Gb Available Physical Memory | 70,09% Memory free
11,79 Gb Paging File | 9,92 Gb Available in Paging File | 84,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 295,61 Gb Total Space | 233,99 Gb Free Space | 79,16% Space Free | Partition Type: NTFS
Drive D: | 283,51 Gb Total Space | 230,22 Gb Free Space | 81,20% Space Free | Partition Type: NTFS
Drive G: | 698,64 Gb Total Space | 161,46 Gb Free Space | 23,11% Space Free | Partition Type: NTFS
 
Computer Name: JEANNE-VAIO | User Name: Jeanne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.18 18:05:50 | 000,600,576 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
PRC - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.04.03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.23 17:35:18 | 000,182,200 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012.02.23 17:35:16 | 000,065,464 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2012.02.23 10:16:25 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.02.23 04:12:35 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.23 04:12:01 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.23 04:11:17 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.02.23 04:08:02 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.02.20 06:03:21 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2011.12.19 19:16:50 | 001,104,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011.12.19 19:16:48 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011.12.19 19:16:44 | 001,014,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011.12.19 19:16:42 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2011.11.29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.11.29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.09.20 16:57:56 | 000,060,552 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011.09.14 22:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.14 18:38:36 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.07.14 18:38:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.07.14 18:38:31 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.07.14 18:38:31 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll
MOD - [2012.07.14 18:38:29 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll
MOD - [2012.07.14 18:38:27 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.07.14 18:38:22 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.07.14 18:38:05 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.07.14 18:38:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.07.14 18:38:01 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.07.14 18:37:56 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.06.29 04:45:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.08 09:13:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.26 11:12:47 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.10 18:44:34 | 001,259,104 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2012.04.03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.02.23 17:35:16 | 000,065,464 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012.02.23 04:12:35 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.23 04:12:01 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.23 04:11:17 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.02.23 04:08:02 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.02.21 18:37:55 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012.01.19 11:40:56 | 000,248,304 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2012.01.15 23:59:44 | 000,978,056 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2012.01.11 17:34:44 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012.01.10 13:45:32 | 000,535,688 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2012.01.09 05:19:34 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.12.19 19:16:50 | 001,104,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.12.19 19:16:48 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.12.19 19:16:44 | 001,014,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011.12.08 10:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2011.12.08 10:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011.12.08 10:43:48 | 000,618,256 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.12.08 10:43:44 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.11.29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.09.14 22:06:38 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007.08.31 19:49:58 | 000,498,872 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007.08.31 18:38:24 | 000,599,320 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.12 22:02:38 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012.07.12 22:02:38 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2012.07.12 22:02:32 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2012.07.12 22:02:32 | 000,229,408 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.07.12 19:33:28 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.04.12 09:40:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.03.02 16:02:00 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:64bit: - [2012.03.02 16:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:64bit: - [2012.03.02 16:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:64bit: - [2012.03.02 16:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.27 11:22:34 | 000,676,968 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.02.24 05:05:30 | 000,421,648 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.02.24 04:32:03 | 000,102,912 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimssne)
DRV:64bit: - [2012.02.23 10:16:15 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.02.23 10:16:10 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.02.23 10:16:07 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.02.23 09:41:44 | 000,104,448 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsnxc64.sys -- (risdsnxc)
DRV:64bit: - [2012.02.23 04:09:23 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.02.21 18:53:36 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.02.21 18:46:52 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.01.26 18:37:24 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.01.26 18:37:24 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.01.16 11:01:14 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2012.01.09 05:13:12 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.01.09 05:13:12 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.01.09 01:44:44 | 011,416,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.12.14 14:26:56 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2011.12.13 11:26:20 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.12.13 11:26:18 | 000,094,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.05.24 03:00:00 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {9A2B87FE-3699-42FC-B772-A9191B0BC377}
IE - HKCU\..\SearchScopes\{9A2B87FE-3699-42FC-B772-A9191B0BC377}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..extensions.enabledAddons: amznUWL2@amazon.com:1.9
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B2d0e6aec-d11e-41ca-9b14-c9e118de14b9%7D&mid=8c630d5afda247d09ec9e1b0ab0b3ba4-7ba621511782684e3d2fff9708ec91c56fcdb6bc&ds=od011&v=11.1.0.12&lang=de&pr=sa&d=2012-07-11%2023%3A30%3A45&sap=ku&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.07.14 14:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.08 09:13:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.07.14 14:33:17 | 000,000,000 | ---D | M]
 
[2012.07.14 14:00:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeanne\AppData\Roaming\mozilla\Extensions
[2012.07.14 14:00:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeanne\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.09.18 08:58:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeanne\AppData\Roaming\mozilla\Firefox\Profiles\valz5g27.default\extensions
[2012.07.12 20:38:10 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jeanne\AppData\Roaming\mozilla\Firefox\Profiles\valz5g27.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.17 13:24:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jeanne\AppData\Roaming\mozilla\Firefox\Profiles\valz5g27.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.18 08:58:52 | 000,243,317 | ---- | M] () (No name found) -- C:\Users\Jeanne\AppData\Roaming\mozilla\firefox\profiles\valz5g27.default\extensions\amznUWL2@amazon.com.xpi
[2012.07.11 23:38:43 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\Jeanne\AppData\Roaming\mozilla\firefox\profiles\valz5g27.default\extensions\personas@christopher.beard.xpi
[2012.07.12 21:32:22 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Jeanne\AppData\Roaming\mozilla\firefox\profiles\valz5g27.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012.09.08 09:12:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.08 09:13:12 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.11 23:30:43 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.08.28 23:58:34 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jeanne\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jeanne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jeanne\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jeanne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32FA4108-A0AA-48A8-9EC2-3573929A4F8D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C69F86C4-5A71-4805-977F-DA1BF5625CA5}: DhcpNameServer = 10.100.86.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{50f22b5a-cb8d-11e1-a349-685d439f002d}\Shell - "" = AutoRun
O33 - MountPoints2\{50f22b5a-cb8d-11e1-a349-685d439f002d}\Shell\AutoRun\command - "" = G:\EasySuite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.18 18:05:48 | 000,600,576 | ---- | C] (OldTimer Tools) -- D:\Desktop\OTL.exe
[2012.09.17 21:03:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2012.09.17 13:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.17 13:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.17 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.17 13:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.09.17 09:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\uwfezwxkmunvkaf
[2012.09.16 19:31:30 | 000,000,000 | ---D | C] -- C:\Users\Jeanne\AppData\Local\Audible
[2012.09.16 19:26:50 | 000,000,000 | ---D | C] -- D:\Documents\Audible
[2012.09.16 19:26:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Audible
[2012.09.16 19:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audible
[2012.09.16 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.09.12 17:46:56 | 000,000,000 | ---D | C] -- C:\Users\Jeanne\AppData\Local\ElevatedDiagnostics
[2012.09.08 09:12:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.09.05 21:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.05 21:42:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.09.05 21:42:54 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.09.04 22:43:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.09.01 18:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTomTom 3
[2012.09.01 18:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.18 18:05:50 | 000,600,576 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
[2012.09.18 18:05:06 | 000,000,000 | ---- | M] () -- C:\Users\Jeanne\defogger_reenable
[2012.09.18 18:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.18 18:03:39 | 000,050,477 | ---- | M] () -- D:\Desktop\Defogger.exe
[2012.09.18 17:46:49 | 001,521,144 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.18 17:46:49 | 000,906,970 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.18 17:46:49 | 000,413,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.18 17:46:49 | 000,359,984 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.18 17:46:49 | 000,006,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.18 17:46:33 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.18 17:46:33 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.18 17:39:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.18 17:39:13 | 454,074,367 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.18 17:32:08 | 000,080,896 | ---- | M] () -- C:\Users\Jeanne\0.8261581603262712.exe
[2012.09.17 21:03:02 | 000,002,135 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2012.09.17 13:40:21 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.17 09:52:58 | 000,076,347 | ---- | M] () -- C:\ProgramData\rwjbclvhyhygvvb
[2012.09.04 22:44:43 | 000,001,085 | ---- | M] () -- D:\Desktop\DVDVideoSoft Free Studio.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.18 18:05:06 | 000,000,000 | ---- | C] () -- C:\Users\Jeanne\defogger_reenable
[2012.09.18 18:03:39 | 000,050,477 | ---- | C] () -- D:\Desktop\Defogger.exe
[2012.09.18 17:32:07 | 000,080,896 | ---- | C] () -- C:\Users\Jeanne\0.8261581603262712.exe
[2012.09.17 21:03:02 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
[2012.09.17 14:11:00 | 000,082,432 | ---- | C] () -- C:\Users\Jeanne\0.8514815910704817.exe
[2012.09.17 13:40:21 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.09.17 09:50:48 | 000,076,347 | ---- | C] () -- C:\ProgramData\rwjbclvhyhygvvb
[2012.08.03 17:20:38 | 000,141,920 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.07.26 11:41:22 | 000,000,817 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.07.14 14:29:00 | 000,245,263 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.07.14 14:28:59 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.07.14 14:04:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012.07.14 14:04:28 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012.06.29 05:11:24 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.02.22 04:39:57 | 013,184,512 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.02.22 04:39:57 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.02.22 04:39:57 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.02.22 04:39:57 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.02.22 04:39:57 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.02.11 01:03:27 | 001,606,426 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
========== LOP Check ==========
 
[2012.07.12 20:13:24 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\DAEMON Tools Lite
[2012.07.26 19:43:33 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\DVDFab
[2012.09.04 22:50:26 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\DVDVideoSoft
[2012.07.12 20:38:10 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.09.18 16:42:27 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\ICQ
[2012.07.14 15:45:42 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\iolo
[2012.07.11 23:26:51 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\OpenCandy
[2012.07.28 22:42:29 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\Sony
[2012.07.14 14:00:54 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\TomTom
[2012.07.26 14:22:56 | 000,000,000 | ---D | M] -- C:\Users\Jeanne\AppData\Roaming\WildTangent
[2009.07.14 07:08:49 | 000,027,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Extra.txt und defogger_disable.txt sollten im Anhang sein. Installiert ist auf dem Laptop auch Microsoft Security Essentials das drei Datein in den letzten Tagen in Quarantäne geschoben hat. Leider weiß ich nicht, wie ich ein Log von dem Programm kriege, darum habe ich jetzt erst mal Screenshots gemacht.

Vielen Dank schon mal für die Hilfe ich hoffe ich habe an alles gedacht!
Miniaturansicht angehängter Grafiken
&quot;Dieses Programm kann die Webseite nicht anziegen&quot; - Desktop geblockt-fehlermeldung.jpg  

Alt 19.09.2012, 06:54   #2
Psychotic
/// Malwareteam
 
"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt - Standard

"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt





Mein Name ist Marius und ich werde dir bei deinem Problem helfen.

Eines vorneweg:

Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg.

Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist.

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
  1. Bitte arbeite alle Schritte der Reihe nach ab.
  2. Lese die Anleitungen sorgfältig. Solltest du irgendwo nicht weiterkommen, stoppe an diesem Punkt und beschreibe dein Problem hier!
  3. Nur Scans durchführen, zu denen du von einem Helfer aufgefordert wirst.
  4. Bitte kein Crossposting (posten in mehreren Foren) - wenn du die Anweisungen mehrere Helfer ausführst, kann das schwere Probleme nach sich ziehen!.
  5. Installiere oder Deinstalliere während der Bereinigung keine Software (ausser, du wurdest dazu aufgefordert).
  6. Wenn etwas unklar ist: Frage, bevor du etwas "blind" machst!

    ...und ganz wichtig:

  7. Poste die Logfiles mit code-tags (das #-Symbol oben im Antwortfenster) in deinen Thread! Nicht anhängen, außer, ich fordere dich dazu auf. (Erschwert mir nämlich das Auswerten).


Vista und Win7 User
Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten.



Schritt 1: aswMBR



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung) Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen ) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.



Schritt 2: Scan mit TDSS-Killer



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile. TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.
__________________

__________________

Alt 19.09.2012, 09:35   #3
Nykah
 
"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt - Standard

"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt



Hallo Marius,

vielen Dank für die schnelle Reaktion und die Hilfe!

Hier die Logs:

aswMBR.txt
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-19 10:26:07
-----------------------------
10:26:07.573    OS Version: Windows x64 6.1.7601 Service Pack 1
10:26:07.573    Number of processors: 4 586 0x2A07
10:26:07.573    ComputerName: JEANNE-VAIO  UserName: Jeanne
10:26:07.663    Initialze error 1 
10:27:56.316    AVAST engine defs: 12091400
10:28:20.382    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:28:20.392    Disk 0 Vendor: Hitachi_ JFDO Size: 610480MB BusType: 3
10:28:20.432    Disk 0 MBR read successfully
10:28:20.442    Disk 0 MBR scan
10:28:20.452    Disk 0 unknown MBR code
10:28:20.462    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
10:28:20.472    Disk 0 scanning C:\Windows\system32\drivers
10:28:20.482    Service scanning
10:28:21.662    Modules scanning
10:28:21.662    Disk 0 trace - called modules:
10:28:21.682    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
10:28:21.692    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80081fb060]
10:28:21.702    3 CLASSPNP.SYS[fffff8800141743f] -> nt!IofCallDriver -> [0xfffffa800599fe40]
10:28:22.042    5 ACPI.sys[fffff88000ec17a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80059a3050]
10:28:22.052    AVAST engine scan C:\Windows
10:28:22.062    AVAST engine scan C:\Windows\system32
10:28:22.072    AVAST engine scan C:\Windows\system32\drivers
10:28:22.092    AVAST engine scan C:\Users\Jeanne
10:28:22.102    AVAST engine scan C:\ProgramData
10:28:22.112    Scan finished successfully
10:28:35.084    Disk 0 MBR has been saved successfully to "D:\Desktop\MBR.dat"
10:28:35.084    The log file has been saved successfully to "D:\Desktop\aswMBR.txt"
         
und TDSSKiller:
Code:
ATTFilter
10:29:16.0412 4612  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
10:29:16.0412 4612  UEFI system
10:29:16.0532 4612  ============================================================
10:29:16.0542 4612  Current date / time: 2012/09/19 10:29:16.0532
10:29:16.0542 4612  SystemInfo:
10:29:16.0542 4612  
10:29:16.0542 4612  OS Version: 6.1.7601 ServicePack: 1.0
10:29:16.0542 4612  Product type: Workstation
10:29:16.0542 4612  ComputerName: JEANNE-VAIO
10:29:16.0542 4612  UserName: Jeanne
10:29:16.0542 4612  Windows directory: C:\Windows
10:29:16.0542 4612  System windows directory: C:\Windows
10:29:16.0542 4612  Running under WOW64
10:29:16.0542 4612  Processor architecture: Intel x64
10:29:16.0542 4612  Number of processors: 4
10:29:16.0542 4612  Page size: 0x1000
10:29:16.0542 4612  Boot type: Normal boot
10:29:16.0542 4612  ============================================================
10:29:17.0202 4612  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:29:17.0222 4612  ============================================================
10:29:17.0222 4612  \Device\Harddisk0\DR0:
10:29:17.0222 4612  GPT partitions:
10:29:17.0222 4612  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {FE1440EC-7199-4214-A3BB-F98D5437024B}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
10:29:17.0222 4612  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FF909AD1-4DBC-4A04-9B61-B0BCF9915454}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x20D1800
10:29:17.0222 4612  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F9002631-B2C5-4BF0-B0A6-45DE8934112B}, Name: EFI system partition, StartLBA 0x2154000, BlocksNum 0x82000
10:29:17.0222 4612  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9A7F4B81-78C9-4B8D-A98A-183C339612A4}, Name: Microsoft reserved partition, StartLBA 0x21D6000, BlocksNum 0x40000
10:29:17.0222 4612  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {222E97B8-E928-4757-8745-0B34EEA5FD69}, Name: Basic data partition, StartLBA 0x2216000, BlocksNum 0x24F3A28F
10:29:17.0222 4612  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F9BFA0C3-C966-41FD-B1F7-93589816FEF9}, Name: Basic data partition, StartLBA 0x27150800, BlocksNum 0x23707800
10:29:17.0222 4612  MBR partitions:
10:29:17.0222 4612  ============================================================
10:29:17.0252 4612  C: <-> \Device\Harddisk0\DR0\Partition5
10:29:17.0312 4612  D: <-> \Device\Harddisk0\DR0\Partition6
10:29:17.0312 4612  ============================================================
10:29:17.0312 4612  Initialize success
10:29:17.0312 4612  ============================================================
10:29:20.0702 5072  ============================================================
10:29:20.0702 5072  Scan started
10:29:20.0702 5072  Mode: Manual; 
10:29:20.0702 5072  ============================================================
10:29:20.0982 5072  ================ Scan system memory ========================
10:29:20.0982 5072  System memory - ok
10:29:20.0992 5072  ================ Scan services =============================
10:29:21.0332 5072  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:29:21.0342 5072  1394ohci - ok
10:29:21.0422 5072  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:29:21.0422 5072  ACDaemon - ok
10:29:21.0462 5072  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:29:21.0472 5072  ACPI - ok
10:29:21.0482 5072  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:29:21.0492 5072  AcpiPmi - ok
10:29:21.0542 5072  [ 4C096D550B6BC71D9D9A8716995C1879 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
10:29:21.0552 5072  AcrSch2Svc - ok
10:29:21.0632 5072  [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
10:29:21.0642 5072  AdobeActiveFileMonitor10.0 - ok
10:29:21.0702 5072  [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:29:21.0712 5072  AdobeARMservice - ok
10:29:21.0832 5072  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:29:21.0832 5072  AdobeFlashPlayerUpdateSvc - ok
10:29:21.0882 5072  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:29:21.0892 5072  adp94xx - ok
10:29:21.0922 5072  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:29:21.0932 5072  adpahci - ok
10:29:21.0942 5072  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:29:21.0952 5072  adpu320 - ok
10:29:21.0972 5072  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:29:21.0982 5072  AeLookupSvc - ok
10:29:22.0022 5072  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
10:29:22.0032 5072  AFD - ok
10:29:22.0072 5072  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:29:22.0072 5072  agp440 - ok
10:29:22.0102 5072  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
10:29:22.0102 5072  ALG - ok
10:29:22.0122 5072  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:29:22.0122 5072  aliide - ok
10:29:22.0132 5072  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:29:22.0132 5072  amdide - ok
10:29:22.0142 5072  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:29:22.0152 5072  AmdK8 - ok
10:29:22.0152 5072  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:29:22.0162 5072  AmdPPM - ok
10:29:22.0182 5072  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:29:22.0192 5072  amdsata - ok
10:29:22.0232 5072  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:29:22.0232 5072  amdsbs - ok
10:29:22.0242 5072  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:29:22.0252 5072  amdxata - ok
10:29:22.0282 5072  [ 1C591C1A0CB8ABE215FF66F9A1D8E955 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
10:29:22.0282 5072  AMPPAL - ok
10:29:22.0292 5072  [ 1C591C1A0CB8ABE215FF66F9A1D8E955 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
10:29:22.0302 5072  AMPPALP - ok
10:29:22.0392 5072  [ E1841818278F2A9D66F834451D608AEA ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
10:29:22.0402 5072  AMPPALR3 - ok
10:29:22.0432 5072  [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus          C:\Windows\system32\DRIVERS\lgandbus64.sys
10:29:22.0442 5072  Andbus - ok
10:29:22.0452 5072  [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag         C:\Windows\system32\DRIVERS\lganddiag64.sys
10:29:22.0462 5072  AndDiag - ok
10:29:22.0482 5072  [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps          C:\Windows\system32\DRIVERS\lgandgps64.sys
10:29:22.0482 5072  AndGps - ok
10:29:22.0502 5072  [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem        C:\Windows\system32\DRIVERS\lgandmodem64.sys
10:29:22.0502 5072  ANDModem - ok
10:29:22.0542 5072  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
10:29:22.0542 5072  AppID - ok
10:29:22.0572 5072  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:29:22.0572 5072  AppIDSvc - ok
10:29:22.0582 5072  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
10:29:22.0582 5072  Appinfo - ok
10:29:22.0632 5072  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:29:22.0632 5072  Apple Mobile Device - ok
10:29:22.0652 5072  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:29:22.0662 5072  AppMgmt - ok
10:29:22.0682 5072  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
10:29:22.0682 5072  arc - ok
10:29:22.0692 5072  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:29:22.0692 5072  arcsas - ok
10:29:22.0842 5072  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:29:22.0842 5072  aspnet_state - ok
10:29:22.0882 5072  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:29:22.0883 5072  AsyncMac - ok
10:29:22.0913 5072  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
10:29:22.0913 5072  atapi - ok
10:29:22.0973 5072  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
10:29:23.0003 5072  athr - ok
10:29:23.0043 5072  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:29:23.0063 5072  AudioEndpointBuilder - ok
10:29:23.0073 5072  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:29:23.0083 5072  AudioSrv - ok
10:29:23.0113 5072  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:29:23.0113 5072  AxInstSV - ok
10:29:23.0153 5072  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:29:23.0153 5072  b06bdrv - ok
10:29:23.0183 5072  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:29:23.0183 5072  b57nd60a - ok
10:29:23.0233 5072  [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:29:23.0243 5072  BBSvc - ok
10:29:23.0273 5072  [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:29:23.0283 5072  BBUpdate - ok
10:29:23.0303 5072  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:29:23.0303 5072  BDESVC - ok
10:29:23.0313 5072  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:29:23.0323 5072  Beep - ok
10:29:23.0353 5072  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
10:29:23.0373 5072  BFE - ok
10:29:23.0413 5072  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
10:29:23.0433 5072  BITS - ok
10:29:23.0453 5072  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:29:23.0463 5072  blbdrive - ok
10:29:23.0533 5072  [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
10:29:23.0553 5072  Bluetooth Device Monitor - ok
10:29:23.0583 5072  [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
10:29:23.0593 5072  Bluetooth Media Service - ok
10:29:23.0663 5072  [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
10:29:23.0683 5072  Bluetooth OBEX Service - ok
10:29:23.0713 5072  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:29:23.0723 5072  Bonjour Service - ok
10:29:23.0743 5072  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:29:23.0743 5072  bowser - ok
10:29:23.0773 5072  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:29:23.0773 5072  BrFiltLo - ok
10:29:23.0783 5072  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:29:23.0783 5072  BrFiltUp - ok
10:29:23.0803 5072  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
10:29:23.0813 5072  Browser - ok
10:29:23.0813 5072  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:29:23.0823 5072  Brserid - ok
10:29:23.0823 5072  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:29:23.0833 5072  BrSerWdm - ok
10:29:23.0833 5072  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:29:23.0833 5072  BrUsbMdm - ok
10:29:23.0843 5072  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:29:23.0843 5072  BrUsbSer - ok
10:29:23.0873 5072  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
10:29:23.0873 5072  BthEnum - ok
10:29:23.0893 5072  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:29:23.0903 5072  BTHMODEM - ok
10:29:23.0923 5072  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:29:23.0923 5072  BthPan - ok
10:29:23.0943 5072  [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
10:29:23.0953 5072  BTHPORT - ok
10:29:23.0993 5072  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
10:29:23.0993 5072  bthserv - ok
10:29:24.0003 5072  [ 618AFD0072F4A672977484BFF6FE4FE2 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
10:29:24.0003 5072  BTHSSecurityMgr - ok
10:29:24.0033 5072  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
10:29:24.0033 5072  BTHUSB - ok
10:29:24.0073 5072  [ 988CC6CC49303665D3B2435C51505C3F ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
10:29:24.0073 5072  btmaux - ok
10:29:24.0113 5072  [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
10:29:24.0123 5072  btmhsf - ok
10:29:24.0153 5072  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:29:24.0153 5072  cdfs - ok
10:29:24.0193 5072  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:29:24.0203 5072  cdrom - ok
10:29:24.0233 5072  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
10:29:24.0233 5072  CertPropSvc - ok
10:29:24.0253 5072  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
10:29:24.0253 5072  circlass - ok
10:29:24.0273 5072  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
10:29:24.0283 5072  CLFS - ok
10:29:24.0333 5072  [ BB86F147B2A7152E4B4D71A2F0A87D41 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
10:29:24.0343 5072  CLKMSVC10_9EC60124 - ok
10:29:24.0383 5072  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:29:24.0393 5072  clr_optimization_v2.0.50727_32 - ok
10:29:24.0423 5072  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:29:24.0433 5072  clr_optimization_v2.0.50727_64 - ok
10:29:24.0493 5072  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:29:24.0493 5072  clr_optimization_v4.0.30319_32 - ok
10:29:24.0523 5072  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:29:24.0523 5072  clr_optimization_v4.0.30319_64 - ok
10:29:24.0553 5072  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:29:24.0563 5072  CmBatt - ok
10:29:24.0583 5072  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:29:24.0583 5072  cmdide - ok
10:29:24.0613 5072  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
10:29:24.0623 5072  CNG - ok
10:29:24.0643 5072  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:29:24.0643 5072  Compbatt - ok
10:29:24.0663 5072  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:29:24.0673 5072  CompositeBus - ok
10:29:24.0683 5072  COMSysApp - ok
10:29:24.0793 5072  [ 0DEC8F5E3D004E08AB0E4494B1590D24 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:29:24.0803 5072  cphs - ok
10:29:24.0823 5072  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:29:24.0823 5072  crcdisk - ok
10:29:24.0863 5072  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:29:24.0873 5072  CryptSvc - ok
10:29:24.0893 5072  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
10:29:24.0903 5072  CSC - ok
10:29:24.0933 5072  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
10:29:24.0953 5072  CscService - ok
10:29:25.0063 5072  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:29:25.0073 5072  DcomLaunch - ok
10:29:25.0123 5072  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
10:29:25.0133 5072  defragsvc - ok
10:29:25.0163 5072  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:29:25.0163 5072  DfsC - ok
10:29:25.0203 5072  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:29:25.0213 5072  Dhcp - ok
10:29:25.0223 5072  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
10:29:25.0223 5072  discache - ok
10:29:25.0263 5072  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
10:29:25.0263 5072  Disk - ok
10:29:25.0283 5072  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
10:29:25.0283 5072  dmvsc - ok
10:29:25.0323 5072  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:29:25.0333 5072  Dnscache - ok
10:29:25.0353 5072  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:29:25.0363 5072  dot3svc - ok
10:29:25.0403 5072  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:29:25.0413 5072  Dot4 - ok
10:29:25.0423 5072  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:29:25.0423 5072  Dot4Print - ok
10:29:25.0433 5072  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:29:25.0443 5072  dot4usb - ok
10:29:25.0463 5072  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
10:29:25.0473 5072  DPS - ok
10:29:25.0513 5072  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:29:25.0513 5072  drmkaud - ok
10:29:25.0543 5072  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:29:25.0553 5072  dtsoftbus01 - ok
10:29:25.0583 5072  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:29:25.0593 5072  DXGKrnl - ok
10:29:25.0623 5072  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
10:29:25.0633 5072  e1yexpress - ok
10:29:25.0653 5072  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
10:29:25.0663 5072  EapHost - ok
10:29:25.0743 5072  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:29:25.0783 5072  ebdrv - ok
10:29:25.0813 5072  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
10:29:25.0813 5072  EFS - ok
10:29:25.0873 5072  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:29:25.0893 5072  ehRecvr - ok
10:29:25.0903 5072  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
10:29:25.0903 5072  ehSched - ok
10:29:25.0943 5072  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:29:25.0953 5072  elxstor - ok
10:29:25.0963 5072  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:29:25.0963 5072  ErrDev - ok
10:29:26.0003 5072  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
10:29:26.0013 5072  EventSystem - ok
10:29:26.0083 5072  [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:29:26.0093 5072  EvtEng - ok
10:29:26.0113 5072  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
10:29:26.0113 5072  exfat - ok
10:29:26.0133 5072  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:29:26.0133 5072  fastfat - ok
10:29:26.0173 5072  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
10:29:26.0193 5072  Fax - ok
10:29:26.0223 5072  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
10:29:26.0223 5072  fdc - ok
10:29:26.0233 5072  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:29:26.0243 5072  fdPHost - ok
10:29:26.0253 5072  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:29:26.0253 5072  FDResPub - ok
10:29:26.0263 5072  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:29:26.0273 5072  FileInfo - ok
10:29:26.0283 5072  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:29:26.0283 5072  Filetrace - ok
10:29:26.0293 5072  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:29:26.0293 5072  flpydisk - ok
10:29:26.0313 5072  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:29:26.0323 5072  FltMgr - ok
10:29:26.0363 5072  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
10:29:26.0383 5072  FontCache - ok
10:29:26.0423 5072  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:29:26.0423 5072  FontCache3.0.0.0 - ok
10:29:26.0433 5072  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:29:26.0433 5072  FsDepends - ok
10:29:26.0463 5072  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:29:26.0463 5072  Fs_Rec - ok
10:29:26.0503 5072  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:29:26.0503 5072  fvevol - ok
10:29:26.0523 5072  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:29:26.0533 5072  gagp30kx - ok
10:29:26.0583 5072  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:29:26.0583 5072  GamesAppService - ok
10:29:26.0623 5072  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:29:26.0623 5072  GEARAspiWDM - ok
10:29:26.0663 5072  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
10:29:26.0673 5072  gpsvc - ok
10:29:26.0693 5072  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:29:26.0703 5072  hcw85cir - ok
10:29:26.0733 5072  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:29:26.0753 5072  HdAudAddService - ok
10:29:26.0793 5072  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:29:26.0793 5072  HDAudBus - ok
10:29:26.0803 5072  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:29:26.0803 5072  HidBatt - ok
10:29:26.0833 5072  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:29:26.0833 5072  HidBth - ok
10:29:26.0843 5072  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:29:26.0843 5072  HidIr - ok
10:29:26.0873 5072  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
10:29:26.0873 5072  hidserv - ok
10:29:26.0903 5072  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:29:26.0903 5072  HidUsb - ok
10:29:26.0933 5072  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:29:26.0933 5072  hkmsvc - ok
10:29:26.0963 5072  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:29:26.0963 5072  HomeGroupListener - ok
10:29:26.0993 5072  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:29:27.0003 5072  HomeGroupProvider - ok
10:29:27.0103 5072  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:29:27.0113 5072  hpqcxs08 - ok
10:29:27.0123 5072  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:29:27.0133 5072  hpqddsvc - ok
10:29:27.0163 5072  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:29:27.0163 5072  HpSAMD - ok
10:29:27.0243 5072  [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:29:27.0263 5072  HPSLPSVC - ok
10:29:27.0303 5072  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:29:27.0313 5072  HTTP - ok
10:29:27.0343 5072  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:29:27.0343 5072  hwpolicy - ok
10:29:27.0353 5072  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:29:27.0363 5072  i8042prt - ok
10:29:27.0403 5072  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
10:29:27.0403 5072  iaStor - ok
10:29:27.0473 5072  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:29:27.0473 5072  IAStorDataMgrSvc - ok
10:29:27.0513 5072  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:29:27.0523 5072  iaStorV - ok
10:29:27.0553 5072  [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
10:29:27.0563 5072  ibtfltcoex - ok
10:29:27.0603 5072  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:29:27.0613 5072  idsvc - ok
10:29:27.0893 5072  [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:29:28.0143 5072  igfx - ok
10:29:28.0173 5072  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:29:28.0173 5072  iirsp - ok
10:29:28.0223 5072  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
10:29:28.0243 5072  IKEEXT - ok
10:29:28.0273 5072  [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
10:29:28.0273 5072  intaud_WaveExtensible - ok
10:29:28.0403 5072  [ 6A0E2A1E2A1E1DBAA17EE02F3A7EF0A6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:29:28.0433 5072  IntcAzAudAddService - ok
10:29:28.0463 5072  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:29:28.0473 5072  IntcDAud - ok
10:29:28.0503 5072  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:29:28.0513 5072  Intel(R) Capability Licensing Service Interface - ok
10:29:28.0553 5072  [ 9571D8BDB56EBC52280E8020574508E6 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
10:29:28.0563 5072  Intel(R) ME Service - ok
10:29:28.0583 5072  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
10:29:28.0583 5072  intelide - ok
10:29:28.0613 5072  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:29:28.0613 5072  intelppm - ok
10:29:28.0643 5072  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:29:28.0643 5072  IPBusEnum - ok
10:29:28.0653 5072  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:29:28.0653 5072  IpFilterDriver - ok
10:29:28.0683 5072  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:29:28.0703 5072  iphlpsvc - ok
10:29:28.0703 5072  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:29:28.0713 5072  IPMIDRV - ok
10:29:28.0743 5072  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:29:28.0743 5072  IPNAT - ok
10:29:28.0793 5072  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:29:28.0813 5072  iPod Service - ok
10:29:28.0843 5072  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:29:28.0843 5072  IRENUM - ok
10:29:28.0853 5072  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:29:28.0863 5072  isapnp - ok
10:29:28.0883 5072  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:29:28.0893 5072  iScsiPrt - ok
10:29:28.0903 5072  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:29:28.0903 5072  iusb3hcs - ok
10:29:28.0923 5072  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
10:29:28.0933 5072  iusb3hub - ok
10:29:28.0973 5072  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:29:28.0983 5072  iusb3xhc - ok
10:29:29.0023 5072  [ 716F66336F10885D935B08174DC54242 ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
10:29:29.0023 5072  iwdbus - ok
10:29:29.0063 5072  [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:29:29.0063 5072  jhi_service - ok
10:29:29.0093 5072  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:29:29.0093 5072  kbdclass - ok
10:29:29.0123 5072  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:29:29.0123 5072  kbdhid - ok
10:29:29.0143 5072  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
10:29:29.0143 5072  KeyIso - ok
10:29:29.0163 5072  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:29:29.0163 5072  KSecDD - ok
10:29:29.0183 5072  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:29:29.0193 5072  KSecPkg - ok
10:29:29.0223 5072  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:29:29.0233 5072  ksthunk - ok
10:29:29.0273 5072  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:29:29.0273 5072  KtmRm - ok
10:29:29.0303 5072  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:29:29.0313 5072  LanmanServer - ok
10:29:29.0333 5072  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:29:29.0343 5072  LanmanWorkstation - ok
10:29:29.0373 5072  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:29:29.0373 5072  lltdio - ok
10:29:29.0413 5072  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:29:29.0423 5072  lltdsvc - ok
10:29:29.0433 5072  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:29:29.0443 5072  lmhosts - ok
10:29:29.0483 5072  [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:29:29.0483 5072  LMS - ok
10:29:29.0523 5072  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:29:29.0523 5072  LSI_FC - ok
10:29:29.0533 5072  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:29:29.0533 5072  LSI_SAS - ok
10:29:29.0543 5072  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:29:29.0543 5072  LSI_SAS2 - ok
10:29:29.0553 5072  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:29:29.0563 5072  LSI_SCSI - ok
10:29:29.0583 5072  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:29:29.0583 5072  luafv - ok
10:29:29.0593 5072  McAfee SiteAdvisor Service - ok
10:29:29.0623 5072  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:29:29.0633 5072  Mcx2Svc - ok
10:29:29.0653 5072  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:29:29.0653 5072  megasas - ok
10:29:29.0663 5072  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:29:29.0673 5072  MegaSR - ok
10:29:29.0693 5072  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:29:29.0703 5072  MEIx64 - ok
10:29:29.0743 5072  Microsoft SharePoint Workspace Audit Service - ok
10:29:29.0763 5072  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
10:29:29.0763 5072  MMCSS - ok
10:29:29.0793 5072  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
10:29:29.0793 5072  Modem - ok
10:29:29.0813 5072  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:29:29.0813 5072  monitor - ok
10:29:29.0843 5072  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:29:29.0843 5072  mouclass - ok
10:29:29.0883 5072  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:29:29.0883 5072  mouhid - ok
10:29:29.0893 5072  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:29:29.0893 5072  mountmgr - ok
10:29:29.0944 5072  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:29:29.0944 5072  MozillaMaintenance - ok
10:29:29.0984 5072  [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:29:29.0984 5072  MpFilter - ok
10:29:30.0004 5072  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:29:30.0014 5072  mpio - ok
10:29:30.0034 5072  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:29:30.0034 5072  mpsdrv - ok
10:29:30.0074 5072  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:29:30.0094 5072  MpsSvc - ok
10:29:30.0104 5072  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:29:30.0104 5072  MRxDAV - ok
10:29:30.0124 5072  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:29:30.0134 5072  mrxsmb - ok
10:29:30.0144 5072  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:29:30.0154 5072  mrxsmb10 - ok
10:29:30.0174 5072  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:29:30.0174 5072  mrxsmb20 - ok
10:29:30.0184 5072  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:29:30.0184 5072  msahci - ok
10:29:30.0204 5072  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:29:30.0204 5072  msdsm - ok
10:29:30.0224 5072  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
10:29:30.0234 5072  MSDTC - ok
10:29:30.0264 5072  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:29:30.0264 5072  Msfs - ok
10:29:30.0274 5072  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:29:30.0274 5072  mshidkmdf - ok
10:29:30.0284 5072  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:29:30.0284 5072  msisadrv - ok
10:29:30.0324 5072  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:29:30.0324 5072  MSiSCSI - ok
10:29:30.0334 5072  msiserver - ok
10:29:30.0364 5072  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:29:30.0364 5072  MSKSSRV - ok
10:29:30.0414 5072  [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:29:30.0414 5072  MsMpSvc - ok
10:29:30.0434 5072  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:29:30.0434 5072  MSPCLOCK - ok
10:29:30.0454 5072  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:29:30.0454 5072  MSPQM - ok
10:29:30.0484 5072  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:29:30.0484 5072  MsRPC - ok
10:29:30.0504 5072  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:29:30.0504 5072  mssmbios - ok
10:29:30.0534 5072  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:29:30.0534 5072  MSTEE - ok
10:29:30.0544 5072  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:29:30.0544 5072  MTConfig - ok
10:29:30.0564 5072  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:29:30.0564 5072  Mup - ok
10:29:30.0614 5072  [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:29:30.0614 5072  MyWiFiDHCPDNS - ok
10:29:30.0644 5072  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
10:29:30.0664 5072  napagent - ok
10:29:30.0714 5072  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:29:30.0714 5072  NativeWifiP - ok
10:29:30.0804 5072  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:29:30.0824 5072  NDIS - ok
10:29:30.0854 5072  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:29:30.0854 5072  NdisCap - ok
10:29:30.0874 5072  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:29:30.0874 5072  NdisTapi - ok
10:29:30.0904 5072  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:29:30.0904 5072  Ndisuio - ok
10:29:30.0934 5072  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:29:30.0934 5072  NdisWan - ok
10:29:30.0944 5072  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:29:30.0944 5072  NDProxy - ok
10:29:30.0994 5072  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:29:30.0994 5072  Net Driver HPZ12 - ok
10:29:31.0024 5072  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:29:31.0024 5072  NetBIOS - ok
10:29:31.0044 5072  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:29:31.0054 5072  NetBT - ok
10:29:31.0064 5072  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
10:29:31.0064 5072  Netlogon - ok
10:29:31.0104 5072  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
10:29:31.0114 5072  Netman - ok
10:29:31.0174 5072  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:29:31.0174 5072  NetMsmqActivator - ok
10:29:31.0184 5072  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:29:31.0184 5072  NetPipeActivator - ok
10:29:31.0224 5072  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
10:29:31.0234 5072  netprofm - ok
10:29:31.0244 5072  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:29:31.0244 5072  NetTcpActivator - ok
10:29:31.0254 5072  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:29:31.0254 5072  NetTcpPortSharing - ok
10:29:31.0474 5072  [ 47DC062656EA661FE9175DBACAD00E9D ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
10:29:31.0674 5072  NETwNs64 - ok
10:29:31.0704 5072  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:29:31.0714 5072  nfrd960 - ok
10:29:31.0744 5072  [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:29:31.0744 5072  NisDrv - ok
10:29:31.0764 5072  [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
10:29:31.0774 5072  NisSrv - ok
10:29:31.0814 5072  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:29:31.0824 5072  NlaSvc - ok
10:29:31.0844 5072  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:29:31.0844 5072  Npfs - ok
10:29:31.0864 5072  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
10:29:31.0874 5072  nsi - ok
10:29:31.0884 5072  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:29:31.0884 5072  nsiproxy - ok
10:29:31.0954 5072  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:29:31.0984 5072  Ntfs - ok
10:29:32.0014 5072  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
10:29:32.0014 5072  Null - ok
10:29:32.0254 5072  [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:29:32.0454 5072  nvlddmkm - ok
10:29:32.0484 5072  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:29:32.0484 5072  nvraid - ok
10:29:32.0494 5072  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:29:32.0494 5072  nvstor - ok
10:29:32.0524 5072  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:29:32.0534 5072  nv_agp - ok
10:29:32.0534 5072  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:29:32.0544 5072  ohci1394 - ok
10:29:32.0614 5072  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:29:32.0614 5072  ose - ok
10:29:32.0774 5072  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:29:32.0834 5072  osppsvc - ok
10:29:32.0874 5072  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:29:32.0874 5072  p2pimsvc - ok
10:29:32.0894 5072  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:29:32.0894 5072  p2psvc - ok
10:29:32.0914 5072  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
10:29:32.0914 5072  Parport - ok
10:29:32.0944 5072  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:29:32.0944 5072  partmgr - ok
10:29:32.0964 5072  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:29:32.0964 5072  PcaSvc - ok
10:29:32.0984 5072  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
10:29:32.0984 5072  pci - ok
10:29:32.0994 5072  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
10:29:32.0994 5072  pciide - ok
10:29:33.0014 5072  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:29:33.0024 5072  pcmcia - ok
10:29:33.0034 5072  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:29:33.0034 5072  pcw - ok
10:29:33.0064 5072  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:29:33.0074 5072  PEAUTH - ok
10:29:33.0124 5072  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:29:33.0154 5072  PeerDistSvc - ok
10:29:33.0234 5072  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:29:33.0234 5072  PerfHost - ok
10:29:33.0304 5072  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
10:29:33.0334 5072  pla - ok
10:29:33.0374 5072  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:29:33.0384 5072  PlugPlay - ok
10:29:33.0424 5072  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:29:33.0424 5072  Pml Driver HPZ12 - ok
10:29:33.0454 5072  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:29:33.0454 5072  PNRPAutoReg - ok
10:29:33.0474 5072  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:29:33.0484 5072  PNRPsvc - ok
10:29:33.0514 5072  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:29:33.0524 5072  PolicyAgent - ok
10:29:33.0544 5072  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
10:29:33.0554 5072  Power - ok
10:29:33.0584 5072  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:29:33.0584 5072  PptpMiniport - ok
10:29:33.0604 5072  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
10:29:33.0604 5072  Processor - ok
10:29:33.0634 5072  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:29:33.0644 5072  ProfSvc - ok
10:29:33.0654 5072  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:29:33.0654 5072  ProtectedStorage - ok
10:29:33.0674 5072  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:29:33.0674 5072  Psched - ok
10:29:33.0704 5072  [ F2EECF8977BD3FE4E38743DDCFBECD20 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
10:29:33.0714 5072  PxHlpa64 - ok
10:29:33.0774 5072  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:29:33.0804 5072  ql2300 - ok
10:29:33.0814 5072  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:29:33.0824 5072  ql40xx - ok
10:29:33.0844 5072  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
10:29:33.0844 5072  QWAVE - ok
10:29:33.0864 5072  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:29:33.0864 5072  QWAVEdrv - ok
10:29:33.0864 5072  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:29:33.0874 5072  RasAcd - ok
10:29:33.0894 5072  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:29:33.0894 5072  RasAgileVpn - ok
10:29:33.0914 5072  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
10:29:33.0914 5072  RasAuto - ok
10:29:33.0944 5072  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:29:33.0944 5072  Rasl2tp - ok
10:29:33.0984 5072  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
10:29:33.0994 5072  RasMan - ok
10:29:34.0014 5072  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:29:34.0014 5072  RasPppoe - ok
10:29:34.0024 5072  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:29:34.0024 5072  RasSstp - ok
10:29:34.0044 5072  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:29:34.0044 5072  rdbss - ok
10:29:34.0064 5072  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:29:34.0064 5072  rdpbus - ok
10:29:34.0074 5072  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:29:34.0084 5072  RDPCDD - ok
10:29:34.0104 5072  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:29:34.0104 5072  RDPDR - ok
10:29:34.0124 5072  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:29:34.0124 5072  RDPENCDD - ok
10:29:34.0134 5072  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:29:34.0134 5072  RDPREFMP - ok
10:29:34.0164 5072  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:29:34.0174 5072  RDPWD - ok
10:29:34.0194 5072  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:29:34.0204 5072  rdyboost - ok
10:29:34.0274 5072  [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:29:34.0274 5072  RegSrvc - ok
10:29:34.0304 5072  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:29:34.0314 5072  RemoteAccess - ok
10:29:34.0344 5072  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:29:34.0354 5072  RemoteRegistry - ok
10:29:34.0394 5072  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:29:34.0404 5072  RFCOMM - ok
10:29:34.0444 5072  [ 76157F737959CECF9AC4AE5783493075 ] rimssne         C:\Windows\system32\DRIVERS\rimssne64.sys
10:29:34.0444 5072  rimssne - ok
10:29:34.0464 5072  [ 0D45CECAAAB65E5598E8DD8BBD2CBDD2 ] risdsnxc        C:\Windows\system32\DRIVERS\risdsnxc64.sys
10:29:34.0464 5072  risdsnxc - ok
10:29:34.0484 5072  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:29:34.0494 5072  RpcEptMapper - ok
10:29:34.0514 5072  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
10:29:34.0524 5072  RpcLocator - ok
10:29:34.0544 5072  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
10:29:34.0554 5072  RpcSs - ok
10:29:34.0584 5072  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:29:34.0594 5072  rspndr - ok
10:29:34.0624 5072  [ 39A719875F572241C585A629EE62EB14 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:29:34.0634 5072  RTL8167 - ok
10:29:34.0644 5072  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
10:29:34.0644 5072  s3cap - ok
10:29:34.0664 5072  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
10:29:34.0664 5072  SamSs - ok
10:29:34.0684 5072  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:29:34.0684 5072  sbp2port - ok
10:29:34.0714 5072  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:29:34.0724 5072  SCardSvr - ok
10:29:34.0754 5072  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:29:34.0754 5072  scfilter - ok
10:29:34.0794 5072  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
10:29:34.0814 5072  Schedule - ok
10:29:34.0844 5072  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:29:34.0854 5072  SCPolicySvc - ok
10:29:34.0894 5072  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
10:29:34.0894 5072  sdbus - ok
10:29:34.0924 5072  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:29:34.0934 5072  SDRSVC - ok
10:29:34.0954 5072  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:29:34.0954 5072  secdrv - ok
10:29:34.0974 5072  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
10:29:34.0984 5072  seclogon - ok
10:29:35.0014 5072  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
10:29:35.0024 5072  SENS - ok
10:29:35.0054 5072  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:29:35.0064 5072  SensrSvc - ok
10:29:35.0094 5072  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:29:35.0094 5072  Serenum - ok
10:29:35.0104 5072  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
10:29:35.0104 5072  Serial - ok
10:29:35.0114 5072  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:29:35.0124 5072  sermouse - ok
10:29:35.0154 5072  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:29:35.0164 5072  SessionEnv - ok
10:29:35.0204 5072  [ 85D0F874734C105D02280B39BF0AD23F ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
10:29:35.0234 5072  SFEP - ok
10:29:35.0254 5072  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:29:35.0254 5072  sffdisk - ok
10:29:35.0264 5072  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:29:35.0274 5072  sffp_mmc - ok
10:29:35.0274 5072  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:29:35.0284 5072  sffp_sd - ok
10:29:35.0284 5072  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:29:35.0294 5072  sfloppy - ok
10:29:35.0324 5072  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:29:35.0334 5072  SharedAccess - ok
10:29:35.0374 5072  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:29:35.0384 5072  ShellHWDetection - ok
10:29:35.0404 5072  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:29:35.0404 5072  SiSRaid2 - ok
10:29:35.0424 5072  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:29:35.0424 5072  SiSRaid4 - ok
10:29:35.0484 5072  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:29:35.0484 5072  SkypeUpdate - ok
10:29:35.0514 5072  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:29:35.0514 5072  Smb - ok
10:29:35.0564 5072  [ D33F37DD403741982DBE99C7B6B6FF63 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
10:29:35.0564 5072  snapman - ok
10:29:35.0594 5072  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:29:35.0594 5072  SNMPTRAP - ok
10:29:35.0614 5072  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:29:35.0614 5072  spldr - ok
10:29:35.0644 5072  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
10:29:35.0664 5072  Spooler - ok
10:29:35.0754 5072  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
10:29:35.0824 5072  sppsvc - ok
10:29:35.0844 5072  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:29:35.0844 5072  sppuinotify - ok
10:29:35.0874 5072  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:29:35.0884 5072  srv - ok
10:29:35.0894 5072  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:29:35.0904 5072  srv2 - ok
10:29:35.0924 5072  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:29:35.0924 5072  srvnet - ok
10:29:35.0954 5072  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:29:35.0964 5072  SSDPSRV - ok
10:29:35.0984 5072  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:29:35.0984 5072  SstpSvc - ok
10:29:36.0004 5072  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:29:36.0004 5072  stexstor - ok
10:29:36.0034 5072  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
10:29:36.0044 5072  stisvc - ok
10:29:36.0054 5072  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
10:29:36.0054 5072  storflt - ok
10:29:36.0074 5072  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
10:29:36.0084 5072  StorSvc - ok
10:29:36.0114 5072  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:29:36.0114 5072  storvsc - ok
10:29:36.0134 5072  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:29:36.0134 5072  swenum - ok
10:29:36.0154 5072  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
10:29:36.0164 5072  swprv - ok
10:29:36.0204 5072  [ A7B18B920901CD5E11B196869C6F9F0E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:29:36.0204 5072  SynTP - ok
10:29:36.0264 5072  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
10:29:36.0294 5072  SysMain - ok
10:29:36.0314 5072  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:29:36.0314 5072  TabletInputService - ok
10:29:36.0334 5072  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:29:36.0344 5072  TapiSrv - ok
10:29:36.0374 5072  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
10:29:36.0374 5072  TBS - ok
10:29:36.0434 5072  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:29:36.0464 5072  Tcpip - ok
10:29:36.0514 5072  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:29:36.0534 5072  TCPIP6 - ok
10:29:36.0554 5072  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:29:36.0554 5072  tcpipreg - ok
10:29:36.0574 5072  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:29:36.0574 5072  TDPIPE - ok
10:29:36.0594 5072  [ 0735948466EC4FD24AA4AD36448C6888 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
10:29:36.0604 5072  tdrpman - ok
10:29:36.0634 5072  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:29:36.0634 5072  TDTCP - ok
10:29:36.0664 5072  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:29:36.0664 5072  tdx - ok
10:29:36.0684 5072  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:29:36.0684 5072  TermDD - ok
10:29:36.0724 5072  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
10:29:36.0744 5072  TermService - ok
10:29:36.0754 5072  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
10:29:36.0764 5072  Themes - ok
10:29:36.0784 5072  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
10:29:36.0794 5072  THREADORDER - ok
10:29:36.0814 5072  [ 8FF7D3276F47938AD11FD15B4EB1ABF6 ] tifsfilter      C:\Windows\system32\DRIVERS\tifsfilt.sys
10:29:36.0824 5072  tifsfilter - ok
10:29:36.0844 5072  [ 5D21EC50C03387B9519E87A303D0850B ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
10:29:36.0864 5072  timounter - ok
10:29:36.0934 5072  [ E319535A8124F25C1C9C5288CACF3101 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
10:29:36.0944 5072  TomTomHOMEService - ok
10:29:36.0964 5072  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
10:29:36.0974 5072  TrkWks - ok
10:29:37.0024 5072  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:29:37.0034 5072  TrustedInstaller - ok
10:29:37.0084 5072  [ 7C9159A4647AC97CFA106BFB38789FB8 ] TryAndDecideService C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
10:29:37.0094 5072  TryAndDecideService - ok
10:29:37.0114 5072  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:29:37.0124 5072  tssecsrv - ok
10:29:37.0154 5072  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:29:37.0154 5072  TsUsbFlt - ok
10:29:37.0164 5072  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:29:37.0174 5072  TsUsbGD - ok
10:29:37.0194 5072  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:29:37.0194 5072  tunnel - ok
10:29:37.0204 5072  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:29:37.0214 5072  uagp35 - ok
10:29:37.0224 5072  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:29:37.0234 5072  udfs - ok
10:29:37.0264 5072  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:29:37.0274 5072  UI0Detect - ok
10:29:37.0294 5072  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:29:37.0294 5072  uliagpkx - ok
10:29:37.0324 5072  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:29:37.0324 5072  umbus - ok
10:29:37.0344 5072  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:29:37.0344 5072  UmPass - ok
10:29:37.0374 5072  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
10:29:37.0384 5072  UmRdpService - ok
10:29:37.0464 5072  [ D80B1075B69B57A3AB78F750CE463ECE ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:29:37.0474 5072  UNS - ok
10:29:37.0514 5072  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
10:29:37.0524 5072  upnphost - ok
10:29:37.0554 5072  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:29:37.0554 5072  USBAAPL64 - ok
10:29:37.0584 5072  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:29:37.0594 5072  usbccgp - ok
10:29:37.0614 5072  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:29:37.0624 5072  usbcir - ok
10:29:37.0634 5072  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:29:37.0644 5072  usbehci - ok
10:29:37.0684 5072  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:29:37.0684 5072  usbhub - ok
10:29:37.0704 5072  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:29:37.0704 5072  usbohci - ok
10:29:37.0724 5072  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:29:37.0724 5072  usbprint - ok
10:29:37.0754 5072  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:29:37.0764 5072  usbscan - ok
10:29:37.0774 5072  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:29:37.0774 5072  USBSTOR - ok
10:29:37.0794 5072  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:29:37.0804 5072  usbuhci - ok
10:29:37.0834 5072  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:29:37.0834 5072  usbvideo - ok
10:29:37.0874 5072  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
10:29:37.0874 5072  usb_rndisx - ok
10:29:37.0904 5072  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
10:29:37.0914 5072  UxSms - ok
10:29:37.0964 5072  [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
10:29:37.0964 5072  VAIO Event Service - ok
10:29:38.0034 5072  [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:29:38.0044 5072  VAIO Power Management - ok
10:29:38.0054 5072  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
10:29:38.0064 5072  VaultSvc - ok
10:29:38.0094 5072  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:29:38.0104 5072  vdrvroot - ok
10:29:38.0134 5072  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
10:29:38.0144 5072  vds - ok
10:29:38.0174 5072  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:29:38.0174 5072  vga - ok
10:29:38.0194 5072  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:29:38.0194 5072  VgaSave - ok
10:29:38.0204 5072  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:29:38.0214 5072  vhdmp - ok
10:29:38.0224 5072  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:29:38.0234 5072  viaide - ok
10:29:38.0244 5072  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:29:38.0244 5072  vmbus - ok
10:29:38.0254 5072  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:29:38.0254 5072  VMBusHID - ok
10:29:38.0274 5072  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:29:38.0284 5072  volmgr - ok
10:29:38.0304 5072  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:29:38.0314 5072  volmgrx - ok
10:29:38.0344 5072  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:29:38.0344 5072  volsnap - ok
10:29:38.0384 5072  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:29:38.0384 5072  vsmraid - ok
10:29:38.0464 5072  [ 809E14B31DCB9BA57F700232FB63AB28 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
10:29:38.0484 5072  VSNService - ok
10:29:38.0544 5072  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
10:29:38.0574 5072  VSS - ok
10:29:38.0654 5072  [ F5742637A15179AD47C41855A3BF9415 ] VUAgent         C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
10:29:38.0684 5072  VUAgent - ok
10:29:38.0694 5072  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:29:38.0704 5072  vwifibus - ok
10:29:38.0744 5072  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:29:38.0744 5072  vwififlt - ok
10:29:38.0774 5072  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:29:38.0774 5072  vwifimp - ok
10:29:38.0804 5072  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
10:29:38.0814 5072  W32Time - ok
10:29:38.0834 5072  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:29:38.0844 5072  WacomPen - ok
10:29:38.0864 5072  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:29:38.0874 5072  WANARP - ok
10:29:38.0884 5072  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:29:38.0884 5072  Wanarpv6 - ok
10:29:38.0934 5072  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
10:29:38.0964 5072  wbengine - ok
10:29:38.0984 5072  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:29:38.0994 5072  WbioSrvc - ok
10:29:39.0004 5072  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:29:39.0014 5072  wcncsvc - ok
10:29:39.0034 5072  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:29:39.0034 5072  WcsPlugInService - ok
10:29:39.0064 5072  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
10:29:39.0064 5072  Wd - ok
10:29:39.0094 5072  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:29:39.0104 5072  Wdf01000 - ok
10:29:39.0124 5072  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:29:39.0134 5072  WdiServiceHost - ok
10:29:39.0134 5072  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:29:39.0144 5072  WdiSystemHost - ok
10:29:39.0154 5072  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
10:29:39.0164 5072  WebClient - ok
10:29:39.0184 5072  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:29:39.0194 5072  Wecsvc - ok
10:29:39.0204 5072  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:29:39.0214 5072  wercplsupport - ok
10:29:39.0244 5072  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:29:39.0244 5072  WerSvc - ok
10:29:39.0274 5072  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:29:39.0274 5072  WfpLwf - ok
10:29:39.0284 5072  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:29:39.0294 5072  WIMMount - ok
10:29:39.0304 5072  WinDefend - ok
10:29:39.0314 5072  WinHttpAutoProxySvc - ok
10:29:39.0364 5072  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:29:39.0374 5072  Winmgmt - ok
10:29:39.0444 5072  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
10:29:39.0484 5072  WinRM - ok
10:29:39.0534 5072  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:29:39.0554 5072  Wlansvc - ok
10:29:39.0594 5072  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:29:39.0604 5072  wlcrasvc - ok
10:29:39.0694 5072  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:29:39.0724 5072  wlidsvc - ok
10:29:39.0754 5072  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:29:39.0754 5072  WmiAcpi - ok
10:29:39.0784 5072  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:29:39.0794 5072  wmiApSrv - ok
10:29:39.0804 5072  WMPNetworkSvc - ok
10:29:39.0834 5072  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:29:39.0844 5072  WPCSvc - ok
10:29:39.0854 5072  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:29:39.0854 5072  WPDBusEnum - ok
10:29:39.0874 5072  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:29:39.0884 5072  ws2ifsl - ok
10:29:39.0894 5072  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
10:29:39.0904 5072  wscsvc - ok
10:29:39.0935 5072  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:29:39.0945 5072  WSDPrintDevice - ok
10:29:39.0945 5072  WSearch - ok
10:29:40.0025 5072  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:29:40.0065 5072  wuauserv - ok
10:29:40.0075 5072  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:29:40.0075 5072  WudfPf - ok
10:29:40.0105 5072  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:29:40.0105 5072  WUDFRd - ok
10:29:40.0125 5072  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:29:40.0135 5072  wudfsvc - ok
10:29:40.0145 5072  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:29:40.0155 5072  WwanSvc - ok
10:29:40.0225 5072  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
10:29:40.0245 5072  YahooAUService - ok
10:29:40.0325 5072  [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
10:29:40.0335 5072  ZeroConfigService - ok
10:29:40.0375 5072  ================ Scan global ===============================
10:29:40.0395 5072  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:29:40.0435 5072  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:29:40.0445 5072  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:29:40.0485 5072  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:29:40.0505 5072  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:29:40.0515 5072  [Global] - ok
10:29:40.0515 5072  ================ Scan MBR ==================================
10:29:40.0535 5072  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:29:40.0545 5072  \Device\Harddisk0\DR0 - ok
10:29:40.0545 5072  ================ Scan VBR ==================================
10:29:40.0555 5072  [ E68D8250A89C4CDEAFBF7B9682FD0F86 ] \Device\Harddisk0\DR0\Partition1
10:29:40.0555 5072  \Device\Harddisk0\DR0\Partition1 - ok
10:29:40.0565 5072  [ 31560D38549544902D9210AB0820900A ] \Device\Harddisk0\DR0\Partition2
10:29:40.0575 5072  \Device\Harddisk0\DR0\Partition2 - ok
10:29:40.0585 5072  [ BEC9B7BD8B9524CAA08F3BBBDBE1E987 ] \Device\Harddisk0\DR0\Partition3
10:29:40.0595 5072  \Device\Harddisk0\DR0\Partition3 - ok
10:29:40.0605 5072  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
10:29:40.0605 5072  \Device\Harddisk0\DR0\Partition4 - ok
10:29:40.0615 5072  [ 02EF7F6C4D56F91EC7944FF9BFF0F851 ] \Device\Harddisk0\DR0\Partition5
10:29:40.0625 5072  \Device\Harddisk0\DR0\Partition5 - ok
10:29:40.0645 5072  [ A7E5F208070C8218B020F2830E9A2C48 ] \Device\Harddisk0\DR0\Partition6
10:29:40.0645 5072  \Device\Harddisk0\DR0\Partition6 - ok
10:29:40.0655 5072  ============================================================
10:29:40.0655 5072  Scan finished
10:29:40.0655 5072  ============================================================
10:29:40.0675 1508  Detected object count: 0
10:29:40.0675 1508  Actual detected object count: 0
10:30:31.0994 6024  Deinitialize success
         
Viele Grüße
Jenny
__________________

Alt 19.09.2012, 09:56   #4
Psychotic
/// Malwareteam
 
"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt - Standard

"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt



Schritt 1: Fix mit OTL

  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
:files
C:\ProgramData\uwfezwxkmunvkaf
C:\Users\Jeanne\0.8261581603262712.exe
C:\ProgramData\rwjbclvhyhygvvb
C:\Users\Jeanne\0.8514815910704817.exe
C:\Windows\assembly\Desktop.ini
:COMMANDS
[emptytemp]
[emptyflash]
[emptyjava]
         
  • Schliesse bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread



Schritt 2: MBAM



Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Vollständigen Scan durchführen und drücke auf Scannen.(Hinweis: Alle Festplatten anhaken!
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
Kein Asylrecht für Trojaner!

Proud Member of UNITE

Hinweis: Ich bin nur werktags erreichbar!
Anfragen über PM werden ignoriert!

Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board!

Alt 19.09.2012, 12:48   #5
Nykah
 
"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt - Standard

"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt



Hallo hier die Logs:

OTL:
Code:
ATTFilter
All processes killed
========== FILES ==========
C:\ProgramData\uwfezwxkmunvkaf folder moved successfully.
C:\Users\Jeanne\0.8261581603262712.exe moved successfully.
C:\ProgramData\rwjbclvhyhygvvb moved successfully.
File\Folder C:\Users\Jeanne\0.8514815910704817.exe not found.
C:\Windows\assembly\Desktop.ini moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Jeanne
->Temp folder emptied: 5613543102 bytes
->Temporary Internet Files folder emptied: 107286405 bytes
->Java cache emptied: 998311 bytes
->FireFox cache emptied: 111326133 bytes
->Flash cache emptied: 78051 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9335567 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 183105 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 641 bytes
RecycleBin emptied: 9485435106 bytes
 
Total Files Cleaned = 14.618,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Jeanne
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Jeanne
->Java cache emptied: 0 bytes
 
User: Public
 
Total Java Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.63.0 log created on 09192012_113918

Files\Folders moved on Reboot...
C:\Users\Jeanne\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
und MBAM
Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.19.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jeanne :: JEANNE-VAIO [Administrator]

19.09.2012 11:47:55
mbam-log-2012-09-19 (11-47-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 507610
Laufzeit: 1 Stunde(n), 52 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\Activation\mini-KMS_Auto_Activation_Tool_Office2010_VL_v1.13.exe (PUP.RiskwareTool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\actofvl\KMService.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         


Alt 19.09.2012, 12:54   #6
Psychotic
/// Malwareteam
 
"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt - Standard

"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt



Zitat:
C:\Program Files (x86)\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\Activation\mini-KMS_Auto_Activation_Tool_Office2010_VL_v1.13.exe
C:\Windows\actofvl\KMService.ex



Alleine der Besuch auf Seiten, welche diese Dateien zum Download anbieten, beinhaltet ein hohes Risiko sich zu infizieren.

Wenn Du den Crack startest, startest du eine ausführbare Datei aus einer sehr dubiosen Quelle. Im Quellcode der Datei kann alles mögliche stehen. ( z.B downloaden und ausführen von Malwaredateien )
Dies ist einer der Hauptursachen für Infektionen.

Ausserdem sind Cracks, Keygens, usw. illegal und das ist genauso Diebstahl wie in einem Laden.
Darum haben wir uns darauf geeinigt:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Deshalb beschränkt sich unsere Hilfe für dich auf eine Anleitung zur Neuinstallation und Absicherung des Systems
__________________
--> "Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt

Alt 19.09.2012, 13:26   #7
Nykah
 
"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt - Standard

"Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt



Alles klar, trotzdem viel Dank für die Hilfe!

Antwort

Themen zu "Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt
adobe, avg, avg secure search, bho, bingbar, bonjour, converter, desktop, document, downloader, fehlermeldung, firefox, flash player, format, home, logfile, monitor, mozilla, mp3, ohne abgesicherten modus, problem, programm, realtek, registry, scan, secure search, security, senden, usb 3.0, version., wildtangent games, windows



Ähnliche Themen: "Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt


  1. Mike - "Dieses Programm kann nicht die Webseite anzeigen" Windows XP
    Log-Analyse und Auswertung - 19.01.2013 (8)
  2. "Dieses Programm kann die Webseite nicht anzeigen" Windows 7
    Plagegeister aller Art und deren Bekämpfung - 02.12.2012 (16)
  3. "Dieses Programm kann die Webseite nicht anzeigen" auch bei mir...
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (7)
  4. "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (7)
  5. "Dieses Programm kann die Webseite nicht anzeigen" Windows 7 Professional
    Plagegeister aller Art und deren Bekämpfung - 15.10.2012 (2)
  6. "Dieses Programm kann die Webseite nicht anzeigen" Windows 7
    Plagegeister aller Art und deren Bekämpfung - 11.10.2012 (1)
  7. "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (21)
  8. "Dieses Programm kann die Webseite nicht anzeigen" Windows 7
    Log-Analyse und Auswertung - 03.10.2012 (3)
  9. Virus - "Dieses Programm kann die Webseite nicht anzeigen" - Win 7 32bit
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (7)
  10. Trojaner -Desktop "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (11)
  11. Keinen Zugriff auf Desktop wegen Vollfenster "Dieses Programm kann die Webseite nicht anzeigen"
    Log-Analyse und Auswertung - 10.09.2012 (1)
  12. "Dieses Programm kann die Webseite nicht anzeigen"
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (10)
  13. "Dieses Programm kann nicht die Webseite anzeigen" Windows 7
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (3)
  14. "Dieses Programm kann die Webseite nicht anzeigen"
    Log-Analyse und Auswertung - 20.08.2012 (9)
  15. "Dieses Programm kann nicht die Webseite anzeigen" Virus
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (9)
  16. Trojaner "Dieses Programm kann Webseite nicht anzeigen"
    Log-Analyse und Auswertung - 13.05.2012 (15)
  17. Keinen Zugriff auf Desktop wegen eines Fensters "Dieses Programm kann die Webseite nicht anzeigen"
    Log-Analyse und Auswertung - 14.04.2012 (11)

Zum Thema "Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt - Hallo zusammen, auch ich habe jetzt das Problem mit der Fehlermeldung "Dieses Programm kann die Webseite nicht anzeigen." Der Desktop ist ganz ausgefüllt durch die Meldung, alle Versuche mit Alt+F4 - "Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt...
Archiv
Du betrachtest: "Dieses Programm kann die Webseite nicht anziegen" - Desktop geblockt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.